Measurement and Prediction of Access Control Policy Evaluation Performance

As the need for more pervasive and more complex access controls grows, the challenge of ensuring the performance of access control systems is becoming apparent. Researchers have proposed several solutions to mitigate performance problems, including: adjusting the policy set; re-engineering the policy decision point (PDP); and decomposing the policies and distributing their evaluation. However, since the benefits and tradeoffs depend heavily upon the actual scenario, security administrators typically do not have objective justification for adopting particular mitigation actions. In response, we present the ATLAS framework, comprising: 1) DomainManager, which facilitates modelling the domain as closely as possible and automatically generates large numbers of representative policies and associated requests; 2) STACS, which enables controlled experiments to be performed using the generated policies/requests, to collect comprehensive measurements of PDP performance; and 3) PARPACS, which aids the understanding and worth of the measurement data and, by using rigorous validation techniques, reduces the risk of spurious insights or incorrect recommendations. We present a discussion of ATLAS as applied to an enterprise communication scenario, where access control is realised via XACML PDPs. Notable insights include that the SunXacml 2.0 PDP performs relatively poorly in terms of policy evaluation performance and that adding additional memory and/or processor cores to a XACML PDP server is not guaranteed to improve performance significantly.