Skip to main content
SpringerLink
Log in

New Modalities for Access Control Logics: Permission, Control and Ratification

  • Conference paper
Security and Trust Management (STM 2011)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7170))

Included in the following conference series:

Abstract

We present a new modal access control logic, ACL + , to specify, reason about and enforce access control policies. The logic includes new modalities for permission, control, and ratification to overcome some limits of current access control logics. We present a Hilbert-style proof system for ACL +  and a sound and complete Kripke semantics for it. We exploit the Kripke semantics to define Seq-ACL + : a sound, complete and cut-free sequent calculus for ACL + , implying that ACL +  is at least semi-decidable. We point at a Prolog implementation of Seq-ACL +  and discuss possible extensions of ACL +  with axioms for subordination between principals.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abadi, M.: Logic in access control. In: Proceedings of the 18th Annual IEEE Symposium on Logic in Computer Science (LICS), pp. 228–233 (2003)

    Google Scholar 

  2. Abadi, M.: Variations in Access Control Logic. In: van der Meyden, R., van der Torre, L. (eds.) DEON 2008. LNCS (LNAI), vol. 5076, pp. 96–109. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  3. Abadi, M.: Logic in access control (tutorial notes). In: Proceedings of the 9th International School on Foundations of Security Analysis and Design (FOSAD), pp. 145–165 (2009)

    Google Scholar 

  4. Basin, D., D’Agostino, M., Gabbay, D.M., Matthews, S., Viganó, L.: Labelled Deduction. Springer, Heidelberg (2000)

    Book  MATH  Google Scholar 

  5. Bauer, L.: Access Control for the Web via Proof-Carrying Authorization. Ph.D. thesis, Princeton University (2003)

    Google Scholar 

  6. Bauer, L., Garriss, S., McCune, J.M., Reiter, M.K., Rouse, J., Rutenbar, P.: Device-Enabled Authorization in the Grey System. In: Zhou, J., López, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 431–445. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  7. Becker, M.Y., Fournet, C., Gordon, A.D.: SecPAL: Design and semantics of a decentralized authorization language. Journal of Computer Security 18(4), 619–665 (2010)

    Google Scholar 

  8. Boella, G., Gabbay, D.M., Genovese, V., van der Torre, L.: Fibred security language. Studia Logica 92(3), 395–436 (2009)

    Article  MathSciNet  MATH  Google Scholar 

  9. Dinesh, N., Joshi, A.K., Lee, I., Sokolsky, O.: Permission to speak: A logic for access control and conformance. Journal of Logic and Algebraic Programming 80(1), 50–74 (2011)

    Article  MathSciNet  MATH  Google Scholar 

  10. Garg, D.: Principal centric reasoning in constructive authorization logic. In: Informal Proceedings of Intuitionistic Modal Logic and Application (IMLA) (2008), Full version available as Carnegie Mellon Technical Report CMU-CS-09-120

    Google Scholar 

  11. Garg, D., Abadi, M.: A Modal Deconstruction of Access Control Logics. In: Amadio, R.M. (ed.) FOSSACS 2008. LNCS, vol. 4962, pp. 216–230. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  12. Garg, D., Pfenning, F.: Non-interference in constructive authorization logic. In: Proceedings of the 19th IEEE Computer Security Foundations Workshop (CSFW), pp. 283–293 (2006)

    Google Scholar 

  13. Garg, D., Pfenning, F.: A proof-carrying file system. In: Proceedings of the 31st IEEE Symposium on Security and Privacy, Oakland, pp. 349–364 (2010)

    Google Scholar 

  14. Genovese, V., Giordano, L., Gliozzi, V., Pozzato, G.L.: A constructive conditional logic for access control: A preliminary report. In: Proceedings of the 19th European Conference on Artificial Intelligence (ECAI), pp. 1073–1074 (2010)

    Google Scholar 

  15. Genovese, V., Giordano, L., Gliozzi, V., Pozzato, G.L.: Logics for access control: A conditional approach. In: Informal Proceedings of the 1st Workshop on Logic in Security (LIS), pp. 78–92 (2010)

    Google Scholar 

  16. Genovese, V., Giordano, L., Gliozzi, V., Pozzato, G.L.: A Conditional Constructive Logic for Access Control and its Sequent Calculus. In: Brünnler, K., Metcalfe, G. (eds.) TABLEAUX 2011. LNCS, vol. 6793, pp. 164–179. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  17. Gurevich, Y., Neeman, I.: Logic of infons: The propositional case. ACM Transactions on Computational Logic 12(2), 1–28 (2011)

    Article  MathSciNet  Google Scholar 

  18. Lampson, B.W., Abadi, M., Burrows, M., Wobber, E.: Authentication in distributed systems: Theory and practice. ACM Transactions on Computer Systems 10(4), 265–310 (1992)

    Article  Google Scholar 

  19. Negri, S.: Proof analysis in modal logic. Journal of Philosophical Logic 34, 507–544 (2005)

    Article  MathSciNet  MATH  Google Scholar 

  20. Negri, S., von Plato, J.: Proof Analysis. Cambridge University Press (2011)

    Google Scholar 

  21. Schneider, F.B., Walsh, K., Sirer, E.G.: Nexus Authorization Logic (NAL): Design rationale and applications. ACM Transcations on Information and System Security 14(1), 1–28 (2011)

    Article  Google Scholar 

  22. Wobber, E., Abadi, M., Burrows, M.: Authentication in the taos operating system. ACM Transactions on Computer Systems 12(1), 3–32 (1994)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Luxembourg, Luxembourg

    Valerio Genovese

  2. University of Torino, Italy

    Valerio Genovese

  3. Max Planck Institute for Software Systems, Germany

    Deepak Garg

Authors
  1. Valerio Genovese
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Deepak Garg
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Naval Research Laboratory, Code 5543, 20375, Washington, DC, USA

    Catherine Meadows

  2. Department of Computer Science, University of Malaga, 29071, Málaga, Spain

    Carmen Fernandez-Gago

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Genovese, V., Garg, D. (2012). New Modalities for Access Control Logics: Permission, Control and Ratification. In: Meadows, C., Fernandez-Gago, C. (eds) Security and Trust Management. STM 2011. Lecture Notes in Computer Science, vol 7170. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29963-6_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-29963-6_6

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-29962-9

  • Online ISBN: 978-3-642-29963-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation