EXAM: An environment for access control policy analysis and management

Abstract

As distributed collaborative applications and architectures are adopting policy-based solutions for tasks such as access control, network security and data privacy, the management and consolidation of a large number of policies is becoming a crucial component of such solutions. In large-scale distributed collaborative applications like web services, there is need for analyzing policy interaction and performing policy integration. In this demonstration, we present EXAM, a comprehensive environment for policy analysis and management, which can be used to perform a variety of functions such as policy property analyses, policy similarity analysis, policy integration. Our work focuses on analysis of access control policies written in XACML (Extensible Access Control Markup Language) [5]. We consider XACML policies because XACML is a rich language able to represent many policies of interest to real world applications and is gaining widespread adoption in the industry. © 2008 IEEE.