A methodology for the experimental performance evaluation of Access Control enforcement mechanisms based on business processes

While the security analysis of Access Control (AC) policies has received a lot of attention, the same cannot be said for their enforcement. As applications become more distributed, centralized services a bottleneck, and legal compliance constraints stricter (e.g., the problem of honest but curious Cloud providers in the light of privacy regulations), the fine-tuning of AC enforcement mechanisms is likely to become more and more important. This is especially true in scenarios where the quality of service may suffer from computationally heavy security mechanisms and low latency is a prominent requirement. As a first step towards a principled approach to fine-tune AC enforcement mechanisms, this paper introduces a methodology providing the means to measure the performance of such mechanisms through the simulation of realistic scenarios. To do so, we base our methodology on Business Process Model and Notation (BPMN) workflows — that provide for an appropriate abstraction of the sequences of requests (e.g., access a resource, revoke a permission) sent toward AC enforcement mechanisms — to evaluate and compare the performance of different mechanisms. We implement our methodology and use it to evaluate three AC enforcement mechanisms representative of both traditional centralized — i.e., the Open Policy Agent (OPA) and the eXtensible Access Control Markup Language (XACML) — and decentralized AC — i.e., the CryptoAC tool.