A Logic for Reasoning About Security

ACM Transactions on Computer Systems (TOCS)

Volumn 10, Issue 3, 1992, Pages 226-264

  Glasgow, Janice ^a   Macewen, Glenn ^a   Panangaden, Prakash ^b  

^a QUEEN S UNIVERSITY   (Canada)

^b MCGILL UNIVERSITY   (Canada)

Author keywords

composition knowledge; integrity; logic; obligation; permission; policy; possible worlds; secrecy; security; time

Indexed keywords

COMPUTER OPERATING SYSTEMS; DATA PROCESSING; DATABASE SYSTEMS; FORMAL LANGUAGES; FORMAL LOGIC; LOGIC PROGRAMMING;

COMPOSITION KNOWLEDGE; OBLIGATION; PERMISSION; POSSIBLE WORDS; SECURITY LOGIC; SPECIFIC INTEGRITY POLICY;

SECURITY OF DATA;

EID: 0026900438     PISSN: 07342071     EISSN: 15577333     Source Type: Journal    
DOI: 10.1145/146937.146940     Document Type: Article

References (46)

1. ASHCROFT, E. A., AND JAGANNATHAN, R. Operator nets. In IFIP TC-10 Conference on Fifth Generation Computer Architectures. North-Holland, Amsterdam, 1985.
2. BEN-ARI, M., MANNA, Z., AND PNUELI, A. The temporal logic of branching time. In 8th Annual ACM Symposium on Principles of Programming Languages, ACM, New York, 1981, 164-176.
3. BURROWS, M., ABADI, M., AND NEEDHAM, R. A logic of authentication. ACM Trans. Comput. Syst. 8, 1 (1990), 18-36.
4. BIBA, K. J. Integrity considerations for secure computer systems. Tech. Rep. TR-3153, MITRE Corp., April 1977.
5. BELL, D. E., AND LAPADULA, L. J. Secure computer systems: Mathematical foundations and model. Tech. Rep., MITRE Corp., Bedford, Mass., 1974.
6. BURROWS, M., NEEDHAM, R., AND ABADI, M. Authentication: A practical study in belief and action. In Proceedings of the 2nd Conference on Theoretical Aspects of Reasoning About Knowledge (Pacific Grove, Calif., 1988). ACM, New York, 1988, 325-342.
7. COMMUNICATIONS SECURITY ESTABLISHMENT, DND. Canadian Trusted Computer Product Evaluation Criteria Workshop (Ottawa, Ont., Aug. 1988).
8. CLARK, D. D., AND WILSON, D. R. A comparison of commercial and military computer security policies. In Proceedings of IEEE Symposium on Security and Privacy (Oakland, Calif., April 1987). IEEE, New York, 1987, 184-194.
9. DENNING, D. E. A lattice model of secure information flow. Commun. ACM 19, 5 (May 1976), 236-243.
10. EMERSON, E. A., AND HALPERN, J. Y. “Sometimes” and “not never” revisited. In 9th Annual ACM Symposium on Principles of Programming Languages. ACM, New York, 1982, 127-139.
11. GASSER, M. Building a Secure Computer System. Van Nostrand, New York, 1988.
12. GOGUEN, J. A., AND MESEGUER, J. Security policies and security models. In IEEE Symposium on Security and Privacy (Oakland, Calif., April 1982). IEEE, New York, 1982, 11-20.
13. GLASGOW, J. I., AND MACEWEN, G. H. The development and proof of a formal specification for a multilevel secure system. ACM Trans. Comput. Syst. 5, 2 (May 1987), 151-184.
14. GLASGOW, J. I., AND MACEWEN, G. H. Reasoning about knowledge in multilevel secure distributed systems. In Proceedings of the IEEE Symposium on Security and Privacy (Oakland, Calif., 1988). IEEE, New York, 1988, 122-128.
15. GLASGOW, J. I., AND MACEWEN, G. H. Obligation as the basis of integrity specification. In Proceedings of the IEEE Symposium on Security and Privacy (Oakland, Calif.,), IEEE, New York, 1982-91.
16. GLASGOW, J. I., AND MACEWEN, G. H. Obligation as the basis of integrity specification. In Proceedings of the Computer Security Foundations Workshop (Franconia, N.H.). MITRE Corp., 1988-91.
17. GLASGOW, J. I., AND MACEWEN, G. H. Obligation as the basis of integrity specification. In Proceedings of the Computer Security Foundations Workshop (Franconia, N. H., June 1989). MITRE Corp., 1989, 64-70.
18. GLASGOW, J. I., AND MACEWEN, G. H. An operator net model for distributed systems. J. Distributed Syst. 3, 4 (Sept. 1989), 196-209.
19. GLASGOW, J. I., AND MACEWEN, G. H. A logic for reasoning about security. In Proceedings of the Computer Security Foundations Workshop (Franconia, N.H., June 1990). IEEE, New York, 1990.
