Abstract
In a multi-user, information-sharing computer systems, authorization policy is needed to ensure that the information flows in the desired way and to prevent illegal access to the system resource. Usually such policy has a temporal property. That is, it needs to be updated to capture the changing requirements of applications, systems and users. These updates are implemented via transformation of authorization policies. In this paper, we propose two high-level formal languages L and L d to specify the transformation of authorizations in secure computer systems. L is a simple language that can be used to specify a sequence of authorization transformations. Though it has a simple syntax and semantics, we show that L is expressive enough to specify some well-known examples of authorization transformations. Language L d is an augmentation of L which includes default propositions within the domain description of authorization policies. However, the semantics of L d is not just a simple extension of the semantics of L. We show that L d is more expressive than L in that constraints, causal and inherited authorizations, and general default authorizations can be specified.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Y. Bai and V. Varadharajan, A logic for state transformations in authorization policies. the Proceedings of the 10th IEEE Computer Security Foundations Workshop, pp 173–182, Massachusetts, June, 1997.
D. F. C. Brewer and M. J. Nash, The Chinese wall security policy. Proceedings of IEEE Symposium on Security and Privacy, pp 215–228, Oakland, May 1989.
T. S-C. Chou, M. Winslett, Immortal: a Model-based Belief Revision System, The 2nd International Conference on Principles of Knowledge Representation and Reasoning, Morgan Kaufman Publishers Inc. pp 99–110, 1991.
M. Gelfond and V. Lifschitz, Classical negation in logic programs and disjunctive databases. New Generation Computing, 9:365–385, 1991.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bai, Y., Varadharajan, V. (1999). On Formal Languages for Sequences of Authorization Transformations. In: Felici, M., Kanoun, K. (eds) Computer Safety, Reliability and Security. SAFECOMP 1999. Lecture Notes in Computer Science, vol 1698. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48249-0_32
Download citation
DOI: https://doi.org/10.1007/3-540-48249-0_32
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-66488-8
Online ISBN: 978-3-540-48249-9
eBook Packages: Springer Book Archive