The Axiomatics Policy Auditor (APA) with Prover Plug-In, simplifies the analysis and validation process of XACML policies. It is designed for use by managers, controllers and auditors, and features a user-friendly web-based graphical interface and minimal use of technical jargon.

Users analyze policies and their effects by writing and submitting a wide range of queries to the Policy Auditor. The type of queries currently supported by the APA include, among others:

• Who can access a specific resource?
• Under what conditions can the user access the resource?
• What information can they access?
• Under what conditions can the information be accessed by a specific user?
• What can a specific user do to a certain resource?

Among other things users can query whether suppliers can read inventory data in the organization's portal.

The APA process

1)  Users writes question to analyze an XACML policy, in the APS policy store (PRP).
2) Once the user submits the query, the APA screens through the selected XACML policies in the policy store and makes use of any necessary additional information from the Policy Information Point (PIP) to analyze the query. 3) The query result will be shown in the APA in the form of XACML attributes that users can easily interpret.

Benefits of Axiomatics Policy Auditor

• Ensure compliance with regulatory mandates
• Assist auditors in understanding high-level consequences of policies
• Increase confidence in policy controls and accountability

Features of Axiomatics Policy Auditor

• Supports XACML
• Full integration with Axiomatics Policy Server
• Web-based application with user-friendly interface
• Compatibility with most browsers
• Iterative analysis
• Ability to save and store queries for future uses