Abstract
Extensible Access Control Markup Language (XACML) is an access control policy language and a processing model which evaluates the access requests according to the rules defined in the policies. XACML is widely used in order to decouple client applications from access decisions. Even though the access decisions and permissions for the resource handling can be hardcoded by the users, these changes are reflected locally. This results in consistency issues when multiple client systems need to use the modified access decisions defined in the policies rather than the original or unchanged policies. In order to handle the resources efficiently and dynamically on the fly, we have provided an extension to XACML in this project. In this project, we will be enhancing an existing language specification for incorporating active rules for XACML based policies which has already been implemented using XACML 2.0 as part of a previous Master’s project. The enhancement includes the design of an XACML 3.0 based policy system in lieu of an XACML 2.0 based implementation to utilize the multitude of XACML 3.0 benefits. This project also includes the active rules for temporal events execution and enabling of an upgraded middleware system prototype which acts as a parser and an event handler to facilitate rule retrievals and executions. A system is designed which incorporates active rules in policies that is implemented in XML and a language model which provides a parser which understands XACML 3.0 language specifications and an event handler for handling the rules defined in the policies and process according to it. The system consists of two interfaces: one for handling active rules and temporal rules, and other interface for handling user queries such as insert, delete and replace operations and scheduling temporal events operations. This XACML 3.0 based policy system will have high precision policy control and provides dynamic integrity constraint management.