In this paper, we propose a logic based approach to specify and to reason about transformation of authorization policies. The authorization policy is specified using a policy base which comprises a finite set of facts and access constraints. We define the structure of the policy transformation and employ a model-based semantics to perform the transformation under the principle of minimal change. Furthermore, we extend model-based semantics by introducing preference ordering to resolve possible conflicts during transformation of policies. We also discuss the implementation of the model-based transformation approach and analyse the complexity of the algorithms introduced. Our system is able to represent both implicit and incomplete authorizat...
Reasoning about authorization policies has been a prominent issue in information security research. ...
In this paper, we propose a logic program based formulation that supports delegatable authorizations...
Abstract. Many languages and algebras have been proposed in recent years for the specification of au...
Most of today's information systems are quite complex and often involve multi-user resource-sharing....
Abstract In [2,3], we proposed a model-based approach to specify the transformation of authorization...
In [2, 3], we proposed a model-based approach to specify the transformation of authorizations based ...
A major drawback of existing access control systems is that they have all been developed with a spec...
Despite considerable advancements in the area of access control and authorization languages, current...
Despite considerable advancements in the area of access control and authorization languages, current...
An authorization policy states the conditions under which an action is permitted or forbidden. In th...
In most systems, authorization is specified using some low-level system-specific mechanisms, e.g. pr...
Abstract. Many frameworks for defining authorization policies fail to make a clear distinction betwe...
Constraint systems provide techniques for automatically analyzing the conformance of low-level acces...
International audienceFormal methods for the specification and analysis of security policies have dr...
Authorization policies provide access control to the system resource. This paper proposes a formal m...
Reasoning about authorization policies has been a prominent issue in information security research. ...
In this paper, we propose a logic program based formulation that supports delegatable authorizations...
Abstract. Many languages and algebras have been proposed in recent years for the specification of au...
Most of today's information systems are quite complex and often involve multi-user resource-sharing....
Abstract In [2,3], we proposed a model-based approach to specify the transformation of authorization...
In [2, 3], we proposed a model-based approach to specify the transformation of authorizations based ...
A major drawback of existing access control systems is that they have all been developed with a spec...
Despite considerable advancements in the area of access control and authorization languages, current...
Despite considerable advancements in the area of access control and authorization languages, current...
An authorization policy states the conditions under which an action is permitted or forbidden. In th...
In most systems, authorization is specified using some low-level system-specific mechanisms, e.g. pr...
Abstract. Many frameworks for defining authorization policies fail to make a clear distinction betwe...
Constraint systems provide techniques for automatically analyzing the conformance of low-level acces...
International audienceFormal methods for the specification and analysis of security policies have dr...
Authorization policies provide access control to the system resource. This paper proposes a formal m...
Reasoning about authorization policies has been a prominent issue in information security research. ...
In this paper, we propose a logic program based formulation that supports delegatable authorizations...
Abstract. Many languages and algebras have been proposed in recent years for the specification of au...