Conformance Testing of Balana: An Open Source Implementation of the XACML3.0 Standard

Authors

Sung-Ju Fan Chiang, Boise State University
Daniel W. Chen, University of Chicago
Dianxiang Xu, Boise State UniversityFollow

Document Type

Conference Proceeding

Publication Date

2016

DOI

https://doi.org/10.18293/SEKE2016-082

Abstract

As a new generation access control method, Attribute-Based Access Control (ABAC) has gained increasing attention. Currently, Balana is the only open-source implementations of XACML 3.0, which is an OASIS standard for specifying ABAC. Considering that XACML is much more complex than traditional access control models, conformance testing of any XACML implementation is an important problem. Using a non-conformance implementation may lead to misunderstanding of access decisions or even security violations. This paper presents an approach to conformance testing of Balana, focusing on the main elements of the XACML3.0 language, such as targets, rules, policies, and policy sets. In particular, we have thoroughly tested the key rule combining algorithms in policies and policy combining algorithms in policy sets. This has revealed several conformance issues.

Publication Information

Fan Chiang, Sung-Ju; Chen, Daniel W.; and Xu, Dianxiang. (2016). "Conformance Testing of Balana: An Open Source Implementation of the XACML3.0 Standard". Proceedings of the International Conference on Software Engineering and Knowledge Engineering, SEKE, .