Synonyms
Authorization policy languages
Definition
An access control policy language is a particular set of grammar, syntax rules (logical and mathematical), and operators which provides an abstraction-layer for access control policy specifications. Such languages combine individual rules into a single policy set, which is the basis for (user/subject) authorization decisions on accessing content (object) stored in various information resources. The operators of an access control policy language are used on attributes of the subject, resource (object), and their underlying application framework to facilitate identifying the policy that (most appropriately) applies to a given action.
Historical Background
The evolution of access control policy languages is inline with the evolving large-scale highly distributed information systems and the Internet, which turned the tasks of authorizing and controlling of accessing on a global enterprise (or on Internet) framework increasingly challenging...
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Recommended Reading
Stoupa K, Vakali A. Policies for web security services, chapter III. In: Ferrari E, Thuraisingham B, editors. Web and information security. Hershey: Idea-Group Publishing; 2006.
Vuong NN, Smith GS, Deng Y. Managing security policies in a distributed environment using eXtensible markup language (XML). In: Proceedings of the 16th ACM Symposium on Applied Computing; 2001. p. 405–11.
Alm C, Wolf R, Posegga J. The OPL access control policy language. In: Fischer-H¨ubner S, et al., editors. TrustBus 2009, LNCS 5695. Berlin/Heidelberg: Springer; 2009. p. 138–48.
Bertino E, Castano S, Ferrari E. On specifying security policies for web documents with an XML-based language. In: Proceedings of the 6th ACM Symposium on Access Control Models and Technologies; 2001. p. 57–65.
Bertino E, Castano S, Ferrari E. Securing XML documents with author-X. IEEE Internet Comput. 2001;5(3):21–31.
Damiani E, De Capitani di Vimercati S, Paraboschi S, Samarati P. Design and implementation of an access control processor for XML documents. In: Proceedings of the 9th International World Wide Web Conference; 2000. p. 59–75.
He H, Wong RK. A role-based access control model for XML repositories. In: Proceedings of the 1st International Conference on Web Information Systems Engineering; 2000. p. 138–45.
Stoupa K. Access control techniques in distributed systems and the Internet. Ph.D. Thesis, Aristotle University, Department of Informatics; 2007.
Fong PWL. Relationship-based access control: protection model and policy language. In: Proceedings of the 1st ACM Conference on Data and Application Security and Privacy; 2011. p. 191–202.
Rachapalli J, Khadilkar V, Kantarcioglu M, Thuraisingham B. Redaction based RDF access control language. In: Proceedings of the 19th ACM Symposium on Access Control Models and Technologies; 2014. p. 177–80.
Qi N, Kud M. Access control policy languages in XML, applications and trends. Springer Science+Business Media, LLC; 2008. p. 55–71.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Section Editor information
Rights and permissions
Copyright information
© 2018 Springer Science+Business Media, LLC, part of Springer Nature
About this entry
Cite this entry
Vakali, A. (2018). Access Control Policy Languages. In: Liu, L., Özsu, M.T. (eds) Encyclopedia of Database Systems. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-8265-9_5
Download citation
DOI: https://doi.org/10.1007/978-1-4614-8265-9_5
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4614-8266-6
Online ISBN: 978-1-4614-8265-9
eBook Packages: Computer ScienceReference Module Computer Science and Engineering