12/05/2006: "Datalog and SecPAL"

We have started some experimental work with my Ph.D. colleague on translating access control rules to Datalog. This is our initial attept to create our own interoperable logic based access control PDP (Policy Desicion Point) . We are currently only translating SecPAL (building on the experiences we gained translating XACML to VDM) and further down the road we will discuss possibilities of translating XACML into Datalog too. I plan to feed this work into the existing GOLD security framework for expressing in natural language, validating, and logically representing access control policies. There is a good chance of visiting MS in Redmond at the beginning of next month which will give me a better chance to elaborate on our work here at NCL.

Note to self: I need to socialise more with formalists!