XACBench: a XACML policy benchmark
XACML standard defines a declarative language to determine access control policies which are critical for deploying security solutions. It is important to evaluate the performance of policies defined by XACML, for applications such as policy enforcement efficiency, policy refinement, anomaly detecti...
Gespeichert in:
Veröffentlicht in: | Soft computing (Berlin, Germany) Germany), 2020-11, Vol.24 (21), p.16081-16096 |
---|---|
Hauptverfasser: | , , |
Format: | Artikel |
Sprache: | eng |
Schlagworte: | |
Online-Zugang: | Volltext |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
Zusammenfassung: | XACML standard defines a declarative language to determine access control policies which are critical for deploying security solutions. It is important to evaluate the performance of policies defined by XACML, for applications such as policy enforcement efficiency, policy refinement, anomaly detection, conflict resolution, and policy similarity assessment. Due to security and confidentiality reasons, at hands policy sets for such evaluations are very rare. Moreover, these policy sets are created gradually, thus access to large and effective policy sets in a short time is challenging and daunting task. In this paper, we present XACBench, a suite of tools for both generating synthetic XACML policies and benchmarking the policy evaluation algorithms. To this end, XACBench first extracts, models and generalizes some statistical properties of an input policy which is called policy profile. Such profile helps generating policies in a way that accurately simulates the statistic properties of the input policy. XACBench then generates synthetic policies of any desired length based on the profile. It also provides a simple mechanism for controlling the correlation between the generated policies and the input policy with respect to the extracted policy profile. Experimental results demonstrate that our approach is efficient and scalable to various policy lengths as well as input policies. |
---|---|
ISSN: | 1432-7643 1433-7479 |
DOI: | 10.1007/s00500-020-04925-5 |