Fong, Philip Wai LeungBalasubramaniam, Jayalakshmi2013-01-252013-06-152013-01-252013http://hdl.handle.net/11023/468The access control systems in dynamic environments contain composite access control policies, that combine decisions from multiple component policies using policy combining algorithms. In such dynamic environments, analysis of policies is a challenge. In this thesis, I propose a white-box policy analysis Decision in Context (DIC), that would analyse component policies situated inside a composite policy. For generality, the DIC query is defined in an XACML-style policy composition framework. The DIC query is implemented via a reduction to either propositional satisfiability or pseudo boolean satisfiability instances, after which standard solvers can be invoked to complete the evaluation. Empirical analyses have been conducted to compare the relative efficiency of the SAT and PBS encodings. The latter is found to be the more effective encoding, in reducing DIC queries containing majority voting policy combining algorithms.engUniversity of Calgary graduate students retain copyright ownership and moral rights for their thesis. You may use this material in any way that is permitted by the Copyright Act or through licensing that has been assigned to the document. For uses that are not allowable under copyright legislation or licensing, you are required to seek permission.Computer SciencePolicy analysisWhite-box testingChange impact analysisBreak-glass reductionDead policyPolicy pruningPolicy compositionXACMLPropositional satisfiabilityPseudo boolean satisfiabilityA Novel Approach to White-Box Policy Analysismaster thesis10.11575/PRISM/24928