HETEROGENEITY XACML POLICY EVALUATION ENGINE

The first and foremost challenge in establishing a policy evaluation engine is the conflict-free distributed policy evaluation process that governs all the information and resource exchange in distributed environment. However, most of the researcher efforts in policy evaluation have been devoted to the topic of efficiency. While efficiency is an important issue, the effectiveness of policy evaluation may be limited if the resulting systems are not implemented correctly. To tackle the effectiveness, we demonstrate that heterogeneity conflicts are among the issues that should be addressed in distributed policy evaluation. To the best of our knowledge, heterogeneity issue has not been taken into account by existing policy evaluation engines. Current policy evaluation engines only utilized simple string-based methods during the policy evaluation process. However, each organization manages its own vocabulary of policies to serve their particular authority principle concern. Thus, we cannot expect that policies belonging to different organizations are based on the same vocabulary. Therefore, unique name assumption is not able to solve heterogeneity issue. We proposed an effective heterogeneity XACML policy evaluation engine called HXPEngine to detect and resolve heterogeneity conflicts. The comparison with existing engines is conducted, and findings show that HXPEngine is more effective than the previous evaluation engine.