XACML2mCRL2 : automatic transformation of XACML policies into mCRL2 specifications

Arshad, Hamed and Horne, Ross and Johansen, Christian and Owe, Olaf and Willemse, Tim A.C. (2024) XACML2mCRL2 : automatic transformation of XACML policies into mCRL2 specifications. Science of Computer Programming, 232. 103046. ISSN 0167-6423 (https://doi.org/10.1016/j.scico.2023.103046)

[thumbnail of Arshad-etal-SCP-2023-XACML2mCRL2-automatic-transformation-of-XACML-policies-into-mCRL2-specifications]
Preview
 Text. Filename: Arshad-etal-SCP-2023-XACML2mCRL2-automatic-transformation-of-XACML-policies-into-mCRL2-specifications.pdf
Final Published Version
License: Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 logo
Download (1MB)| Preview

Abstract

The eXtensible Access Control Markup Language (XACML) is a popular OASIS standard for the specification of fine-grained access control policies. However, the standard does not provide a proper solution for the verification of XACML access control policies before their deployment. The first step for the formal verification of XACML policies is to formally specify such policies. Hence, this paper presents XACML2mCRL2, a tool for the automatic translation of XACML access control policies into mCRL2. The mCRL2 specifications generated by our tool can be used for formal verification of important properties of access control policies, such as completeness or inconsistency, using the well-known mCRL2 toolset.

CORE (COnnecting REpositories)