On formal languages for sequences of authorization transformations

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contribution

1 Citation (Scopus)

Abstract

In a multi-user, information-sharing computer systems, authorization policy is needed to ensure that the information flows in the desired way and to prevent illegal access to the system resource. Usually such policy has a temporal property. That is, it needs to be updated to capture the changing requirements of applications, systems and users. These updates are implemented via transformation of authorization policies. In this paper, we propose two high-level formal languages L and L d to specify the transformation of authorizations in secure computer systems. L is a simple language that can be used to specify a sequence of authorization transformations. Though it has a simple syntax and semantics, we show that L is expressive enough to specify some well-known examples of authorization transformations. Language L d is an augmentation ofL which includes default propositions within the domain description of authorization policies. However, the semantics of L d is not just a simple extension of the semantics of L. We show that L d is more expressive than L in that constraints, causal and inherited authorizations, and general default authorizations can be specified.

Original languageEnglish
Title of host publicationComputer Safety, Reliability and Security
Subtitle of host publication18th International Conference, SAFECOMP’99 Toulouse, France, September 27–29, 1999 Proceedings
EditorsMassimo Felici, Karama Kanoun
Place of PublicationPiscataway, N.J.
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Pages375-384
Number of pages10
ISBN (Electronic)9783540482499
ISBN (Print)3540664882, 9783540664888
DOIs
Publication statusPublished - Sep 1999
Externally publishedYes
Event18th International Conference on Computer Safety, Reliability and Security, SAFECOMP - 1999 - Toulouse, France
Duration: 27 Sep 199929 Sep 1999

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume1698
ISSN (Print)03029743
ISSN (Electronic)16113349

Other

Other18th International Conference on Computer Safety, Reliability and Security, SAFECOMP - 1999
CountryFrance
CityToulouse
Period27/09/9929/09/99

Keywords

  • Authorization policies
  • Default logic
  • Formal language
  • Policy transformation

Fingerprint Dive into the research topics of 'On formal languages for sequences of authorization transformations'. Together they form a unique fingerprint.

Cite this