About

Log in?

DTU users get better search results including licensed content and discounts on order fees.

Anyone can log in and get personalized features such as favorites, tags and feeds.

Log in as DTU user Log in as non-DTU user No thanks

DTU Findit
Boolean: (bicycle AND helmet) OR (head AND protection) (always group AND in parenthesis)
Title: title:(climate change)
Author: author:("bohr niels" OR "bohr n") (avoid only full first name)
Phrase: "water pump control" (does not work with wildcards)
Wildcards: wom?n pharm*

More help on how to search

Flexible matching

About search syntax

Search syntax Advanced
Close advanced
{{problem}}
By field Using AND/OR By author
This tool can help you build boolean queries suitable for doing a broad search for different synonyms or spellings of each word. Start via the drop-down below or just start typing in the search field.
{{ row.typeTitle }}: ( )

Since our index often lack the full first name of people it can be difficult to correctly search by author.

Fill in the fields and let us help you build a good query:

If you need to find everything possible, consider only searching by last name.

Use "Starting year" to ignore publications out of year range.

More...

PhD Thesis

Modelling and Analysing Access Control Policies in XACML 3.0

By Ramli, Carroline Dewi Puspa Kencana1,2

From

Department of Applied Mathematics and Computer Science, Technical University of Denmark1

Language-Based Technology, Department of Applied Mathematics and Computer Science, Technical University of Denmark2

XACML (eXtensible Access Control Markup Language) is a prominent access control language that is widely adopted both in industry and academia. XACML is an international standard in the field of information security. The problem with XACML is that its specification is described in natural language (c.f.

GM03,Mos05,Ris13) and manual analysis of the overall effect and consequences of a large XACML policy set is a very daunting and time-consuming task. In this thesis we address the problem of understanding the semantics of access control policy language XACML, in particular XACML version 3.0. The main focus of this thesis is modelling and analysing access control policies in XACML 3.0.

There are two main contributions in this thesis. First, we study and formalise XACML 3.0, in particular the Policy Decision Point (PDP). The concrete syntax of XACML is based on the XML format, while its standard semantics is described normatively using natural language. The use of English text in standardisation leads to the risk of misinterpretation and ambiguity.

In order to avoid this drawback, we define an abstract syntax of XACML 3.0 and a formal XACML semantics. Second, we propose a logic-based XACML analysis framework using Answer Set Programming (ASP). With ASP we model an XACML PDP that loads XACML policies and evaluates XACML requests against these policies.

The expressivity of ASP and the existence of efficient implementations of the answer set semantics provide the means for declarative specification and verification of properties of XACML policies. Overall, we focus into two different area. The first part focuses on the access control language. More specifically our focus is on the understanding XACML 3.0.

The second part focuses on how we use Logic Programming (LP) to model access control policies. We show that there is a relation between XACML and LP through their semantics. We close the thesis by presenting applications in analysing access control properties and a case study. These applications show that these two approaches (AC paradigm and LP paradigm) can be combined together.

We close the thesis by presenting applications in analysing access control properties and a case study. We present access control security policies in a Smart Grid from Smart Meter perspective.

Language: English
Publisher: Technical University of Denmark
Year: 2015
Series: Dtu Compute Phd-2015
Types: PhD Thesis
Keywords

Access Control Policies Answer Set Programming Composition Policies Control Systems IT Security Logic Programming SDG 7 - Affordable and Clean Energy Smart Grid Smart Meter XACML

DTU users get better search results including licensed content and discounts on order fees.

Log in as DTU user

Access

Analysis