pith. sign in

arxiv: 2604.12850 · v1 · submitted 2026-04-14 · 💻 cs.CR

EXTree: Towards Supporting Explainability in Attribute-based Access Control

Shanampudi Pranaya Chowdary (Indian Institute of Technology Kharagpur , India) , Shamik Sural (Indian Institute of Technology Kharagpur This is my paper

Pith reviewed 2026-05-10 16:02 UTC · model grok-4.3

classification 💻 cs.CR
keywords explainabilityattribute-based access controlABACdecision treesaccess control policiesfeedback strategiespolicy representation
0
0 comments X

The pith

ABAC policies can be turned into trees that evaluate access requests quickly while also generating clear explanations for denials.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper introduces EXTree to represent attribute-based access control policies as trees that support both fast evaluation and human-readable feedback. It examines two main dimensions: strategies for building the trees to balance efficiency and clarity, and methods for crafting explanations when access is denied. Experiments compare entropy-based, changeability-based, and random tree constructions across different setups. The approach aims to make opaque authorization decisions more transparent without losing the ability to process requests rapidly.

Core claim

EXTree represents ABAC policies optimized for both fast evaluation and human-centric feedback in the form of a tree, with feedback evaluation strategies to craft actionable explanations on denial and tree construction strategies to structure policies for efficient yet interpretable decisions.

What carries the argument

The tree-based representation of ABAC policies, using feedback evaluation strategies to produce explanations and tree construction strategies to organize decisions for efficiency and interpretability.

If this is right

  • Authorization systems using EXTree can evaluate access requests more rapidly than non-tree forms.
  • Denied requests receive specific feedback based on the chosen evaluation strategy, making decisions less opaque.
  • Entropy-based or changeability-based tree constructions yield different trade-offs in speed and explanation quality compared to random trees.
  • Complex policy logic becomes more accessible to users through the generated explanations.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • The tree approach might extend to other policy-based systems where both speed and user feedback matter.
  • Practical adoption would likely need testing in live environments to confirm the explanations match real user needs.
  • Combining these trees with existing ABAC implementations could reduce confusion around access denials in digital governance settings.

Load-bearing premise

That ABAC policies can be losslessly represented as trees and that the construction and feedback strategies produce explanations that are accurate and useful in practice.

What would settle it

A case where a policy cannot be fully encoded as a tree without losing meaning, or where users find the generated explanations inaccurate or unhelpful when tested against actual denied requests.

Figures

Figures reproduced from arXiv: 2604.12850 by India), Shamik Sural (Indian Institute of Technology Kharagpur, Shanampudi Pranaya Chowdary (Indian Institute of Technology Kharagpur.

Figure 1
Figure 1. Figure 1: Hierarchical representation of the example ABAC policy introduced in Section 2.1. Internal nodes correspond to attribute tests and leaf nodes represent allow decisions. The highlighted (in bold) path illustrates the evaluation trace for the denied request and, the deny node is marked in red [PITH_FULL_IMAGE:figures/full_fig_p004_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: Visualization of feedback search strategies on the example EXTree. The denied request (role = manager, [PITH_FULL_IMAGE:figures/full_fig_p006_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: Comparison of EXTree construction strategies using the policy introduced in Section 2.1 and the denied request (role = intern, department = General, clearance = low, training over = no). Although both trees have identical depth, their construction significantly affects the amount of search required to generate actionable feedback [PITH_FULL_IMAGE:figures/full_fig_p013_3.png] view at source ↗
Figure 4
Figure 4. Figure 4: Cumulative feedback cost heatmaps grouped by tree construction strategy. Within each block, the four [PITH_FULL_IMAGE:figures/full_fig_p017_4.png] view at source ↗
Figure 5
Figure 5. Figure 5: Effect of visibility constraints. 18 [PITH_FULL_IMAGE:figures/full_fig_p018_5.png] view at source ↗
read the original abstract

With increasing emphasis on transparency in digital governance, users expect more than silence when their access requests are denied by a system. However, authorization methods are notorious for their inability to provide any form of meaningful feedback under such situations. This paper shows a direction towards how the problem of explainability can be mitigated in the context of Attribute-based Access Control (ABAC), arguably the most researched topic in access control in recent years. We introduce EXTree, which represents ABAC policies optimized for both fast evaluation (Efficiency) and human-centric feedback (Explainability) in the form of a tree. Two strategic dimensions are investigated, namely, Feedback Evaluation Strategies - how to craft actionable explanations when access is denied, and Tree Construction Strategies - how the policy trees should be structured for efficient yet interpretable decisions. Through extensive experiments, we compare entropy-based, changeability-based, and randomly generated trees across multiple configurations. Our results demonstrate that EXTree, built for efficiency and interpretability, can bridge the gap between complex authorization logic and human understanding.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 0 minor

