While the standard language XACML is very expressive for specifying fine-grained access control policies, defects can get into XACML policies for various reasons, such as misunderstanding of access control requirements, omissions, and coding errors. These defects may result in unauthorized accesses, escalation of privileges, and denial of service. Therefore, quality assurance of XACML policies for real-world information systems has become an important issue. To address this issue, this paper presents a family of coverage criteria for XACML policies, such as rule coverage, rule pair coverage, decision coverage, and Modified Condition/Decision Coverage (MC/DC). To demonstrate the assurance levels of these coverage criteria, we have developed ...
Access control policies in distributed systems, particularly implemented in the XACML standard langu...
With lot of hype surrounding policy-based computing, XACML (eXtensible Access Control Markup Languag...
This paper presents XPA (XACML Policy Analyzer), an open source IDE (Integrated Development Environm...
While the standard language XACML is very expressive for specifying fine-grained access control poli...
With the continually increasing complexity of software and an increasing need for secure software th...
XACML is the de facto standard for implementing access control policies. Testing the correctness of ...
Access control policies written in the XACML standard language tend to be complex due to the great v...
There exist various testing methods for XACML policies which vary in their overall fault detection a...
With the increasing complexity of software, new access control methods have emerged to deal with att...
With the increasing complexity of software, new access control methods have emerged to deal with att...
Security services are provided through: The applications, operating systems, databases, and the netw...
Abstract. Web-based software systems are increasingly used for accessing and manipulating sensitive ...
Context: In modern pervasive applications, it is important to validate access control mechanisms tha...
Many Web applications enhance their security via access-control systems. XACML is a standardized pol...
In access control systems, aimed at regulating the accesses to protected data and resources, a criti...
Access control policies in distributed systems, particularly implemented in the XACML standard langu...
With lot of hype surrounding policy-based computing, XACML (eXtensible Access Control Markup Languag...
This paper presents XPA (XACML Policy Analyzer), an open source IDE (Integrated Development Environm...
While the standard language XACML is very expressive for specifying fine-grained access control poli...
With the continually increasing complexity of software and an increasing need for secure software th...
XACML is the de facto standard for implementing access control policies. Testing the correctness of ...
Access control policies written in the XACML standard language tend to be complex due to the great v...
There exist various testing methods for XACML policies which vary in their overall fault detection a...
With the increasing complexity of software, new access control methods have emerged to deal with att...
With the increasing complexity of software, new access control methods have emerged to deal with att...
Security services are provided through: The applications, operating systems, databases, and the netw...
Abstract. Web-based software systems are increasingly used for accessing and manipulating sensitive ...
Context: In modern pervasive applications, it is important to validate access control mechanisms tha...
Many Web applications enhance their security via access-control systems. XACML is a standardized pol...
In access control systems, aimed at regulating the accesses to protected data and resources, a criti...
Access control policies in distributed systems, particularly implemented in the XACML standard langu...
With lot of hype surrounding policy-based computing, XACML (eXtensible Access Control Markup Languag...
This paper presents XPA (XACML Policy Analyzer), an open source IDE (Integrated Development Environm...