Access control in general is the ability to permit or deny the use of a particular resource by a particular entity. Access control mechanisms can be used in managing physical resources (e.g. buildings into which only people holding correct passes are to be admitted), logical resources (e.g. bank accounts), or digital resources (e.g. databases and other such information systems, or specific electronically-stored documents which only certain users should be able to read, amend, delete etc.).
Businesses will increasingly find themselves defining access control policies on a variety of information systems. The separate manual management of policies at each point is very costly in terms of human effort. The cost of such effort can lead to mistakes being made, and the temptation to implement simpler policies rather than those that are correct for the business. In addition the separate management, often by separate persons or authorities, can lead to inconsistencies that may be exploited to gain sensitive business information or gain access to critical systems.
At the technology level policies expressed in languages such as XACML express criteria about the Subject (the entity attempting to gain access) and the Resource (the system/data being accessed). XACML will be discussed later, but an explanation is provided in the article: “A Brief Introduction to XACML” available on the internet at the following address: http://www.oasis-open.org/committees/download.php/2713/Brief_Introduction_to_XACML.html
In RFID systems, much of this data is keyed against, or relates to product or shipping container identifiers, such as EPCs (Electronic Product Codes). Subjects are generally referred to by certified identities. These policies are generally stored and evaluated by Policy Decision Points (PDPs), and enforced by Policy Enforcement Points (PEPs). The larger the set of policies that are evaluated, the longer the access decision will take. Thus it is desirable to minimise the set of policies available to a Policy Decision Point. Manually controlling this dissemination, like manually creating the policies separately, is costly and error prone. Too many policies will affect performance, whereas too few policies will not result in the desired behaviour of the system (for example someone being denied access where it should have been granted).
A single policy (for example for access to information about some goods) may affect multiple resources (such as the serialised information system, or EPCIS, the serialised discovery service, the supplier handling system, the customer handling system etc.). For example, a policy that allows shipping information may grant access to an Advanced Shipping Notice on one ERP (Enterprise Resource Planning) system, along with records within an EPCIS (Electronic Product Code Information Service) for specific EPCs. Such policies should not be distributed to resources where they will not affect the behaviour (since the Subject or Resource/Action criteria used by the Policy Enforcement Point will never match the policy). Storage and evaluation of such redundant policies is wasteful and will delay access to the resource.
Methods and systems to be described relate to the automated distribution of access control policies from a central repository, for example, to access policy decision points for multiple resources that are to be protected.