Summary. The paper introduces EXTree, a tree-based representation of ABAC policies optimized for both fast evaluation and human-centric feedback when access is denied. It examines two dimensions—Feedback Evaluation Strategies for crafting explanations and Tree Construction Strategies (entropy-based, changeability-based, and random)—and reports experiments comparing these approaches across configurations, claiming that EXTree bridges complex authorization logic with human understanding.

Significance. If the central claims were supported by appropriate evidence, the work could contribute to transparency in access control by offering an interpretable policy structure. However, the current manuscript provides no validation that the generated explanations are accurate, faithful to the original policy semantics, or useful to humans, limiting its potential impact to efficiency considerations alone.

major comments (2)
  1. [Abstract] Abstract: The central claim that 'EXTree... can bridge the gap between complex authorization logic and human understanding' is unsupported. The described experiments compare tree constructions only on efficiency and structural metrics; no fidelity checks (whether tree decisions match original ABAC policy semantics), no human-subject measures (comprehension, usefulness, decision accuracy), and no details on datasets, baselines, or statistical significance are provided.
  2. [Abstract / Experiments] The weakest assumption—that ABAC policies can be losslessly represented as trees while the chosen construction and feedback strategies produce explanations that are both accurate and useful in practice—is not tested. Without explicit fidelity or usability evaluation, the explainability benefit is asserted from the construction method rather than demonstrated.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the detailed and constructive feedback. We address the major comments point by point below, acknowledging where the manuscript's claims require tempering and proposing specific revisions to improve clarity and evidence.

read point-by-point responses

  1. Referee: [Abstract] Abstract: The central claim that 'EXTree... can bridge the gap between complex authorization logic and human understanding' is unsupported. The described experiments compare tree constructions only on efficiency and structural metrics; no fidelity checks (whether tree decisions match original ABAC policy semantics), no human-subject measures (comprehension, usefulness, decision accuracy), and no details on datasets, baselines, or statistical significance are provided.

    Authors: We agree that the abstract overstates the explainability benefits without direct empirical support from human-subject studies or explicit fidelity verification. The experiments focus on efficiency and structural comparisons among construction strategies, with explainability positioned as an inherent property of the tree representation and feedback strategies. We will revise the abstract to remove the unsupported bridging claim, limit it to demonstrated efficiency results, and add details on datasets, baselines, and statistical tests in the experiments section. A new limitations subsection will note the absence of usability validation. revision: yes

  2. Referee: [Abstract / Experiments] The weakest assumption—that ABAC policies can be losslessly represented as trees while the chosen construction and feedback strategies produce explanations that are both accurate and useful in practice—is not tested. Without explicit fidelity or usability evaluation, the explainability benefit is asserted from the construction method rather than demonstrated.

    Authors: The tree construction strategies are derived directly from the original ABAC policy attributes and rules, which by design preserves decision semantics for equivalent requests; however, we did not include explicit fidelity experiments comparing tree outputs against the source policy across test cases. We will add such verification (e.g., decision agreement rates on synthetic and real request sets) to the experiments. Usability remains untested and will be explicitly listed as future work rather than asserted. revision: yes

Circularity Check

0 steps flagged

No significant circularity in derivation chain

full rationale

The paper proposes EXTree as a tree representation for ABAC policies and compares entropy-based, changeability-based, and random construction strategies via experiments on efficiency and structural metrics. No equations, derivations, fitted parameters, or self-citations appear in the provided text. The central claim that EXTree bridges to human understanding rests on design assumptions and experimental comparisons rather than any reduction of outputs to inputs by construction, self-definition, or imported uniqueness theorems. This is a standard non-circular empirical proposal with no load-bearing steps matching the enumerated patterns.

