XACML The following represent two examples of XACML 2.0 policies. Which single one of these statements is false: a) An access request from Alice Samson at 14:00 on 01 January 2018 according to the...

XACML
The following represent two examples of XACML 2.0 policies.

Which single one of these statements is false:
a) An access request from Alice Samson at 14:00 on 01 January 2018 according to the first

policy, will failComputer Security Coursework, 2020/2021 Page 11
b) Purpose of the last rule in each of the two policies is to deny any requests that are not

covered by the previous permitting rules in each of the two policies
c) If the two policies above were combined into one policy set in the order they appear with a

policy-combining algorithm “first-applicable”, then the outcome of the request by Alice

Samson be at 14:00 on 01 January 2018 to access the “server.acme.co.uk/docsserver” would

be accepted when evaluated against the new policy set
d) Adding to the AND of the condition a third part with a “anyURI-equal” function applied to an

attribute “machine.alice.come” will strengthen the condition by also requiring that Alice’s

request arrives from a particular URI address equal to machine.alice.com
e) If the effects of rules “Example 2 Rule 1” and “Example 2 Rule 2” in the second policy were

changed to “Deny” and the effect of rule “Example 2 Rule 3” was changed to “Permit”, then

the outcome of the request from Alice Samson at 14:00 on 01 December 2017 would be
permitted
f) An access request from Alice Samson at 14:00 on 01 January 2018 according to the second
policy, will succeed
Explain your answer below