Nexus Authorization Logic (NAL): Logical Results
نویسندگان
چکیده
Nexus Authorization Logic (NAL) [Schneider et al. 2011] is a logic for reasoning about authorization in distributed systems. A revised version of NAL is given here, including revised syntax, a revised proof theory using localized hypotheses, and a new Kripke semantics. The proof theory is proved sound with respect to the semantics, and that proof is formalized in Coq.
منابع مشابه
Distributed System Security via Logical Frameworks
We describe a project to advance security in distributed systems via the application of logical frameworks. At the heart of the effort lies an authorization logic which plays a triple role: (1) to specify an access-control policy as a logical theory, (2) to enforce the policy by mechanically verifying proofs in the logic, and (3) to reason about the policy by characterizing the space of all pos...
متن کاملReasoning about the Consequences of Authorization Policies in a Linear Epistemic Logic
Authorization policies are not stand-alone objects: they are used to selectively permit actions that change the state of a system. Thus, it is desirable to have a framework for reasoning about the semantic consequences of policies. To this end, we extend a rewriting interpretation of linear logic with connectives for modeling affirmation, knowledge, and possession. To cleanly confine semantic e...
متن کاملA Logical Framework for Reasoning on Data Access Control Policies
In this paper we propose a logic formalism that naturally supports the encoding of complex security specifications. This formalism relies on a hierarchically structured domain made of subjects, objects and privileges. Authorizations are expressed by logic rules. The formalism supports both negation by failure (possibly unstratified) and true negation. The latter is used to express negative auth...
متن کاملModeling Trust Management System for Grids1
Grid computing has been widely accepted as a promising paradigm for large-scale resources sharing in recent years. However, the general authorization mechanism, called trust management system, for grids is not wellunderstood. The purpose of this paper is to provide a logic-based formal approach to modeling authorization mechanisms of grids. We develop a logicbased language, called Trust Logic, ...
متن کاملA Linear Logic of Authorization and Knowledge
We propose a logic for specifying security policies at a very high level of abstraction. The logic accommodates the subjective nature of affirmations for authorization and knowledge without compromising the objective nature of logical inference. In order to accurately model consumable authorizations and resources, we construct our logic as a modal enrichment of linear logic. We show that the lo...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- CoRR
دوره abs/1211.3700 شماره
صفحات -
تاریخ انتشار 2012