Apollon: Towards a semantically extensible policy framework

Pervasive systems with ad hoc connectivity and semantic service discovery are a challenging environment when it comes to dynamically managing access rights and security settings. Most policy frameworks come with a pre-defined policy model whose expressiveness can usually not be extended and is thus not adaptable to a high-level security model as it might be predetermined by a company or a specific application. In order to overcome these limitations we designed Apollon, a policy framework featuring a modular policy model which can be extended or reduced as required by an application. In this paper, we present the software architecture of Apollon, and show by the example of a DRBAC-model how the expressiveness of Apollon can be successively extended.