Using first-order logic to reason about policies

Proceedings of the Computer Security Foundations Workshop

Volumn 2003-January, Issue , 2003, Pages 187-201

  Halpern, J Y ^a   Weissman, V ^a  

^a Department of Obstetrics Gynecology   (United States)

Author keywords

Automatic logic units; Engines; Government; Logic design; Markup languages; Natural languages; Polynomials; Prototypes; Research initiatives; Software libraries

Indexed keywords

COMPUTATIONAL LINGUISTICS; ENGINES; LOGIC DESIGN; MARKUP LANGUAGES; POLYNOMIALS; SECURITY OF DATA; SECURITY SYSTEMS; SEMANTICS; SOFTWARE PROTOTYPING;

GOVERNMENT; LOGIC UNIT; NATURAL LANGUAGES; PROTOTYPES; RESEARCH INITIATIVES; SOFTWARE LIBRARIES;

FORMAL LOGIC;

EID: 84942243858     PISSN: 10636900     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CSFW.2003.1212713     Document Type: Conference Paper

References (36)

1. M. Abadi, M. Burrows, B. Lampson, and G. D. Plotkin. A calculus for access control in distributed systems. ACM Trans. Prog. Lang. Syst., 15(4):706-734, 1993.
2. E. Bertino, C. Bettini, E. Ferrari, and P. Samarati. An access control model supporting periodicity constraints and temporal reasoning. ACM Transactions on Database Systems, 23(3):231-285, 1998.
3. M. Blaze, J. Feigenbaum, J. Ioannidis, and A. Keromytis. The keynote trust management system. http://www.cis.upenn.edu/~angelos/keynote.html.
4. M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized trust management. In Proceedings 1996 IEEE Symposium on Security and Privacy, pages 164-173, 1996.
5. M. Blaze, J. Feigenbaum, and M. Strauss. Compliance checking in the PolicyMaker trust management system. In Proceedings of Financial Cryptography 1998, pages 254-274, 1998.
6. M. Blaze, J. Ioannidis, and A. Keromytis. Trust management for IPsec. In Proceedings of the Network and Distributed System Security Symposium (NDSS), pages 139-151, 2001.
7. E. Borger, E. Gradel, and Y. Gurevich. The Classical Decision Problem. Springer-Verlag, Berlin Heidelberg, 1nd edition, 1997.
8. C.-L. Chang and R. C.-T. Lee. Symbolic Logic and Mechanical Theorem Proving. Academic Press, Boston, 1973.
9. J. Chomicki, J. Lobo, and S. Naqvi. A logic programming approach to conflict resolution in policy management. In Principles of Knowledge Representation and Reasoning: Proc. Ninth International Conference (KR '00), pages 121-132, 2000.
10. ContentGuard. XrML: The digital rights language for trusted content and services. http://www.xrml.org/, 2001.
11. J. DeTreville. Binder, a logic-based security language. In Proceedings 2002 IEEE Symposium on Security and Privacy, pages 95-103, 2002.
12. C. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, and T. Ylonen. Simple public key certificate. At http://world.std.com/~cme/spki.txt, 1999. Internet RFC 2693.
13. C. Ellison, B. Frantz, B. Lampson, R. Rivest, B. Thomas, and T. Ylonen. SPKI certificate theory. At http://www.ietf.org/html.charters/spki-charter.html, 1999. Internet RFC 2693.
14. H. B. Enderton. A Mathematical Introduction to Logic. Academic Press, New York, 1972.
15. D. Ferraiolo, J. Barkley, and D. Kuhn. A role based access control model and reference implementation within a corporate intranet. ACM Transactions on Information and System Security, 1(2):34-64, 1999.
16. H. Garcia-Molina, J. D. Ullman, and J. Widom. Database Systems: The Complete Book. Prentice Hall, New Jersey, 2002.
17. P. Griffiths and B. Wade. An authorization mechanism for a relational database system. ACM Transactions on Database Systems, 1(3):242-255, 1976.
18. J. Y. Halpern, R. van der Meyden, and F. Schneider. Logical foundations for trust management. manuscript, 1999.
19. J. Y. Halpern and V. Weissman. A practical approach to analyzing policy languages. In preparation., 2003.
20. M. Hitchens and V. Varadharajan. Tower: A language for role based access control. In Proc. International Workshop of Policies for Distributed Systems and Networks, pages 88-106, 2001.
21. R. Iannella. ODRL: The open digital rights language initiative. http://odrl.net/, 2001.
22. Y. Ioannidis and T. Sellis. Supporting inconsistent rules in database systems. Journal of Intelligent Information Systems, 1(3/4):243-270, 1992.
23. S. Jajodia, P. Samarati, M. L. Sapino, and V. Subrahmanian. Flexible support for multiple access control policies. ACM Transactions on Database Systems, 26(2):214-260, 2001.
24. T. Jim. Sd3: A trust management system with certified evaluation. In Proceedings 2001 IEEE Symposium on Security and Privacy, pages 106-115, 2001.
25. N. Li, B. N. Grosof, and J. Feigenbaum. Delegation Logic: A logic-based approach to distributed authorization. ACM Transaction on Information and System Security (TISSEC), Feb. 2003.
26. N. Li and J. C. Mitchell. Datalog with constraints: A foundation for trust management languages. In Proceedings of the Fifth International Symposium on Practical Aspects of Declarative Languages, Jan. 2003.
27. N. Li, J. C. Mitchell, and W. H. Winsborough. Design of a role-based trust-management framework. In Proceedings 2002 IEEE Symposium on Security and Privacy, pages 114-130, 2002.
28. L. McCarty. Permissions and obligations. In Proc. Int. Joint Conf. on Artificial Intelligence, pages 287-294, 1983.
29. J.-J. C. Meyer. A different approach to deontic logic: Deontic logic viewed as a variant of dynamic logic. Notre Dame Journal of Formal Logic, 29(1), 1988.
30. A. Nerode and R. Shore. Logic for Applications. Springer-Verlag, New York, 2nd edition, 1997.
31. P. R. P. C. Kanellakis, G. M. Kuper. Constraint query languages. Journal of Computer and System Sciences, 51(1):26-52, 1995.
32. S. Payette and T. Staples. The Mellon Fedora project: Digital library architecture meets xml and web services. In European Conference on Research and Advanced Technology for Digital Libraries, pages 406-421, 2002. http://www.fedora.info/documents/ecdl2002final.pdf.
33. P. Revesz. Constraint databases: A survey. In Proceedings of the Workshop on Semantics in Databases, pages 209-246, 1998.
34. R. Rivest and B. Lampson. SDSI - a simple distributed security infrastructure. http://theory.lcs.mit.edu/~cis/sdsi.html, 1996.
35. A. Robbins. UNIX in a nutshell: System V Edition. O'Reilly and Associates, Inc., 1999.
36. R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-based access control models. IEEE Computer, 29(2):38-47, 1996.