A comprehensive presentation to XACML

XACML is an XML-based language for access control that has been standardized by OASIS (Organization for the Advancement of Structured Information Standards). XACML describes both an access control policy language that are ABAC and an access control decisions (request/response) language. Although XACML is recognized as a precise and complete policy description method, the structure of an XACML policy is complex and users need to understand XACML well and writes down the verbose policy all by hand, which make XACML difficult to master and use. In this paper, we present a comprehensive description of XACML to support the future research and development work.

[1]  Kai Chen,et al.  An XACML Policy Generating Method Based on Policy View , 2008, 2008 Third International Conference on Pervasive Computing and Applications.

[2]  Azzam Mourad,et al.  Toward an abstract language on top of XACML for web services security , 2011, 2011 International Conference for Internet Technology and Secured Transactions.

[3]  Blake Dournaee,et al.  XML Security , 2002 .

[4]  George Hsieh,et al.  Supporting Secure Embedded Access Control Policy with XACML+XML Security , 2010, 2010 5th International Conference on Future Information Technology.

[5]  Christopher Alm,et al.  Translating High-Level Authorization Constraints to XACML , 2010, 2010 6th World Congress on Services.

[6]  Cataldo Basile,et al.  Modern Standard-based Access Control in Network Services: XACML in action , 2008 .