Visualization for Access Control Policy Analysis Results Using Multi-level Grids


The rapid increase in deployment of policy-based access control systems faces security administrators with the daunting task of managing a large number of complex access control policies. Several policy analysis types, (e.g., policy similarity, policy conflict and change-impact) have been proposed to help administrators maintain consistent and conflict-free policy repositories. However, there has not been much focus on the presentation and the ensuing interpretation of the results of such analyses, which greatly undermines the usability factor. In this paper, we present a novel multi-level grid-based technique for visualizing results of policy analysis. We implemented this technique, and we present a sample policy similarity analysis scenario that highlights the advantages of the proposed result visualization method.


Access Control, Policy Visualization, XACML

Date of this Version



2009 IEEE International Symposium on Policies for Distributed Systems and Networks, London, UK July 20-July 22