Algebra and logic for access control

Formal Aspects of Computing

Volumn 22, Issue 2, 2010, Pages 83-104

  Collinson, Matthew ^a   Pym, David ^a  

^a HEWLETT PACKARD LABORATORIES   (United Kingdom)

Author keywords

Access control; Logic; Process calculus; Resource; Role; Systems modelling

Indexed keywords

ACCESS CONTROL LOGIC; COMPUTER SECURITY; CONCURRENT COMPOSITION; LOGICAL CHARACTERIZATION; LOGICAL REASONING; MATHEMATICAL FRAMEWORKS; MODAL LOGIC; SYSTEM RESOURCES; SYSTEMS MODELLING;

ACCESS CONTROL; CALCULATIONS; COMPUTER CONTROL SYSTEMS; MATHEMATICAL OPERATORS; SECURITY SYSTEMS;

PROCESS CONTROL;

EID: 77954088877     PISSN: 09345043     EISSN: 1433299X     Source Type: Journal    
DOI: 10.1007/s00165-009-0107-x     Document Type: Article

References (41)

1. [Aba03] Abadi M (2003) Logic in access control. In: Proceedings of LICS'03, pp 228-233
2. [ABL93] Abadi M, Burrows M, Lampson B, Plotkin G (1993) A calculus for access control in distributed systems. ACM Trans Progrogram Lang Syst 4(15):706-734
3. [AG97] Abadi M, Gordon A (1997) A calculus for cryptographic protocols: the spi calculus. In: Proceedings conference Computer and Communications Security. ACM Press, London, pp 36-47
4. [BBC08] Baldwin A, Beres Y, Casassa Mont M, Griffin J, Shiu S (2008) Identity analytics: using modeling and simulation to improve data security decision making. Technical Report HPL-2008-2188, HP Labs, 2008. http://www.hpl.hp.com/techreports/2008/ HPL-2008-188.html
5. [BCG08] Beautement A, Coles R, Griffin J, Ioannidis C, Monahan B, Pym D, Sasse MA, Wonham M (2008) Modelling the human and technological costs and benefits of USB memory stick security. In: Johnson ME, (ed)Managing information risk and the economics of security. Springer, Heidelberg
6. [BGS08] Beres Y, Griffin J, Shiu S, Heitman M, Markle D, Ventura P (2008) Analysing the performance of security solutions to reduce vulnerability exposure window. In: Proceedings of 2008 annual computer security applications conference (ACSAC). IEEE
7. [Bir79] Birtwistle G (1979) Demos-discrete event modelling on Simula. Macmillan, New York
8. [BN07] Becker MY, Nanz S (2007) A logic for state-modifying authorization policies. In: 12th European symposium on research in computer security (ESORICS), Lecture Notes in Computer Science, vol 4734
9. [CFS96] Coyne EJ, Feinstein HL, Sandhu R, Youman CE (1996) Role-based access control models. IEEE Comput 29(2):38-47
10. [CMP08a] Collinson M, Monahan B, Pym D (2008a) Located Demos2k-towards a tool for modelling processes and distributed resources. Technical Report HPL-2008-2076, HP Labs, 2008. http://library.hp.com/techpubs/2008/HPL-2008-76. html
11. [CMP08b] Collinson M, Monahan B, Pym D (2008b) A logical and computational theory of located resource. Technical Report HPL-2008-74R1, HP Labs, 2008 (Submitted). http://library.hp.com/techpubs/2008/HPL-2008-74R1.html
12. [CMP08c] CollinsonM,Monahan B, Pym D (2008c) An update to located Demos2k. Technical Report HPL-2008-2205, HP Labs, 2008. http://library.hp.com/ techpubs/2008/HPL-2008-205.html
13. [CP09] Collinson M, Pym D (2009) Algebra and logic for resource-based systems modelling. Technical Report HPL-2009-2021, HP Labs, 2009 (Submitted). http://library.hp.com/techpubs/2009/HPL-2009-10.html.
14. [CPT07] CollinsonM, PymD, ToftsC(2007) Errata for formal aspects of computing (2006) 18:495-517 and their consequences. Formal Aspects Comput 19(4):551-554
15. [Dem] Demos2k. http://www.demos2k.org
16. [DeT02] DeTreville J (2002) Binder, a logic-based security language. In: Proceedings of 2002 IEEE symposium on security and privacy, pp 105-113
