We present a systematic technique for transforming XACML 3.0 policies in Answer Set Programming (ASP). We show that the resulting logic program has a unique answer set that directly corresponds to our formalisation of the standard semantics of XACML 3.0 from . We demonstrate how our results make it possible to use off-the-shelf ASP solvers to formally verify properties of access control policies represented in XACML, such as checking the completeness of a set of access control policies and verifying policy properties.
Lecture Notes in Computer Science: 22nd International Symposium, Lopstr 2012, Leuven, Belgium, September 18-20, 2012, Revised Selected Papers, 2013, p. 89-105
XACML; Access control; Policy language; Answer Set Programming
Main Research Area:
Lecture Notes in Computer Science
22nd International Symposium on Logic-Based Program Synthesis and Transformation (LOPSTR 2012)Logic-Based Program Synthesis and Transformation