20. GLASGOW, J. I., MACEWEN, G. H., AND PANANGADEN, P. Reasoning about knowledge and permission in secure distributed systems. In Proceedings of the Computer Security Foundations Workshop (Franconia, N.H., 1988). IEEE, New York, 1988, 139-146. Also appears in IEEE Cipher.
21. GLASGOW, J. I., MACEWEN, G. H., AND PANANGADEN, P. Security by permission in databases. In Database Security II: Status and Prospects. Elsevier North-Holland, Amsterdam, 1988, 197-205.
22. GUTTMAN, J. D., AND NADEL, M. E. What needs security? In Proceedings of the Computer Security Foundations Workshop (Franconia, N.H., June 1988), 34-57.
23. HALPERN, J. Reasoning about knowledge. In Annual Reviews of Computer Science, Annual Reviews Inc., 1987, 21-35.
24. HINTAKKA, J. Knowledge and Belief. Cornell University Press, 1962.
25. HALPERN, J. Y., AND MOSES, Y. Knowledge and common knowledge in a distributed environment. In Proceedings of the 3rd ACM Conference on Distributed Computing. 1984, 50-61.
26. JOHNSON, D. M., AND THAYER, F. J. Stating security requirements with tolerable sets. ACM Trans. Comput. Syst. 6, 3 (Aug. 1988), 284-295.
27. JOHNSON, D. M., AND THAYER, F. J. Security and the composition of machines. In Proceedings of the Computer Security Foundations Workshop (Franconia, N.H., June 1988), 72-89.
28. KRIPKE, S. Semantical considerations of modal logic. Acta Philosophica Fennica 16 (1963), 83-94.
29. LAMPORT, L. Sometimes is sometimes not never. In Proceedings of 7th Annual ACM Symposium on Principles of Programming Languages, ACM, New York, 1980, 174-185.
30. LANDWEHR, C. E. Formal models for computer security. ACM Comput. Surv. 13, 3 (Sept. 1981), 247-278.
31. LUNT, T. F. ET AL. The Seaview formal security policy model. Tech. Rep., SRI International, Computer Science Lab., Menlo Park, Calif, Feb. 1989.
32. LUNT, T. F. ET AL. The Seaview security model. IEEE Trans. Softw. Eng. SE-16, 6 (June 1990).
33. MCCULLOUGH, A. D. Specifications for multi-level security and a hook-up property. In Proceedings of IEEE Symposium on Security and Privacy (Oakland, Calif., April 1987), IEEE, New York, 1987, 161-166.
34. MCCULLOUGH, A. D. Covert channels and degrees of insecurity. In Proceedings of the Computer Security Foundations Workshop (Franconia, N.H., June 1988), 1-33.
35. MCCULLOUGH, A. D. Non-interference and the composability of security properties. In Proceedings of IEEE Symposium on Security and Privacy (Oakland, Calif., April 1988), IEEE, New York, 1988, 177-186.
36. MCLEAN, J. Reasoning about security models. In Proceedings of IEEE Symposium on Security and Privacy (Oakland, Calif., April 1987), IEEE, New York, 1987, 123-131.
37. MCLEAN, J. The algebra of security. In Proceedings of IEEE Symposium on Security and Privacy (Oakland, Calif., April 1988), IEEE, New York, 1988, 2-7.
38. MOSER, L. A logic of knowledge and belief for reasoning about computer security. In Proceedings of the Computer Security Foundations Workshop II (Franconia, N.H., 1989), 57-63.
39. MACEWEN, G. H., POON, V. W. W., AND GLASGOW, J. I. A model for multilevel security based on operator nets. In Proceedings of IEEE Symposium on Security and Privacy (Oakland, Calif., April 1987), IEEE, New York, 1987, 150-160.
40. NATIONAL COMPUTER SECURITY CENTER. Workshop on Integrity Policy in Computer Information Systems (Waltham, Mass., Oct. 1987).
41. Proceedings of the National Computer Security Conference Dept. of Defense. 1984-88.
42. PNUELI, A. The temporal logic of concurrent programs. Theor. Comput. Sci. 13 (1981), 45-60.
43. PRIOR, A. Time and Modality. Oxford University Press, 1957.
44. RANGAN, P. V. An axiomatic basis of trust in distributed systems. In Proceedings of the 1988 IEEE Computer Society Symposium on Security and Privacy (Oakland, Calif., 1988), 204-211.
45. RUSHBY, J. M. Design and verification of secure systems. ACM SIGOPS 15, 5 (Dec. 1981), 12-21.
46. SUTHERLAND, A. D. A model of information. In Proceedings of 9th National Computer Security Conference (Gaithersburg, Md., Sept. 1986), Dept. of Defense, 175-183.