A Multimodal view on Access Control and Trust Management: Fibred Security Language
نویسندگان
چکیده
We study access control policies based on the says operator by introducing a logical framework called Fibred Security Language (FSL) which is able to deal with features like joint responsibility between sets of principals and to identify them by means of first-order formulas. FSL is based on a multimodal logic methodology. We first discuss the main contributions from the expressiveness point of view, we give semantics for the language (both for classical and intuitionistic fragment), we then prove that in order to express well-known properties like ‘speaks-for’ or ‘hand-off’, defined in terms of says, we do not need second-order logic (unlike previous approaches) but a decidable fragment of first-order logic suffices. Finally we propose a modeldriven study of the says axiomatization by constraining the Kripke models in order to respect desirable security properties.
منابع مشابه
Information Security Requirements for Implementing Electronic Health Records in Iran
Background and Goal: ICT development in recent years has created excellent developments in human social and economic life. One of the most important opportunities to use information technology is in the medical field, that the result would be electronic health record (EHR).The purpose of this research is to investigate the effects information securi...
متن کاملInformation Security Requirements for Implementing Electronic Health Records in Iran
Background and Goal: ICT development in recent years has created excellent developments in human social and economic life. One of the most important opportunities to use information technology is in the medical field, that the result would be electronic health record (EHR).The purpose of this research is to investigate the effects information securi...
متن کاملTrust Management and Security Access Controls in High Payload System Architecture
Enterprise services are commonly deployed on Internet facing applications and Mobile Apps. There is a need to have an Infrastructure and Application Framework to protect the information flow web layer and mobile apps. Trust management is being recognized in the industry along with Federated Single Sign on to cater the need of data protection at rest and in transits. Web layer need to be very li...
متن کاملEvaluation of Unified Security, Trust and Privacy Framework (UnifiedSTPF) for Federated Identity and Access Management (FIAM) Mode
Federated identity and access management systems such as Shibboleth may symbolize a boost: (i) to bring the efficiency and effectiveness in collaboration for governments, enterprises and academia, and (iii) conserve the home domain user's identity privacy in a privacy-enhanced fashion. However, the consternation is about the absence of a trusted computing based mutual trust and security es...
متن کاملTrust Management and Trust Negotiation in an Extension of SQL
Security policies of large organizations cannot be expressed in the access control policy language defined by the SQL standard and provided by widely used relational database systems, because that language does not support the decentralized policies that are common in large organizations. Trust management frameworks support decentralized policies but generally have not been designed to integrat...
متن کامل