An algebra for integration and analysis of Ponder2 policies

Abstract

Traditional policies often focus on access control requirement and there have been several proposals to define access control policy algebras to handle their compositions. Recently, obligations are increasingly being expressed as part of security policies. However, the compositions and interactions between these two have not yet been studied adequately. In this paper, we propose an algebra capturing both authorization and obligation policies. The algebra consists of two policy constants and six basic operations. It provides language independent mechanisms to manage policies. As a concrete example, we instantiate the algebra for the Ponder2 policy language. © 2008 IEEE.