The Unified Policy Framework (UPF)


Title: The Unified Policy Framework (UPF)
Authors: Achim D. Brucker (brucker /at/ spamfence /dot/ net), Lukas Brügger and Burkhart Wolff ( wolff /at/ lri /dot/ fr)
Submission date: 2014-11-28
Abstract: We present the Unified Policy Framework (UPF), a generic framework for modelling security (access-control) policies. UPF emphasizes the view that a policy is a policy decision function that grants or denies access to resources, permissions, etc. In other words, instead of modelling the relations of permitted or prohibited requests directly, we model the concrete function that implements the policy decision point in a system. In more detail, UPF is based on the following four principles: 1) Functional representation of policies, 2) No conflicts are possible, 3) Three-valued decision type (allow, deny, undefined), 4) Output type not containing the decision only.
  author  = {Achim D. Brucker and Lukas Brügger and Burkhart Wolff},
  title   = {The Unified Policy Framework (UPF)},
  journal = {Archive of Formal Proofs},
  month   = nov,
  year    = 2014,
  note    = {\url{},
            Formal proof development},
  ISSN    = {2150-914x},
License: BSD License
Used by: UPF_Firewall
Status: [ok] This is a development version of this entry. It might change over time and is not stable. Please refer to release versions for citations.