On the sequence of authorization policy transformations

Yun Bai*, Yan Zhang, Vijay Varadharajan

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

Abstract

In [2, 3], we proposed a model-based approach to specify the transformation of authorizations based on the principle of minimal change [1] and its application in database systems. Nevertheless, there were some limitations in this approach. Firstly, we could not represent a sequence of transformations. Secondly, default authorizations could not be expressed. In this paper, we propose two high-level formal languages, Ls and Lsd, to specify a sequence of authorization transformations and default authorizations. Our work starts with Ls, a simple, but expressive, language to specify certain sequence of authorization transformations. Furthermore, Lsd has more powerful expressiveness than Ls in the sense that constraints, causal and inherited authorizations, and general default authorizations can be specified.

Original languageEnglish
Pages (from-to)120-131
Number of pages12
JournalInternational Journal of Information Security
Volume4
Issue number1-2
DOIs
Publication statusPublished - Feb 2005

Fingerprint

Dive into the research topics of 'On the sequence of authorization policy transformations'. Together they form a unique fingerprint.

Cite this