Title | ||
---|---|---|
An Extension of XACML to Improve the Performance of Decision Making Processes When Dealing with Stable Conditions |
Abstract | ||
---|---|---|
XACML (eXtensible Access Control Markup Language) is an XML-based language for access control that has been standardized by OASIS. In this language, any entities involved in access control (i.e. users, resources, actions and environment) are specified by a set of attributes. This specification also includes the description of an architecture that explains how the policy decision point (PDP) retrieves the needed attributes values when it evaluates the policy to take its authorization decision. In this paper, we show that retrieving attributes values using a synchronous method as it is stated in XACML specification can be a bottleneck to the performance of the authorization decision making process. Especially, it is true when getting an attribute value is long and when the changing of this value doesn't impact the policy result frequently. Thus, we propose an improvement of the XACML architecture. It uses an asynchronous approach that accelerates the decision making process when PDP deals with expressions that include such attributes. Experimental results prove the performance is improved. |
Year | DOI | Venue |
---|---|---|
2008 | 10.1007/978-3-540-88708-9_2 | Communications in Computer and Information Science |
Keywords | Field | DocType |
XACML,Policy based Management,Access Control | Asynchronous communication,Bottleneck,XML,Policy-based management,Computer science,XACML,Access control,Database,Decision-making,Markup language | Conference |
Volume | ISSN | Citations |
18 | 1865-0929 | 1 |
PageRank | References | Authors |
0.38 | 10 | 2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Romain Laborde | 1 | 162 | 28.88 |
Thierry Desprats | 2 | 71 | 16.66 |