From Plain English to XACML Policies: An AI-Based Pipeline Approach

Maria  Teresa Paratore; Eda Marchetti; Antonello Calabrò

doi:10.5220/0013357200003896

From Plain English to XACML Policies: An AI-Based Pipeline Approach

Maria Teresa Paratore, Eda Marchetti, Antonello Calabrò

2025

Abstract

The increasing adoption of generative artificial intelligence, particularly conversational Large Language Models (LLMs), has presented new opportunities for addressing challenges in software development. This paper explores the potential of LLMs in generating eXtensible Access Control Markup Language (XACML) policies. This paper investigates current solutions and strategies for leveraging LLMs to produce verified, secure, compliant access control policies. Specifically, by discussing current methods for enhancing LLM performances in generating structured text, it introduces a pipeline approach that integrates conversational LLMs with syntactic and semantic validators. This approach ensures correctness and reliability of the generated policies. Our proposal is showcased by using real policies and compares various LLMs’ performances (ChatGPT, Claude, Gemini, and LLaMA). Our findings suggest a promising direction for future developments in automated access control policy formulation, bridging the gap between human intent and machine interpretation.

Download

Paper Citation

in Harvard Style

Paratore M., Marchetti E. and Calabrò A. (2025). From Plain English to XACML Policies: An AI-Based Pipeline Approach. In Proceedings of the 13th International Conference on Model-Based Software and Systems Engineering - Volume 1: MODELSWARD; ISBN 978-989-758-729-0, SciTePress, pages 85-96. DOI: 10.5220/0013357200003896

in Bibtex Style

@conference{modelsward25,
author={Maria Paratore and Eda Marchetti and Antonello Calabrò},
title={From Plain English to XACML Policies: An AI-Based Pipeline Approach},
booktitle={Proceedings of the 13th International Conference on Model-Based Software and Systems Engineering - Volume 1: MODELSWARD},
year={2025},
pages={85-96},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0013357200003896},
isbn={978-989-758-729-0},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 13th International Conference on Model-Based Software and Systems Engineering - Volume 1: MODELSWARD
TI - From Plain English to XACML Policies: An AI-Based Pipeline Approach
SN - 978-989-758-729-0
AU - Paratore M.
AU - Marchetti E.
AU - Calabrò A.
PY - 2025
SP - 85
EP - 96
DO - 10.5220/0013357200003896
PB - SciTePress