A tool for access control policy validation

Muhammad Aqib, Riaz Ahmed Shaikh

Research output: Contribution to journalArticlepeer-review

4 Citations (Scopus)


Inconsistency in access control policies exists when at least two rules present in the policy set lead to the contradictory decisions. It makes difficult for the system to decide which rule is applicable to the current scenario and hence make the system vulnerable to the unauthorized use. Various inconsistency detection methods have been proposed by researchers. However, those suffered from various limitations e.g., inefficient handling of numeric attributes, Boolean expressions etc. In this article, we propose a new algorithm that detects the inconsistencies in the policies using decision trees. For a proof of concept, we have developed a software tool that proves its effectiveness. Also, complexity analysis and qualitative comparison of the proposed algorithm is presented in the paper.

Original languageEnglish
Pages (from-to)157-166
Number of pages10
JournalJournal of Internet Technology
Issue number1
Publication statusPublished - 2018


  • Access control
  • Inconsistency
  • Policy validation
  • Security
  • XML

Cite this