Logic Program for Authorizations
نویسنده
چکیده
As a security mechanism, authorization is to provide access control to the system resources according to the polices and rules specified by the security strategies. Either by update or in the initial specification, conflicts in authorization is an issue needs to be solved. In this paper, we propose a new approach to solve conflict by using prioritized logic programs and discuss the uniqueness of its answer set. Addressing conflict resolution from logic programming viewpoint and the uniqueness analysis of the answer set provide a novel, efficient approach for authorization conflict resolution. Keywords— authorization, formal specification, conflict resolution, prioritized logic program.
منابع مشابه
A Temporal Access Control Mechanism for Database Systems
This paper presents a discretionary access control model in which authorizations contain temporal intervals of validity. An authorization is automatically revoked when the associated temporal interval expires. The proposed model provides rules for the automatic derivation of new authorizations from those explicitly speci ed. Both positive and negative authorizations are supported. A formal de n...
متن کاملA Logic for Reasoning About Time-Dependent Access Control Policies
Allowing access to resources, including data and hardware, without compromising their security is a fundamental challenge in computer science. Because of the number and complexity of authorization policies in access control systems, it is clear that ad hoc methods for specifying and enforcing policies cannot inspire a high degree of trust. Authorization logics have been proposed as a theoretica...
متن کاملη Logic: An Authorization Logic with Explicit Time
Allowing access to resources, including data and hardware, without compromising their security is a fundamental challenge in computer science. Because of the number and complexity of authorization policies in access control systems, it is clear that ad hoc methods for specifying and enforcing policies cannot inspire a high degree of trust. Authorization logics have been proposed as a theoretica...
متن کاملA Logic Model for Temporal Authorization Delegation with Negation
In this paper, we present a logic based approach to temporal decentralized authorization administration that supports time constrained authorization delegations, both positive and negative authorizations, and implicit authorizations. A set of domain-independent rules are given to capture the features of temporal delegation correctness, temporal conflict resolution and temporal authorization pro...
متن کاملA Proof-Carrying File System with Revocable and Use-Once Certificates
We present the design and implementation of a file system which allows authorizations dependent on revocable and use-once policy certificates. Authorizations require explicit proof objects, combining ideas from previous authorization logics and Girard’s linear logic. Useonce certificates and revocations lists are maintained in a database that is consulted during file access. Experimental result...
متن کامل