Axiom & Free-Parameter Ledger

0 free parameters · 1 axioms · 1 invented entities

The central claim rests on the unproven premise that decision trees can faithfully encode ABAC policies while supporting meaningful explanations; no free parameters or additional axioms are stated in the abstract.

axioms (1)
  • domain assumption ABAC policies can be represented as decision trees without loss of semantics or correctness.
    The entire EXTree proposal depends on this representation being valid and useful.
invented entities (1)
  • EXTree no independent evidence
    purpose: A tree structure for ABAC policies that jointly optimizes evaluation speed and human interpretability.
    Newly introduced artifact with no independent evidence of correctness or superiority provided.

pith-pipeline@v0.9.0 · 5496 in / 1274 out tokens · 73438 ms · 2026-05-10T16:02:21.097822+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

23 extracted references · 23 canonical work pages

  1. [1]

    Datasets folder includes Healthcare dataset used in ABAC research

    ABAC-Lab-Admin.ABAC-Lab: repository of ABAC policy datasets (University, Workforce, Healthcare, ...) https://github.com/ABAC- Lab- Admin/ABAC- Lab. Datasets folder includes Healthcare dataset used in ABAC research. 2025

    work page 2025

  2. [2]

    Extraction of Machine Enforceable ABAC Policies from Natural Language Text using LLM Knowledge Distillation

    Thang Bui et al. “ABAC Lab: An Interactive Platform for Attribute-based Access Control Policy Analysis, Tools, and Datasets [Dataset/Tool Paper]”. In:30th ACM Symposium on Access Control Models and Technolo- gies. USA, 2025, pp. 111–116.DOI:10.1145/3734436.3734441

    work page doi:10.1145/3734436.3734441 2025

  3. [3]

    XACML policy performance evaluation using a flexible load testing framework

    Bernard Butler et al. “XACML policy performance evaluation using a flexible load testing framework”. In: Proceedings of the 17th ACM Conference on Computer and Communications Security. CCS ’10. Chicago, Illinois, USA: ACM, 2010, pp. 648–650.DOI:10.1145/1866307.1866385

    work page doi:10.1145/1866307.1866385 2010

  4. [4]

    Verification and change-impact analysis of access-control policies

    K. Fisler et al. “Verification and change-impact analysis of access-control policies”. In:27th International Conference on Software Engineering. 2005, pp. 196–205.DOI:10.1109/ICSE.2005.1553562

    work page doi:10.1109/icse.2005.1553562 2005

  5. [5]

    Cue: a framework for generating meaningful feedback in XACML

    Sunil Kumar Ghai et al. “Cue: a framework for generating meaningful feedback in XACML”. In:3rd ACM Workshop on Assurable and Usable Security Configuration. ACM, 2010, pp. 9–16.DOI:10.1145/1866898. 1866901

    work page doi:10.1145/1866898 2010

  6. [6]

    Towards Explainable Access Control [BlueSky Paper]

    Gelareh Hasel Mehri et al. “Towards Explainable Access Control [BlueSky Paper]”. In:2025 ACM Symposium on Access Control Models and Tehnologies. July 2025, pp. 117–126.DOI:10.1145/3734436.3734439

    work page doi:10.1145/3734436.3734439 2025

  7. [7]

    Guide to attribute based access control (ABAC) definition and considerations

    Vincent C Hu et al. “Guide to attribute based access control (ABAC) definition and considerations”. In:NIST Special Publication800.162 (2014)

    work page 2014

  8. [8]

    Know Why Your Access Was Denied: Regulating Feedback for Usable Security

    Apu Kapadia et al. “Know Why Your Access Was Denied: Regulating Feedback for Usable Security”. In:11th ACM Conference on Computer and Communications Security. 2004, pp. 52–61.DOI:10 . 1145 / 1030083 . 1030092

    work page 2004

  9. [9]

    Artificial Intelligence 267, pp

    Tim Miller. “Explanation in artificial intelligence: Insights from the social sciences”. In:Artificial Intelligence 267 (2019), pp. 1–38.DOI:https://doi.org/10.1016/j.artint.2018.07.007

    work page doi:10.1016/j.artint.2018.07.007 2019

  10. [10]

    A systematic review on the integration of explainable artificial intelligence in intrusion detection systems to enhancing transparency and interpretability in cyberse- curity

    Vincent Zibi Mohale and Ibidun Christiana Obagbuwa. “A systematic review on the integration of explainable artificial intelligence in intrusion detection systems to enhancing transparency and interpretability in cyberse- curity”. In:Frontiers in Artificial IntelligenceV olume 8 (2025).DOI:10.3389/frai.2025.1526221

    work page doi:10.3389/frai.2025.1526221 2025

  11. [11]

    PolTree: A Data Structure for Making Efficient Access Decisions in ABAC

    Ronit Nath et al. “PolTree: A Data Structure for Making Efficient Access Decisions in ABAC”. In:ACM Sym- posium on Access Control Models and Technologies. 2019, pp. 25–35.DOI:10.1145/3322431.3325102

    work page doi:10.1145/3322431.3325102 2019

  12. [12]

