A Rewriting System for the Assessment of XACML Policies Relationship (1605.05887v3)

Abstract: We propose in this paper a new approach to assess the relationship between XACML policies. Our approach spans over three steps. In the first one, the XACML policies are mapped to terms of a boolean ring while taking into account XACML policy and rule combining algorithms. In the second step, the relationship problem between XACML policies is transformed into a validity problem in a boolean ring. In the third step, the validity problem is resolved using a dedicated rewriting system. The convergence of the rewriting system is proved in this paper. Moreover, the approach is implemented and its performance is evaluated. The results show that our approach enjoys better performance and memory cost than the best so far published SMT based approach.