EXAM: a comprehensive environment for the analysis of access control policies


As distributed collaborative applications and architectures are adopting policy-based solutions for tasks such as access control, network security and data privacy, the management and consolidation of a large number of policies is becoming a crucial component of such solutions. In large-scale distributed collaborative applications like web services, there is need for analyzing policy interaction and performing policy integration. In this demonstration, we present EXAM, a comprehensive environment for policy analysis and management, which can be used to perform a variety of functions such as policy property analyses, policy similarity analysis, policy integration.Our work focuses on analysis of access control policies written in XACML (Extensible Access Control Markup Language). We consider XACML policies because XACML is a rich language able to represent many policies of interest to real world applications and is gaining widespread adoption in the industry.


XACML, Policy Analysis

Date of this Version



2008 IEEE Workshop on Policies for Distributed Systems and Networks June 02-June 04