Using XACML for Embedded and Fine-Grained Access Control Policy

XACML (eXtensible Access Control Markup Language) is an access control policy language standardized by the OASIS (Organization for Advancement of Structured Information Standards). We have extended the standard XACML languages and processing models to allow the access control policies be embedded with digital content in the same XACML-like document. The original content can be further divided into multiple parts, each of which is encapsulated by its own XACML. statements that specify the access control policy specific to this part, such that different policies can be applied to and enforced for different parts of the digital content. These embedded and fine-grained access control policy capabilities can be used to facilitate the protection, management and sharing of information no matter where the information resides. We have also developed an initial prototype of this XACML based mechanism for proof-of-concept purpose.