With the increasing complexity of software, new access control methods have emerged to deal with attribute-based authorization. As a standard language for specifying attribute-based access control policies, XACML offers a number of rule and policy combining algorithms to meet different needs of policy composition. Due to their variety and complexity, however, it is not uncommon to apply combining algorithms incorrectly, which can lead to unauthorized access or denial of service. To solve this problem, this paper presents a fault-based testing approach for revealing incorrect combining algorithms in XACML 3.0 policies. The theoretical foundation of this approach relies on the formalization of semantic differences between rule combining algor...
\u3cp\u3eThe eXtensible Access Control Markup Language (XACML) has attracted significant attention f...
Many access control policy languages, e.g., XACML, allow a policy to contain multiple sub-policies, ...
Many access control policy languages, e.g., XACML, allow a policy to contain multiple sub-policies, ...
With the increasing complexity of software, new access control methods have emerged to deal with att...
With the increasing complexity of software, new access control methods have emerged to deal with att...
XACML is a standard language for specifying attribute-based access control policies of computer and ...
With the continually increasing complexity of software and an increasing need for secure software th...
The goal of this thesis is to find provably correct methods for detecting conflicts between XACML ru...
While the standard language XACML is very expressive for specifying fine-grained access control poli...
Access control policies written in the XACML standard language tend to be complex due to the great v...
Abstract. Web-based software systems are increasingly used for accessing and manipulating sensitive ...
As a new generation access control method, Attribute-Based Access Control (ABAC) has gained increasi...
Abstract—Emerging computing technologies such as Web services, service-oriented architecture, and cl...
With lot of hype surrounding policy-based computing, XACML (eXtensible Access Control Markup Languag...
XACML is the OASIS standard language for the specification of authorization and entitlement policies...
\u3cp\u3eThe eXtensible Access Control Markup Language (XACML) has attracted significant attention f...
Many access control policy languages, e.g., XACML, allow a policy to contain multiple sub-policies, ...
Many access control policy languages, e.g., XACML, allow a policy to contain multiple sub-policies, ...
With the increasing complexity of software, new access control methods have emerged to deal with att...
With the increasing complexity of software, new access control methods have emerged to deal with att...
XACML is a standard language for specifying attribute-based access control policies of computer and ...
With the continually increasing complexity of software and an increasing need for secure software th...
The goal of this thesis is to find provably correct methods for detecting conflicts between XACML ru...
While the standard language XACML is very expressive for specifying fine-grained access control poli...
Access control policies written in the XACML standard language tend to be complex due to the great v...
Abstract. Web-based software systems are increasingly used for accessing and manipulating sensitive ...
As a new generation access control method, Attribute-Based Access Control (ABAC) has gained increasi...
Abstract—Emerging computing technologies such as Web services, service-oriented architecture, and cl...
With lot of hype surrounding policy-based computing, XACML (eXtensible Access Control Markup Languag...
XACML is the OASIS standard language for the specification of authorization and entitlement policies...
\u3cp\u3eThe eXtensible Access Control Markup Language (XACML) has attracted significant attention f...
Many access control policy languages, e.g., XACML, allow a policy to contain multiple sub-policies, ...
Many access control policy languages, e.g., XACML, allow a policy to contain multiple sub-policies, ...