Performance evaluation of XACML PDP implementations
暂无分享,去创建一个
eXtensible Access Control Markup Language (XACML), an OASIS standard, is the most widely used policy specifica- tion language for access control. Its simplicity in syntax and strength in coverage makes it suitable for diverse en- vironments such as Service Oriented Architectures (SOAs) and P2P systems. There are different implementations of XACML available. Some of these implementations are open source and some others are proprietary. In this work we intended to shed some lights to the performance issues of XACML engines. We tested 3 open source XACML implementations with different policy/request settings. Our experiments revealed some important points to be taken into consideration when deploying an XACML based access control system. Besides, our results can be used as hints by policy writers and system developers for deploying efficient authorization services.
[1] Tao Xie,et al. Multiple-implementation testing for XACML implementations , 2008, TAV-WEB '08.
[2] Tao Xie,et al. Xengine: a fast and scalable XACML policy evaluation engine , 2008, SIGMETRICS '08.
[3] Elisa Bertino,et al. P-Hera: scalable fine-grained access control for P2P infrastructures , 2005, 11th International Conference on Parallel and Distributed Systems (ICPADS'05).
[4] Jorge Lobo,et al. An approach to evaluate policy similarity , 2007, SACMAT '07.