XML Access Control: Mapping XACML Policies to Relational Database Tables

Although eXtensible Access Control Markup Language (XACML) is recognized as a precise and a complete policy description language, the structure of the current XACML policy is complex. Hence, users need to understand XACML well and write down the securing policy all by hand, which make it difficult to master and use. On the other hand, RDBMS is easy and simple to use by all users and allows hiding the difficulties of XACML by storing XACML policies and rules in relational tables. Hence, it will be easy for users to use and understand the XACML policies and rules. In this paper, we propose a new mapping technique to map XACML policies and rules into relational rules and store them in tables to ease the access control of the XML documents. The implementation of the proposed technique demonstrates a significant access decision time.