Extensible access control markup language integrated with Semantic Web technologies

Abstract

The eXtensible Access Control Markup Language (XACML) is a standard language for expressing access control policies. The concept of authorization policy has been introduced in XACML-based Web security systems to reduce policy conflicts, enhance policy reusability, simplify policy analysis, and facilitate interoperability. Achieving these goals requires intelligent dynamic authorization. Unfortunately, conventional XACML lacks the computer interpretability needed to support knowledge representation. This study addresses the issue by defining a Multi-layer Semantic XACML Framework (MSACF) for integrating Semantic Web technologies in XACML. Based on the MSACF, this study also develops LAPAR, an intelligent XACML shell consisting of an Ontology Base, an XML-Based Repository, and an Inference Engine to enable different approaches for enhancing knowledge representations. The feasibility of LAPAR is confirmed in a prototype java-based implementation that can be associated with various domain ontologies and knowledge to enable dynamic authorization for different security applications.