First-Order Logic for Flow-Limited Authorization

@article{Hirsch2020FirstOrderLF,
  title={First-Order Logic for Flow-Limited Authorization},
  author={Andrew K. Hirsch and P. Amorim and Ethan Cecchetti and R. Tate and Owen Arden},
  journal={2020 IEEE 33rd Computer Security Foundations Symposium (CSF)},
  year={2020},
  pages={123-138}
}
We present the Flow-Limited Authorization First-Order Logic (FLAFOL), a logic for reasoning about authorization decisions in the presence of information-flow policies. We formalize the FLAFOL proof system, characterize its proof-theoretic properties, and develop its security guarantees. In particular, FLAFOL is the first logic to provide a non-interference guarantee while supporting all connectives of first-order logic. Furthermore, this guarantee is the first to combine the notions of non… Expand

References

SHOWING 1-10 OF 51 REFERENCES
Non-interference in constructive authorization logic
A Calculus for Flow-Limited Authorization
  • Owen Arden, A. Myers
  • Computer Science
  • 2016 IEEE 29th Computer Security Foundations Symposium (CSF)
  • 2016
Information Flow in Credential Systems
  • Moritz Y. Becker
  • Computer Science
  • 2010 23rd IEEE Computer Security Foundations Symposium
  • 2010
Nexus authorization logic (NAL): Design rationale and applications
Flow-Limited Authorization
Encoding information flow in Aura
End-to-end availability policies and noninterference
SecPAL: Design and semantics of a decentralized authorization language
DKAL: Distributed-Knowledge Authorization Language
Information flow in trust management systems
...
1
2
3
4
5
...