Logic Based Authorization Policy Engineering
نویسنده
چکیده
This paper presents an engineering process for authorization policy development. This process includes formal specification, verification, testing and integration. A general architecture along with supporting toolset is described. In addition, a practical solution based on logic programming is further discussed. Finally, an example demonstrating the application of the methodology is provided.
منابع مشابه
A Logic-Based Authorization Framework and Implementation
In access control, it is a reasonable requirement that authorization mechanism can be implemented intelligently by logic programs. We propose an authorization framework based on logic programs, ranging from design, analysis, and implementation. Our proposed framework is powerful and useful, with RBAC features, flexible authorization, logic-based formalization and integration of policies. It can...
متن کاملMa(dl): a Normative Logic for Authorization in Semantic-aware Environments
Semantic technology provides an abstraction layer above existing computational environments, especially the Web, to give information a well-defined meaning. Moving toward semanticaware environments imposes new security requirements. One of the most important requirement is the authorization and security policy inference based on the existing semantic relationships in the abstract (conceptual) l...
متن کاملA Logical Approach to Access Control, Security, and Trust
Designers, auditors, and certifiers of trustworthy systems must rigorously assess compliance with security policies. Because security is best built into systems at all levels of abstraction, engineers and other practitioners who design, verify, or certify trustworthy systems need the capability to reason rigorously about security policies in general, and access decisions in particular. What is ...
متن کاملDistributed System Security via Logical Frameworks
We describe a project to advance security in distributed systems via the application of logical frameworks. At the heart of the effort lies an authorization logic which plays a triple role: (1) to specify an access-control policy as a logical theory, (2) to enforce the policy by mechanically verifying proofs in the logic, and (3) to reason about the policy by characterizing the space of all pos...
متن کاملExpressing Privacy Policies Using Authorization Views
In this paper, we design a rule-based privacy policy for the RFID Ecosystem, an RFID-based ubiquitous computing system. We start from the physical access control (PAC) rule (Kriplean et al., IEEE Pervasive Computing 2007) that provides a default level of privacy but constrains the possible set of applications. We extend it by using principled ways of defining other access control rules that ret...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2002