Affiliation:
1. New H3C Technologies Co. Ltd., China
2. IMT Atlantique, France
Abstract
Along with the rapid development of ICT technologies, new areas like Industry 4.0, IoT, and 5G have emerged and brought out the need for protecting shared resources and services under time-critical and energy-constrained scenarios with real-time policy-based access control. To achieve this, the policy language needs to be very expressive but lightweight and efficient. These challenges are investigated and a set of key requirements for such a policy language is identified. JACPoL is accordingly introduced as a descriptive, scalable, and expressive policy language in JSON. JACPoL by design provides a flexible and fine-grained ABAC style (attribute-based access control) while it can be easily tailored to express other access control models. The design and implementation of JACPoL are illustrated together with its evaluation in comparison with other existing policy languages. The result shows that JACPoL can be as expressive as existing ones but more simple, scalable, and efficient. The performance evaluation shows that JACPoL requires much less processing time and memory space than XACML.
Reference34 articles.
1. W3schools. (n.d.). JSON vs XML. Retrieved from www.w3schools.com/js/js_json_xml.asp
2. Amazon Web Services. (n.d.). AWS Identity and Access Management(IAM) User Guide. Retrieved from http://docs.aws.amazon.com/IAM/latest/UserGuide/introduction.html
3. X-GTRBAC: An XML-based policy specification framework and architecture for enterprise-wide access control.;R.Bhatti;ACM Transactions on Information and System Security,2005
4. Borders, K., Zhao, X., & Prakash, A. (2005). CPOL: High-performance policy evaluation. The 12th ACM conference on Computer and communications security.