The Axiomatics Policy Auditor (APA) with Prover Plug-In1 delivers a platform for auditors and IT administrators to analyze and audit eXtensible Access Control Markup Language (XACML) policies within an organization. Designed with business users in mind, the APA simplifies the task of auditing security policies by allowing its users to:
- Verify compliance of XACML policies.
- Examine access control policies and easily predict their behavior.
- Explain any unexpected policy behavior or violations of an organization’s best practices.
- Run tests of newly created access control policies.
- Verify the enforcement of high-level constraints (such as segregation of duty) which are not explicitly expressed in low-level access control policies.