Security policy implementation using graph database

Extensible Access Control Markup Language (XACML) is an access control policy language. Typically, an XACML policy has configurable standard extension points to define new functions, data types and the ways to combine them as a single unit. With this language, we can query whether a given action can be performed, and the result will be interpreted accordingly. Thus, the response includes an answer about the request with a result of "Permit" or "Deny." This project uses a graph database approach for XACML implementation, specifically, using Neo4j. The data in Neo4j is stored using a graph structure using nodes and arcs. This project consists of two components. Firstly, the system parses XACML policies, handles conflicts, and stores the results in the Neo4j graph database. Secondly, once a user submits an XACML request, the system parses the XACML request file to produce a Cypher query and query the graph database. The query result is then wrapped into an XACML response file and sent back to the user.