Skip to Main content Skip to Navigation
Conference papers

AAL and Static Conflict Detection in Policy

Jean-Claude Royer 1, 2, 3 Anderson Santana de Oliveira 4
2 ASCOLA - Aspect and composition languages
Inria Rennes – Bretagne Atlantique , Département informatique - EMN, LINA - Laboratoire d'Informatique de Nantes Atlantique
Abstract : Security and privacy requirements in ubiquitous systems need a sophisticated policy language with features to express access restrictions and obligations. Ubiquitous systems involve multiple actors owning sensitive data concerning aspects such as location, discrete and continuous time, multiple roles that can be shared among actors or evolve over time. Policy consistency is an important problem in languages supporting these aspects. In this paper we present an abstract language (AAL) to specify most of these security and privacy features and compare it with XACML. We also classified the existing conflict detection mechanisms for XACML in dynamic, testing, or static detection. A thorough analysis of these mechanisms reveals that they have several weaknesses and they are not applicable in our context. We advocate for a classic approach using the notion of logical consistency to detect conflicts in AAL.
Complete list of metadatas
Contributor : Jean-Claude Royer <>
Submitted on : Monday, November 14, 2016 - 1:29:48 PM
Last modification on : Wednesday, January 15, 2020 - 4:52:01 PM



Jean-Claude Royer, Anderson Santana de Oliveira. AAL and Static Conflict Detection in Policy. 15th International Conference on Cryptology and Network Security, Nov 2016, Milan, Italy. pp.362-382, ⟨10.1007/978-3-319-48965-0_22⟩. ⟨hal-01396376⟩



Record views