Formalizing XACML Using Defeasible Description Logics
نویسندگان
چکیده
XACML has emerged as a popular access control language on the Web, but because of its rich expressiveness, it has proved difficult to analyze in an automated fashion. Previous attempts to analyze XACML policies either use propositional logic or full First-Order logic. In this paper, we present a formalization of XACML using Description Logics (DL) . This formalization allows us to extend the subset of XACML supported by propositional logic-based analysis tools, and in addition we provide a new analysis service (policy redundancy).In addition, mapping XACML to description logics allows us to use off-the-shelf DL reasoners for XACML analysis tasks such as policy comparison, policy verification and querying. We provide empirical evaluation of a policy analysis tool that was implemented on top of open source reasoner Pellet.
منابع مشابه
A Neo-Topological Approach to Reasoning on Ontologies with Exceptions and Comparison with Defeasible Description Logics
This article compares Defeasible Description Logics (DDL) and Topological Approach to reason on Ontologies with exceptions. DDL is integration between Description Logics and Defeasible Logics to deal with monotonic and non-monotonic parts of the knowledge bases respectively. Topological approach tries to reason on inconsistent knowledge bases using the conventional topological operators e.g., i...
متن کاملTowards Practical Defeasible Reasoning for Description Logics
The formalisation of defeasible reasoning in automated systems is becoming increasingly important. Description Logics (DLs) are nowadays the main logical formalism in the field of formal ontologies. Our focus in this paper is to devise a practical implementation for prior work that formalises a version of Rational Closure (an important type of defeasible reasoning) for DLs. We show that the con...
متن کاملDefeasible Description Logics
We propose to extend description logic with defeasible rules, and to use the inferential mechanism of defeasible logic to reason with description logic constructors.
متن کاملMaking Quantification Relevant Again
Defeasible Description Logics (DDLs) extend Description Logics with defeasible concept inclusions. Reasoning in DDLs often employs rational or relevant closure according to the (propositional) KLM postulates. If in DDLs with quantification a defeasible subsumption relationship holds between concepts, this relationship might also hold if these concepts appear in existential restrictions. Such ne...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2006