17. [GRS04] Guelev DP, Ryan MD, Schobbens P-Y (2004) Model-checking access control policies. In: Seventh information security conference (ISC'04), Lecture Notes in Computer Science, vol 3225. Springer, Heidelberg
18. [HM85] Hennessy M, Milner R (1985) Algebraic laws for nondeterminism and concurrency. J ACM 32(1):137-161
19. [Hoa85] Hoare CAR (1985) Communicating sequential processes. Prentice-Hall, Englewood Cliffs
20. [IO01] Ishtiaq S, O'Hearn PW(2001) BI as an assertion language for mutable data structures. In: Proceedings of POPL 2001. ACM, London, pp 14-26
21. [KYM06] Kamoda H, Yamaoka M, Matsuda S, Broda K, SlomanM(2006) Access control policy analysis using free variable tableaux. Information Processing Society of Japan (IPSJ) Digital Courier, vol 2
22. [LAB92] Lampson B, Abadi M, BurrowsM,Wobber E (1992) Authentication in distributed systems: theory and practice. ACM Trans Comput Syst 4(10):265-310
23. [Lam71] Lampson BW (1971) Protection. In: Proceedings of fifth Princeton symposium information sciences and systems, pp 437-443
24. [LW08] Li N, Wang Q (2008) Beyond separation of duty: An algebra for specifying high-level security policies. J ACM 55(3)
25. [Mil80] Milner R (1980) A calculus of communicating systems, Lecture Notes in Computer Science, vol 92. Springer, Heidelberg
26. [Mil83] Milner R (1983) Calculi for synchrony and asynchrony. Theor Comput Sci 25:267-310
27. [Mil89] Milner R (1989) Communication and concurrency. Prentice-Hall, Englewood Cliffs
28. [OHe07] O'Hearn PW (2007) Resources, concurrency and local reasoning. Theor Comput Sci 375(1-3):271-307
29. [OP99] O'Hearn P, Pym D (1999) The logic of bunched implications. Bull Symb Logic 5(2):215-244
30. [Plo04] Plotkin GD (2004) Structural operational semantics. J Logic Algebraic Program 60:17-139 (Original manuscript 1981)
31. [POY04] Pym D, O'Hearn P, Yang H (2004) Possible worlds and resources: the semantics of BI. Theor Comput Sci 315(1):257-305
32. [PT06] Pym D, Tofts C (2006) A calculus and logic of resources and processes. Formal Aspects Comput 18(4):495-517. Errata in [CPT07]
33. [PT07] PymD, Tofts C (2007) Systems modelling via resources and processes: philosphy, calculus, semantics, and logic. In: Cardelli L, FioreM,Winskel G (eds) Computation, meaning and logic: articles dedicated to Gordon Plotkin, Electronic Notes in Theoretical Computer Science, vol 107. Elsevier, Amsterdam, pp 545-587. Errata in [CPT07]
34. [Pym99] Pym D (1999) On bunched predicate logic. In: Proceedings of LICS'99, pp 183-192. IEEE, New York
35. [Pym02] Pym DJ (2002) The semantics and proof theory of the logic of bunched implications, Applied Logic Series, vol 26. Kluwer, Dordrecht. Errata at: http://www.cs.bath.ac.uk/~pym/BI-monograph-errata.pdf
36. [Rey02] Reynolds JC (2002) Separation logic: a logic for sharedmutable data structures. In: Proceedings of LICS'02. IEEE, NewYork, pp 55-74
37. [RSG01] Ryan P, Schneider S, Goldsmith M, Lowe G, Roscoe B (2001) The modelling and analysis of security protocols. Addison-Wesley, Reading
38. [Sch96] Schneider S (1996) Security properties and CSP. In: IEEE symposium on security and privacy, pp 174-187
39. [SMR06] Scedrov A, Mitchell JC, Ramanathan A, Teague V (2006) A probabilistic polynomial-time process calculus for the analysis of cryptographic protocols. Theor Comput Scie 353:118-164
40. [SS75] Saltzer JH, Shroeder MD (1975) The protection of information in computer systems. Proc IEEE 63(9):1278-1308
41. [Sti01] Stirling C (2001) Modal and temporal properties of processes. Springer, Heidelberg