One of the most challenging problems in managing large, distributed, and heterogeneous networked systems is specifying and enforcing access control security policies regulating interactions between parties and access to services and resources. Recent proposals for specifying and exchanging access control policies adopt different types of access control languages.
In this chapter, we review three different types of access control languages.
We start the chapter with an overview of the basic concepts on which access control systems are based. We then illustrate logic-based, XML-based, and credential-based access control languages. We conclude the chapter discussing how policies expressed by using different languages and coming from different systems can be combined.