Margrave is a PLT Scheme API for use in analyzing access-control policies written in a subset of XACML.
Margrave provides functions to answer queries about one policy or about the relationship of two policies. This provides a means to perform:
- verification of properties about an policy (e.g., "Does the policy permit all admins access to the log?")
- elucidation of a policy (e.g., "Who is permitted access to the log?"),
- change impact analysis between two policies (e.g. "What changed between Policy1 and Policy2?"), and
- verification and elucidation of a comparison of two policies (e.g. "Do all the changes between Policy1 and Policy2 involve the log? If not, what else changed?").
An access-control policy states which entities has access to
perform which actions on which resources. XACML provides a language to
specify an access control policy using an XML syntax. A policy in
XAMCL is made of <Rule>
,
<Policy>
, and <PolicySet>
elements, all of which Margrave supports. (For information about which
parts of XACML Margrave does and does not support, click here .)
The Margrave API provides a function to parse a policy written in XACML. Margrave can then be used to ask queries about the given policy. Margrave can also load in more than one policy and queries can be asked about the relationships between two policies. This can be used to perform change-impact analysis. Rather than providing a query language, Margrave provides a set of Scheme functions that can be composed to construct queries. This allows the full power of Scheme to be used by mixing Scheme functions with Margrave functions.
Readers of Verification and Change-Impact Analysis of Access-Control Policies should look at the old website for the examples discussed in the paper. That paper only discusses the functionality of Margrave version 1.
Please note that Margrave is not for verification of the correctness of the syntax of an XACML file. Please use one the tools listed here for that before using Margrave. The behavior of Margrave on XACML files with syntax errors is unknown.