Abstract | ||
---|---|---|
In large, and often distributed, environments, where access control information may be shared across multiple sites, the combination of individual specifications in order to define a coherent access control policy is of fundamental importance. In order to ensure non-ambiguous behaviour, formal languages, often relying on firstorder logic, have been developed for the description of access control policies. We propose in this paper a formalisation of policy composition by means of term rewriting. We show how, in this setting, we are able to express a wide range of policy combinations and reason about them. Modularity properties of rewrite systems can be used to derive the correctness of the global policy, i.e. that every access request has an answer and this answer is unique |
Year | DOI | Venue |
---|---|---|
2008 | 10.1145/1389449.1389476 | PPDP |
Keywords | Field | DocType |
fundamental importance,access request,access control information,global policy,coherent access control policy,policy combination,access control policy,formal language,firstorder logic,policy composition,security policies,security policy,first order logic,distributed systems,distributed environment,access control | Formal language,Programming language,Computer science,Correctness,Role-based access control,Theoretical computer science,Access control,Rewriting,Security policy,Modularity | Conference |
Citations | PageRank | References |
15 | 0.58 | 28 |
Authors | ||
2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Clara Bertolissi | 1 | 97 | 10.48 |
Maribel Fernández | 2 | 315 | 23.44 |