@article {11714990120160901, title = {ANALYSIS AND VERIFICATION OF XACML POLICIES IN A MEDICAL CLOUD ENVIRONMENT.}, journal = {Scalable Computing: Practice \& Experience}, volume = {17}, number = {3}, year = {2016}, pages = {189 - 205}, abstract = {The connectivity of devices, machines and people via Cloud infrastructure can support collaborations among doctors and specialists from different medical organisations. Such collaborations may lead to data sharing and joint tasks and activities. Hence, the collaborating organisations are responsible for managing and protecting data they share. Therefore, they should define a set of access control policies regulating the exchange of data they own. However, existing Cloud services do not offer tools to analyse these policies. In this paper, we propose a Cloud Policy Verification Service (CPVS) for the analysis and the verification of access control policies specified using XACML. The analysis process detects anomalies at two policy levels: a) intra-policy: detects discrepancies between rules within a single security policy (conflicting rules and redundancies), and b) interpolicies: detects anomalies between several security policies such as inconsistency and similarity. The verification}, keywords = {Automata, Cloud computing, Completeness, Data security, Formal Verification, Information storage \& retrieval systems {\textendash} Medical care, Security Anomaly Detection, XACML Policies}, issn = {18951767}, url = {http://search.ebscohost.com/login.aspx?direct=true\&db=iih\&AN=117149901\&site=ehost-live}, author = {Ayache, Meryeme and Erradi, Mohammed and Khoumsi, Ahmed and Freisleben, Bernd} }