A semiring-based framework for the deduction/abduction reasoning in access control with weighted credentials

Bistarelli, Stefano; Martinelli, Fabio; Santini, Francesco

doi:10.1016/j.camwa.2011.12.017

Cited by 6 publications

(14 citation statements)

References 29 publications

(91 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Datalog comes with the purpose to give a uniform semantics to a weighted extension of the [3] language family, called [2], exactly as plain Datalog has been used for with RT [3]. The purpose of this section is to show how to encode the whole RT family to CHR rules, instead of Datalog .…”

Section: Translating Weighted Rt Languages To Chrmentioning

confidence: 99%

“…In [2] the authors propose a weighted variant of the Datalog [11] language, i.e., Datalog [12], which is able to deal with weights on ground facts. Datalog comes with the purpose to give a uniform semantics to a weighted extension of the [3] language family, called [2], exactly as plain Datalog has been used for with RT [3].…”

Section: Translating Weighted Rt Languages To Chrmentioning

confidence: 99%

“…The thread of this paper is the following: in order to practically implement such weighted forms of autonomic reasoning (i.e., deduction and abduction), we represent all the credentials in the RT family [2] with CHR rules and constraints. Constraint Handling Rules (CHR) [7], [8] is essentially a committed-choice language consisting of multiheaded guarded rules that rewrite constraints into simpler ones until they are solved.…”

Section: Introduction and Motivationsmentioning

confidence: 99%

“…Using constraint-based languages to represent and enforce security policies is nowadays customary in computer security [1], [2]. In this paper we focus on a weighted variant of the Role-based Trust-management language family (RT ) [3], [1] (called RT [2]), which exploits c-semiring soft constraints [4] (instead of crisp ones, as in [1]), and therefore it is able to deal with weights associated with credentials.…”

Section: Introduction and Motivationsmentioning

confidence: 99%

“…In this paper we focus on a weighted variant of the Role-based Trust-management language family (RT ) [3], [1] (called RT [2]), which exploits c-semiring soft constraints [4] (instead of crisp ones, as in [1]), and therefore it is able to deal with weights associated with credentials. In this way, to check if the collected credentials grant the access to a given service (for example), we also receive a global feedback-score on satisfying this access process.…”

Section: Introduction and Motivationsmentioning

confidence: 99%

See 4 more Smart Citations

An Improved Role-Based Access to Android Applications with JCHR

Bistarelli

Costantino

Martinelli

et al. 2014

2014 Ninth International Conference on Availability, Reliability and Security

Self Cite

View full text Add to dashboard Cite

In this paper we show how deductive and abductive reasoning in distributed authorisation can be efficiently ported to Android. Such logical-inference processes prove to be important tools due to the intrinsic autonomic-nature of these mobile devices. Both deduction and abduction are represented by using Constraint Handling Rules (CHR), a high-level declarative constraint programming-language, and implemented in JCHR (CHR embedded into Java). To represent credentials we elaborate on RT , a weighted Role-based Trust-management family of languages: CHR programs are developed after such languages. In general, having weights associated with credentials leads to a more informative reasoning; for instance, access can be granted only if the total uncertainty is less than 20%.

show abstract

Section: Translating Weighted Rt Languages To Chrmentioning

confidence: 99%

Section: Translating Weighted Rt Languages To Chrmentioning

confidence: 99%

Section: Introduction and Motivationsmentioning

confidence: 99%

Section: Introduction and Motivationsmentioning

confidence: 99%

Section: Introduction and Motivationsmentioning

confidence: 99%

See 3 more Smart Citations

An Improved Role-Based Access to Android Applications with JCHR

Bistarelli

Costantino

Martinelli

et al. 2014

2014 Ninth International Conference on Availability, Reliability and Security

Self Cite

View full text Add to dashboard Cite

show abstract

Quantitative Evaluation of Enforcement Strategies

Ciancia

Martinelli

Matteucci

et al. 2014

Foundations and Practice of Security

Self Cite

View full text Add to dashboard Cite

In Security, monitors and enforcement mechanisms run in parallel with programs to check, and modify their run-time behaviour, respectively, in order to guarantee the satisfaction of a security policy. For the same policy, several enforcement strategies are possible. We provide a framework for quantitative monitoring and enforcement. Enforcement strategies are analysed according to user-defined parameters. This is done by extending the notion controller processes, that mimics the well-known edit automata, with weights on transitions, valued in a C-semiring. C-semirings permit one to be flexible and general in the quantitative criteria. Furthermore, we provide some examples of orders on controllers that are evaluated under incomparable criteria. * The research leading to these results has received funding from the European Union Seventh Framework Programme (FP7/2007-2013) under grants no 256980 (NESSoS) and no 295354 (SESAMO).

show abstract

Constraint Handling Rules - What Else?

Frühwirth

2015

Rule Technologies: Foundations, Tools, and Applications

View full text Add to dashboard Cite

Abstract. Constraint Handling Rules (CHR) is both an effective concurrent declarative constraint-based programming language and a versatile computational formalism. While conceptually simple, CHR is distinguished by a remarkable combination of desirable features:-a semantic foundation in classical and linear logic, -an effective and efficient sequential and parallel execution model -guaranteed properties like the anytime online algorithm properties -powerful analysis methods for deciding essential program properties. This overview of some CHR-related research and applications is by no means meant to be complete. Essential introductory reading for CHR provide the survey article [125] and the books [56,63]. Up-to-date information on CHR can be found online at the CHR web-page www. constraint-handling-rules.org, including the slides of the keynote talk associated with this article. In addition, the CHR website dtai. cs.kuleuven.be/CHR/ offers everything you want to know about CHR, including online demo versions and free downloads of the language. Executive SummaryConstraint Handling Rules (CHR) [56] tries to bridge the gap between theory and practice, between logical specification and executable program by abstraction through constraints and the concepts of computational logic. CHR has its roots in constraint logic programming and concurrent constraint programming, but also integrates ideas from multiset transformation and rewriting systems as well as automated reasoning and theorem proving. It seamlessly blends multi-headed rewriting and concurrent constraint logic programming into a compact userfriendly rule-based programming language. CHR consists of guarded reactive rules that transform multisets of relations called constraints until no more change occurs. By the notion of constraint, CHR does not need to distinguish between data and operations, and its rules are both descriptive and executable.In CHR, one distinguishes two main kinds of rules: Simplification rules replace constraints by simpler constraints while preserving logical equivalence, e.g., X≤Y∧Y≤X ⇔ X=Y. Propagation rules add new constraints that are logically redundant but may cause further simplification, e.g., X≤Y∧Y≤Z ⇒ X≤Z. Together with X≤X ⇔ true, these rules encode the axioms of a partial order relation. The rules compute its transitive closure and replace inequalities ≤ by equalities = whenever possible. For example, A≤B∧B≤C∧C≤A becomes A=B∧B=C. More program examples can be found in Section 2. Semantics of CHR are discussed in Section 3.

show abstract

A semiring-based framework for the deduction/abduction reasoning in access control with weighted credentials

Cited by 6 publications

References 29 publications

An Improved Role-Based Access to Android Applications with JCHR

An Improved Role-Based Access to Android Applications with JCHR

Quantitative Evaluation of Enforcement Strategies

Constraint Handling Rules - What Else?

Contact Info

Product

Resources

About