Download PDFOpen PDF in browserXACML Implementation Based on Graph Databases10 pages•Published: March 13, 2019AbstractExtensible Access Control Markup Language (XACML) is an OASIS standard for security policy specification. It consists of a policy language to define security authorizations and an access control decision language for requests and responses. The high-level policy specification is independent of underlying implementation. Different from existing approaches, this research uses a graph database for XACML implementation. Once a policy is specified, it will be parsed and the parsing results will be processed by eliminating duplicates and resolving conflicts. The final results are saved as graphs in the persistent storage. When a XACML request is submitted, the request is processed as a query to the graph database. Based on this query result, a XACML response will be produced to permit or deny the user’s request. This paper describes the architecture, implementation details, and conflict resolution strategies of our system to implement XACML.Keyphrases: conflict resolution, eXtensible Access Control Markup Language, Graph Database System In: Gordon Lee and Ying Jin (editors). Proceedings of 34th International Conference on Computers and Their Applications, vol 58, pages 65--74
|
