A Propositional Logic for Access Control Policy in Distributed Systems

Kurkowski, Mirosław; Pejaś, Jerzy

doi:10.1007/978-1-4419-9226-0_18

Cited by 3 publications

(6 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the paper we show that proposal of logic language for certificate -based access control, specified in the work of Kurkowski, et al [KUP02] , can be rather simply implemented in the high-level policy languages . Two approaches can be applied : either implementing the language from the beginning or using some existing language .…”

Section: Discussionmentioning

confidence: 95%

“…The implementation of a logic-based policy access control description language, considered in the work of Kurkowski, et al [KUP02], needs the minor modifications of Ponder language. In particular, these modifications concern the syntax of an authorization policy (see Figure 2).…”

Section: Inst ( Auth+mentioning

confidence: 99%

“…The names of credentials and use-condition certificates (see Definition I and 2) correspond also with names of classes and their parametric constructors. Definitions I and 2 omit the description of destructors; their syntax and semantic can be found in the work of Kurkowski, et al [KUP02].…”

Section: Certificate-based Access Controlmentioning

confidence: 99%

“…This paper outlines that such mapping can be done. Furthermore, we show that logic-based access control rules presented by Kurkowski [KUP02] can be expressed in a high level formulation of Ponder language (Damianou, et al (DDLOO], Damianou [DNC02]) and easily interchangeable, and both human and machine-readable.…”

Section: Introductionmentioning

confidence: 99%

“…Some proposal of such logic-based language is presented in the work of Kurkowski, et at. (KUP02]. This language can be used mainly to analyzing the policy specification, but can be also directly mapped to an implementation.…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

Artificial Intelligence and Security in Computing Systems

Sołdek¹,

Drobiazgiewicz²

2003

View full text Add to dashboard Cite

Section: Discussionmentioning

confidence: 95%

Section: Inst ( Auth+mentioning

confidence: 99%

Section: Certificate-based Access Controlmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Artificial Intelligence and Security in Computing Systems

Sołdek¹,

Drobiazgiewicz²

2003

View full text Add to dashboard Cite

Trust Enhanced Authorization for Mobile Agents

Ruan

Varadharajan

2009

E-Commerce and Web Technologies

View full text Add to dashboard Cite

Logical Language of Certificate-Based Access Control in Security Models

Kucherov

Bogulskaya

2017

Proceedings of the 2017 International Conference on Cryptography, Security and Privacy

View full text Add to dashboard Cite

Over the last decades, we have seen several policy models, including role-based access control and more recently, certificatebase control. These models are based on the important notion "flow relation". In this work, we present a logical language of certificate-based access control. Our model presents the formal method of reasoning for discretionary access and defines logic to express a discretionary policy. We introduce, instead, material implication widely used in mathematics, and we show in a case study its ease in every sense. We find it allows the policy specifications to be interpreted more conveniently by practitioners and implemented in a simple way. Our evaluation shows that policies defined with material implication can be used for creation of the specification of a trust relationships policy and for checking safety of any computer system. CCS Concepts• Security and privacy~Access control• Security and privacy~Information flow control • Security and privacy~Software security engineering. XML code: 10002978.10002991.10002993 Security and privacy~Access control 500 10002978.10003006.10011608 Security and privacy~Information flow control 300 10002978.10003022.10003023 Security and privacy~Software security engineering 100 Keywords access control policy languages; access control model; authorization; logic functions; information flow model INTRODUCTIONMonitoring of access is understood as methods or mechanisms which define whether the request for access to any resource shall be resolved or forbidden. It is known that each distributed access control system should contain an information protection subsystem, which must be based on precisely defined mathematical models for controlling access to this information. In our article we propose the flow-based logic model for interpreting the basic events and properties of the distributed access control systems. Our goal is to develop the logic and the formal language that can be used for making a security policy specification and for checking any computer system security. We can prove some important properties of this logic and show on a case study how our logical language can express some access control policies proposed so far. This can be achieved with introducing certificates. The certificate-based access control is aimed at specifying security policies for access to resources from untrusted sources, e.g. via the Internet. Recently, the work on logic-based access models and certificatebased authorization has been intensified. Formal reasoning techniques on security models and access policy specifications have been presented, e.g. [1 5]. These models are usually based on the modal lo...

show abstract

A Propositional Logic for Access Control Policy in Distributed Systems

Cited by 3 publications

References 4 publications

Artificial Intelligence and Security in Computing Systems

Artificial Intelligence and Security in Computing Systems

Trust Enhanced Authorization for Mobile Agents

Logical Language of Certificate-Based Access Control in Security Models

Contact Info

Product

Resources

About