摘要 |
A method and system for enabling non-programmers to create certifiable Extensible Access Control Markup Language (XACML) policies. The graphical user interface (GUI) presents a form to the security policy author using a natural language such as English, as specified by a context-free grammar. The compiler software translates the GUI's filled-in form-representing a human-readable natural language policy-into XACML code. A reverse compiler or de-compiler provides a certification of the XACML code to render the original policy in a natural language format such as English. Optionally, a tokenized intermediate form, a set of policy-specific data sets and a graph theory-based intermediate representation can be configured. Logic checks and code validation checks can be also preferably configured. Apparatus and medium claims are also provided.
|