Abstract
In this paper we evaluate experimentally the performance of JACPoL, a previously introduced JSON-based access control policy language. The results show that JACPoL requires much less processing time and memory space than XACML by testing generic families of policies expressed in both languages.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Clarkson, M.R., Schneider, F.B.: Hyperproperties. J. Comput. Secur. 18, 1157–1210 (2010)
Yavatkar, R., Pendarakis, D., Guerin, R.: A Framework for Policy-based Admission Control. IETF, RFC 2753, January 2000
Borders, K., Zhao, X., Prakash, A.: CPOL: high-performance policy evaluation. In: The 12th ACM Conference on Computer and Communications Security. ACM (2005)
Ashley, P., Hada, S., Karjoth, G., Powers, C., Schunter, M.: Enterprise privacy authorization language (EPAL). IBM Research, March 2003
Bhatti, R., Ghafoor, A., Bertino, E., Joshi, J.B.: X-GTRBAC: an XML-based policy specification framework and architecture for enterprise-wide access control. ACM Trans. Inf. Syst. Secur. (TISSEC) 8(2), 187–227 (2005)
OASIS XACML Technical Committee: eXtensible access control markup language (XACML) Version 3.0. Oasis Standard, OASIS (2013). http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.html. Last accessed 17 May 2017
Crampton, J., Morisset, C.: PTaCL: a language for attribute-based access control in open systems. In: Degano, P., Guttman, J.D. (eds.) POST 2012. LNCS, vol. 7215, pp. 390–409. Springer, Heidelberg (2012). doi:10.1007/978-3-642-28641-4_21
Crockford, D.: JSON — The fat-free alternative to XML (vol. 2006). http://www.json.org/fatfree.html. Last accessed 17 May 2017
El-Aziz, A.A., Kannan, A.: JSON encryption. In: 2014 International Conference on Computer Communication and Informatics (ICCCI). IEEE (2014)
Griffin, L., Butler, B., de Leastar, E., Jennings, B., Botvich, D.: On the performance of access control policy evaluation. In: 2012 IEEE International Symposium on Policies for Distributed Systems and Networks (POLICY), pp. 25–32. IEEE (2012)
W3schools: JSON vs. XML. www.w3schools.com/js/js_json_xml.asp. Last accessed 24 May 2017
Brossard, D.: JSON Profile of XACML 3.0 Version 1.0. XACML Committee Specification 01, 11 December 2014. http://docs.oasis-open.org/xacml/xacml-json-http/v1.0/cs01/xacml-json-http-v1.0-cs01.pdf. Last accessed 26 May 2017
Steven, D., Bernard, B., Leigh, G.: JSON-encoded ABAC (XACML) policies. FAME project of Waterford Institute of Technology. Presentation to OASIS XACML TC concerning JSON-encoded XACML policies, 30 May 2013
Amazon Web Services: AWS Identity and Access Management (IAM) User Guide. http://docs.aws.amazon.com/IAM/latest/UserGuide/introduction.html. Last accessed 27 May 2017
Jiang, H., Bouabdallah, A.: JACPoL: a simple but expressive JSON-based access control policy language. In: The 11th WISTP International Conference on Information Security Theory and Practice (WISTP 2017), 28–29 September 2017, Heraklion, Crete, Greece. Springer (2017, to appear)
ECMA International: ECMA-404 The JSON Data Interchange Standard. http://www.json.org/. Last accessed 27 May 2017
Ferraiolo, D.F., Kuhn, D.R.: Role-based Access Controls, 12 March 2009. arXiv preprint: arXiv:0903.2171
Obrsta, L., McCandlessb, D., Ferrella, D.: Fast semantic attribute-role-based access control (ARBAC) in a collaborative environment. In: 2012 8th International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), Pittsburgh, PA, USA, 14–17 October 2012
Jin, X., Sandhu, R., Krishnan, R.: RABAC: role-centric attribute-based access control. In: Kotenko, I., Skormin, V. (eds.) MMM-ACNS 2012. LNCS, vol. 7531, pp. 84–96. Springer, Heidelberg (2012). doi:10.1007/978-3-642-33704-8_8
David, F., et al.: Extensible access control markup language (XACML) and next generation access control (NGAC). In: Proceedings of the 2016 ACM International Workshop on Attribute Based Access Control. ACM (2016)
Acknowledgement
We acknowledge the reviewers of C&TC’17 for their constructive comments.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Jiang, H., Bouabdallah, A. (2017). Towards a JSON-Based Fast Policy Evaluation Framework. In: Panetto, H., et al. On the Move to Meaningful Internet Systems. OTM 2017 Conferences. OTM 2017. Lecture Notes in Computer Science(), vol 10574. Springer, Cham. https://doi.org/10.1007/978-3-319-69459-7_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-69459-7_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-69458-0
Online ISBN: 978-3-319-69459-7
eBook Packages: Computer ScienceComputer Science (R0)