JACPoL: A Simple but Expressive JSON-based Access Control Policy Language - Information Security Theory and Practice Access content directly
Conference Papers Year : 2018

JACPoL: A Simple but Expressive JSON-based Access Control Policy Language


Along with the rapid development of ICT technologies, new areas like Industry 4.0, IoT and 5G have emerged and brought out the need for protecting shared resources and services under time-critical and energy-constrained scenarios with real-time policy-based access control. The process of policy evaluation under these circumstances must be executed within an unobservable delay and strictly comply with security objectives. To achieve this, the policy language needs to be very expressive but lightweight and efficient. Many existing implementations are using XML (Extensible Markup Language) to encode policies, which is verbose, inefficient to parse, and not readable by humans. On the contrary, JSON (JavaScript Object Notation) is a lightweight, text-based and language-independent data-interchange format that is simple for humans to read and write and easy for machines to parse and generate. Several attempts have emerged to convert existing XML policies and requests into JSON, however, there are very few policy specification proposals that are based on JSON with well-defined syntax and semantics. This paper investigates these challenges, and identifies a set of key requirements for a policy language to optimize the policy evaluation performance. According to these performance requirements, we introduce JACPoL, a descriptive, scalable and expressive policy language in JSON. JACPoL by design provides a flexible and fine-grained ABAC (Attribute-based Access Control), and meanwhile it can be easily tailored to express a broad range of other access control models. This paper systematically illustrates the design and implementation of JACPoL and evaluates it in comparison with other existing policy languages. The result shows that JACPoL can be as expressive as existing ones but more simple, scalable and efficient.
Fichier principal
Vignette du fichier
469589_1_En_4_Chapter.pdf (1.37 Mo) Télécharger le fichier
Origin Files produced by the author(s)

Dates and versions

hal-01802720 , version 1 (17-09-2018)



Hao Jiang, Ahmed Bouabdallah. JACPoL: A Simple but Expressive JSON-based Access Control Policy Language. WISTP 2017 : 11th IFIP International Conference on Information Security Theory and Practice, Sep 2017, Heraklion, Crete, Greece. pp.56-72, ⟨10.1007/978-3-319-93524-9_4⟩. ⟨hal-01802720⟩
710 View
233 Download



Gmail Mastodon Facebook X LinkedIn More