Access control via belnap logic: Intuitive, expressive, and analyzable policy composition

@article{Bruns2011AccessCV,
  title={Access control via belnap logic: Intuitive, expressive, and analyzable policy composition},
  author={Glenn Bruns and Michael Huth},
  journal={ACM Trans. Inf. Syst. Secur.},
  year={2011},
  volume={14},
  pages={9:1-9:27}
}
  • G. Bruns, M. Huth
  • Published 1 May 2011
  • Computer Science
  • ACM Trans. Inf. Syst. Secur.
Access control to IT systems increasingly relies on the ability to compose policies. Hence there is benefit in any framework for policy composition that is intuitive, formal (and so “analyzable” and “implementable”), expressive, independent of specific application domains, and yet able to be extended to create domain-specific instances. Here we develop such a framework based on Belnap logic. An access-control policy is interpreted as a four-valued predicate that maps access requests to either… 
View on ACM
doc.ic.ac.uk
53 Citations
Highly Influential Citations
6
Background Citations
28
Methods Citations
11

Figures from this paper

53 Citations

Sophisticated Access Control via SMT and Logical Frameworks
TLDR
By leveraging the programmability of the underlying logical framework, the system provides exceptionally flexible ways of resolving conflicts and composing policies, and shows that the system subsumes FIA (Fine-grained Integration Algebra), an algebra recently developed for the purpose of integrating complex policies.
Relationship-based access control: its expression and enforcement through hybrid logic
TLDR
This work identifies a fragment of hybrid logic to be used for expressing relationship-based access-control policies, shows that this fragment supports important policy idioms, and demonstrates that it removes an exponential penalty in existing attempts of specifying complex relationships such as "at least three friends".
Towards Greater Expressiveness, Flexibility, and Uniformity in Access Control
TLDR
This work proposes to recasting the high-level structure of ABAC models in a logical formalism that treats all actions uniformly and that keeps existing policy languages in place by interpreting their attributes in terms of the restructured model.
Extending Multivalued Dependencies for Refactoring Access Control Policies
TLDR
This paper focuses on policy refactoring, i.e., the task of finding the least permissive rewriting of a collection of policies such that the global composed policy remains identical, and argues that normalization theory can help to solve the refactored problem.
Policy-Based Access Control from Numerical Evidence 1
TLDR
This work proposes a framework for policy languages, based on semi-rings, that aggregate quantitative evidence to support decision-making in access control systems and discusses a number of applications, including vacuity, redundancy, change-impact and safety analysis.
An Expressive, Flexible and Uniform Logical Formalism for Attribute-based Access Control
TLDR
This paper recasts the high-level structure of ABAC models in a logical formalism that treats all types of actions uniformly, and provides improved flexibility in supporting a variety of different requirements depending on the domain.
Towards A Generic Formal Framework for Access Control Systems
TLDR
This paper develops a formal characterization of the features of an access control model that imposes few restrictions, and considers the properties of monotonicity and completeness, the first being particularly important for attribute-based access control systems.
Monotonicity and Completeness in Attribute-Based Access Control
TLDR
This paper develops a formal characterization of the features of an access control model that imposes few restrictions, and considers the properties of monotonicity and completeness, the first being particularly important for attribute-based access control systems.
Relationships, Paths and Principal Matching: A New Approach to Access Control
TLDR
The relationships, paths and principal matching model described here is a formal access control model using relationships and a two-stage request evaluation process that allows for more powerful policies to be defined than those based solely on the commonly used concept of role membership.
Refactoring multi-layered access control policies through (De)composition
  • M. Casalino, R. Thion
  • Computer Science
    Proceedings of the 9th International Conference on Network and Service Management (CNSM 2013)
  • 2013
TLDR
This paper proposes a flexible access control framework able to provide a comprehensive view of the global access control policy implemented in a given system and lays down the theoretical foundations of this framework that allows to describe authorization policies from different architecture layers.
...
...

References

SHOWING 1-10 OF 72 REFERENCES
Access-Control Policies via Belnap Logic: Effective and Efficient Composition and Analysis
  • G. Bruns, M. Huth
  • Computer Science
    2008 21st IEEE Computer Security Foundations Symposium
  • 2008
TLDR
This work defines a query language in which policy analysis questions can be phrased, and establishes expressiveness results showing that all data independent policies can be expressed in the policy language.
A simple and expressive semantic framework for policy composition in access control
TLDR
This work defines an access controlpolicy as a four-valued predicate that maps accesses to either grant, deny, conflict, or unspecified, and proposes a basic query language that can reduce important analyses to checks of policy refinement.
An algebra for composing access control policies
TLDR
An algebra of security policies together with its formal semantics is proposed and how to formulate complex policies in the algebra is illustrated, which provides the basis for the implementation of the algebra.
Access control policy combining: theory meets practice
TLDR
A policy combining language PCL, which can succinctly and precisely express a variety of PCAs, which is based on automata theory and linear constraints, and is more expressive than existing approaches.
Using first-order logic to reason about policies
TLDR
It is shown that a fragment of (multi-sorted) first-order logic can be used to represent and reason about policies, and that further restricting the fragment results in a language that is still quite expressive yet is also tractable.
Delegation logic: A logic-based approach to distributed authorization
TLDR
D1LP provides a concept of proof-of-compliance that is founded on well-understood principles of logic programming and knowledge representation, and provides a logical framework for studying delegation.
Flexible support for multiple access control policies
TLDR
A unified framework that can enforce multiple access control policies within a single system and be enforced by the same security server is presented, based on a language through which users can specify security policies to be enforced on specific accesses.
Defeasible security policy composition for web services
TLDR
The concept of defeasibles policy composition is explored, wherein policies are represented in defeasible logic and composition is based on rules for non-monotonic inference, which enables policy writers to assert rules tentatively and provides a practical system that is efficiently automated by computers.
An algebra for fine-grained integration of XACML policies
TLDR
An algebra for fine-grained integration of sophisticated policies of collaborating parties, which consists of three binary and two unary operations, is able to support the specification of a large variety of integration constraints.
D-algebra for composing access control policy decisions
TLDR
This paper proposes a D-algebra to compose decisions from multiple access control policies, namely the analysis of policy languages decision mechanisms, and the development of tools for policy authoring and enforcement.
...
...