# An Algebra for Fine-Grained Integration of XACML Policies

Collaborative and distributed applications, such as dynamic coalitions
and virtualized grid computing, often require integrating access
control policies of collaborating parties. Such an integration
must be able to support complex authorization specifications and
the fine-grained integration requirements that the various parties
may have. In this paper, we introduce an algebra for fine-grained
integration of sophisticated policies. The algebra, which consists
of three binary and two unary operations, is able to support the
specification of a large variety of integration constraints. To assess
the expressive power of our algebra, we introduce a notion of
completeness and prove that our algebra is complete with respect
to this notion. We then propose a framework that uses the algebra
for the fine-grained integration of policies expressed in XACML.
We also present a methodology for generating the actual integrated
XACML policy, based on the notion of Multi-Terminal Binary Decision
Diagrams.

Date: June 30, 2009

Type: Article

Edition: 14th

Chapter: ACM

Publisher: Symposium on Access control models and technologies (SACMAT 2009),

Address: Stresa, Italy

Downloads: 663

## Has 1 soft copy

size 517466 bytes ## Bibtex

@Article{An_Algebra_for_Fine_Grained_Integration_,

author = "Jorge Lobo and Ninghui Li and Elisa Bertino and Dan Lin and Prathima Rao",

title = "{An Algebra for Fine-Grained Integration of XACML Policies}",

month = "June",

year = "2009",

edition = "14th",

chapter = "ACM",

address = ", Stresa, Italy",

publisher = "Symposium on Access control models and technologies (SACMAT 2009),",

}