    Subash Neupane et al.Explainable Intrusion Detection Systems (X-IDS): A Survey of Current Methods, Chal- lenges, and Opportunities. 2022. arXiv:2207 . 06236 [cs.CR].URL:https : / / arxiv . org / abs / 2207 . 06236

    work page 2022

  13. [13]

    Towards Efficient Evaluation of ABAC Policies using High-Dimensional In- dexing Techniques

    Proteet Paul and Shamik Sural. “Towards Efficient Evaluation of ABAC Policies using High-Dimensional In- dexing Techniques”. In:Third IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applicationss. 2021, pp. 243–251.DOI:10.1109/TPSISA52974.2021.00027

    work page doi:10.1109/tpsisa52974.2021.00027 2021

  14. [14]

    Policy-Aware Secure Data Governance in Distributed Information Systems Using Explainable AI Models

    Srinivas Potluri. “Policy-Aware Secure Data Governance in Distributed Information Systems Using Explainable AI Models”. In:International Journal of AI, BigData, Computational and Management Studies6.3 (July 2025), pp. 1–10.DOI:10.63282/3050-9416.IJAIBDCMS-V6I3P101

    work page doi:10.63282/3050-9416.ijaibdcms-v6i3p101 2025

  15. [15]

    Analyzing XACML policies using answer set programming

    Mohsen Rezvani et al. “Analyzing XACML policies using answer set programming”. In:International Journal of Information Security18 (Aug. 2019), pp. 465–479.DOI:10.1007/s10207-018-0421-5

    work page doi:10.1007/s10207-018-0421-5 2019

  16. [16]

    Erik Rissanen.eXtensible Access Control Markup Language (XACML) Version 3.0. Tech. rep. 2013.URL: https://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.html

    work page 2013

  17. [17]

    DEBAC: Dynamic Explainable Behavior-Based Access Control

    Luc ´ıa Cabanillas Rodr´ıguez et al. “DEBAC: Dynamic Explainable Behavior-Based Access Control”. In:2025 Joint European Conference on Networks and Communications & 6G Summit. 2025, pp. 733–738.DOI:10 . 1109/EuCNC/6GSummit63408.2025.11037037

    work page arXiv 2025

  18. [18]

    Access control: principle and practice

    Ravi S. Sandhu and Pierangela Samarati. “Access control: principle and practice”. In:IEEE Communications Magazine32.9 (1994), pp. 40–48.DOI:10.1109/35.312842. 15 EXTree: Towards Supporting Explainability in Attribute-based Access Control

    work page doi:10.1109/35.312842 1994

  19. [19]

    Role-based access control models

    Ravi S. Sandhu et al. “Role-based access control models”. In:IEEE Computer29.2 (1996), pp. 38–47

    work page 1996

  20. [20]

    A comprehensive review of explainable AI in cybersecurity: Decoding the black box

    Anshika Sharma et al. “A comprehensive review of explainable AI in cybersecurity: Decoding the black box”. In:ICT Express11.6 (2025), pp. 1200–1219.DOI:https://doi.org/10.1016/j.icte.2025.10.004

    work page doi:10.1016/j.icte.2025.10.004 2025

  21. [21]

    Nethammer: Inducing rowhammer faults through network requests

    Luca Vigan `o and Daniele Magazzeni. “Explainable Security”. In:IEEE European Symposium on Security and Privacy Workshops. 2020, pp. 293–300.DOI:10.1109/EuroSPW51379.2020.00045

    work page doi:10.1109/eurospw51379.2020.00045 2020

  22. [22]

    Attributed based access control (ABAC) for Web services

    E. Yuan and J. Tong. “Attributed based access control (ABAC) for Web services”. In:IEEE International Con- ference on Web Services. 2005, p. 569.DOI:10.1109/ICWS.2005.25

    work page doi:10.1109/icws.2005.25 2005

  23. [23]

    LLMAC: A Global and Explainable Access Control Framework with Large Language Model

    Sharif Noor Zisad and Ragib Hasan. “LLMAC: A Global and Explainable Access Control Framework with Large Language Model”. In:IEEE 23rd Consumer Communications & Networking Conference. IEEE, Jan. 2026, pp. 1–6.DOI:10.1109/ccnc65079.2026.11366514. A Appendix A.1 Dataset Details This study employs two synthetic datasets for experimentation and one realistic d...

    work page doi:10.1109/ccnc65079.2026.11366514 2026