First you must set DrScheme to the right language level: case sensitive Pretty Big. After starting DrScheme go to the "Language" menu and select the "Choose Language..." option. A window will open. If details are not shown click the "Show Details" button (lower left). In the left side of the window under the tab "PLT", select the language "Pretty Big" (you might have to expand the tab). In the right side of the window, check the box "Case sensitive" under the heading "Input Syntax" to turn case sensitivity on. Note that you will have to write your code using case-sensitive names.

To use Margrave in a Scheme file, include at the top of the Scheme file the command (require "<path>/Margrave/anaysis/margrave.scm") where <path> is the path to where you installed Margrave.

To load just one XACML policy, use the command (load-xacml-policy <file>) where <file> is the location of the file holding the base XACML policy. If the policy has only one file, then that file is the base one. Otherwise, it is the top-most one.

To load more than one policy one must use either load-xacml-policies or let-xacml-policies. The first returns a list of all loaded policies. The entries in this list are in the same order as file names passed in. The second is a binding form must like let. For example, both of the code given below loads two policies and bind them to identifiers with the same name as their file names:

(define policies (load-xacml-policies "policyA.xml" "policyB.xml"))
(define policyA (first policies))
(define policyB (second policies))

(let-xacml-policies ([policyA "policyA.xml"]
                     [policyB "policyB.xml"])
  ...)

The second way is more easy to read, but one must now only the identifiers policyA and policyB inside the body of the let-xacml-policies statement (where the ... is). (You also should not remove the data to which else identifiers are bound from inside the body of statement by, for example, using set!.)

Once you have loaded the XACML policies, you can use the Margrave API and all of Scheme to ask queries about these policies. Do not execute them until after loading all the policies Documentation of individual functions in the Margrave API can be found in the SchemeDocs.

XACML (the eXtensible Access Control Markup Language) is an OASIS standard. Documentation can be found here. The version of XACML for which Margrave 2 was built is the 2.0 standard specification. As documented below, Margrave supports only a subset of this version of XACML. Note that this subset has changed from XACML 1.0 to XACML 2.0, so Margrave 2 will not work with XACML 1.0.

Margrave can handle the core of XACML that deals strictly with role-based access control and checking for the equality of attribute values. This includes the <Rule>, <Policy>, and <PolicySet> elements and many of the futures of the <Target>, and <Condition> elements found within them. Margrave also supports the following rule/policy combining algorithms:

• First-Applicable: both urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:first-applicable and urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:first-applicable,
• Deny-Override: both urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:deny-overrides and urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:deny-overrides, and
• Permit-Override: both urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:permit-overrides and urn:oasis:names:tc:xacml:1.0:policy-combining-algorithm:permit-overrides.

Margrave does not support the ability to do data reasoning within a policy. This includes not supporting the <Condition> element found within the <Rule> element. Since the <Function> element can only be found within the <Condition> element, <Function> is also not supported.

Margrave also presumes that all values for the MatchID attribute of the <SubjectMatch>, <ResourceMatch>, <ActionMatch>, and <Environment> elements imply string-equality testing. Although this implies that for example having a target match only request with a ID number greater than 10 cannot be written in the obvious way using the greater-than MatchID, one can still express this policy by having a Subject attribute "has-id-greater-than-10" and checking if that attribute is set to "true". This further implies that non-string values for attribute values are only supported if string equality is sufficient to compare them. Since we treat all attribute values as strings, the Margrave parser does not even bother to parse the DataType attribute of the AttributeDesignator elements.

The same restriction to testing for string equality holds for the for functions applied in a <Condition> element. Furthermore, the only logical functions implemented are:

• Not: urn:oasis:names:tc:xacml:1.0:function:not,
• And: urn:oasis:names:tc:xacml:1.0:function:and, and
• Or: urn:oasis:names:tc:xacml:1.0:function:or.

In addition to not handing the DataType, Margrave also does not handle the Issuer or MustBePresent attributes of the AttributeDesignator elements. Nor does it handle the SubjectCategory attribute found only in the <SubjectAttributeDesignator> element. Thus, Margrave cannot handle requests with multiple subjects or resources as documented in section 6.1 of the XACML specification.

Nor does Margrave implement the following elements:

• VariableDefinition
• CombinerParameters
• RuleCombinerParameters
• PolicyCombinerParameters
• PolicySetCombinerParameters

Since all the above restrictions rule out all the sources for the decision Indeterminate, Margrave has no notion of an Indeterminate decision.

Since Margrave only deals with the decision of an XACML policy, it does not deal with Obligations

Margrave also does not deal with hierarchical data as discussed in section 7.12 of the XACML specification.

Margrave offers limited support for the policy reference element.