Formal specification and integration of distributed security policies

摘要

We propose in this paper the Security Policy Language (SePL), which is a formal language for capturing and integrating distributed security policies. The syntax of SePL includes several operators for the integration of policies and it is endowed with a denotational semantics that is a generic semantics, i.e., which is independent of any evaluation environment. We prove the completeness of SePL with respect to set theory. Furthermore, we provide a formalization of a large subset of the extensible Access Control Markup Language (XACML), which is the well-known standard informal specification language of Web security policies. We also provide a semantics for XACML policy combining algorithms. (C) 2016 Elsevier Ltd. All rights reserved.