EXTree: Towards Supporting Explainability in Attribute-based Access Control
Abstract
With increasing emphasis on transparency in digital governance, users expect more than silence when their access requests are denied by a system. However, authorization methods are notorious for their inability to provide any form of meaningful feedback under such situations. This paper shows a direction towards how the problem of explainability can be mitigated in the context of Attribute-based Access Control (ABAC), arguably the most researched topic in access control in recent years. We introduce EXTree, which represents ABAC policies optimized for both fast evaluation (Efficiency) and human-centric feedback (Explainability) in the form of a tree. Two strategic dimensions are investigated, namely, Feedback Evaluation Strategies - how to craft actionable explanations when access is denied, and Tree Construction Strategies - how the policy trees should be structured for efficient yet interpretable decisions. Through extensive experiments, we compare entropy-based, changeability-based, and randomly generated trees across multiple configurations. Our results demonstrate that EXTree, built for efficiency and interpretability, can bridge the gap between complex authorization logic and human understanding.
Keywords
Cite
@article{arxiv.2604.12850,
title = {EXTree: Towards Supporting Explainability in Attribute-based Access Control},
author = {Shanampudi Pranaya Chowdary and Shamik Sural},
journal= {arXiv preprint arXiv:2604.12850},
year = {2026}
}