Formal Aspects of Computing

, Volume 22, Issue 2, pp 83–104 | Cite as

Algebra and logic for access control

Original Article

Abstract

The access control problem in computer security is fundamentally concerned with the ability of system entities to see, make use of, or alter various system resources. We provide a mathematical framework for modelling and reasoning about (distributed) systems with access control. This is based on a calculus of resources and processes together with a Hennessy–Milner-style modal logic, based on the connectives of bunched logic, for which an appropriate correspondence theorem obtains. As a consequence we get a consistent account of both operational behaviour and logical reasoning for systems with access control features. In particular, we are able to introduce a process combinator that describes, as a form of concurrent composition, the action of one agent in the role of another, and provide a logical characterization of this operator via a modality ‘says’. We give a range of examples, including analyses of co-signing, roles, and chains of trust, which illustrates the utility of our mathematical framework.

Keywords

Access control Role Systems modelling Process calculus Resource Logic 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Aba03.
    Abadi M (2003) Logic in access control. In: Proceedings of LICS’03, pp 228–233Google Scholar
  2. ABL93.
    Abadi M, Burrows M, Lampson B, Plotkin G (1993) A calculus for access control in distributed systems. ACM Trans Progrogram Lang Syst 4(15): 706–734CrossRefGoogle Scholar
  3. AG97.
    Abadi M, Gordon A (1997) A calculus for cryptographic protocols: the spi calculus. In: Proceedings conference Computer and Communications Security. ACM Press, London, pp 36–47Google Scholar
  4. BBC08.
    Baldwin A, Beres Y, Casassa Mont M, Griffin J, Shiu S (2008) Identity analytics: using modeling and simulation to improve data security decision making. Technical Report HPL-2008-188, HP Labs, 2008. http://www.hpl.hp.com/techreports/2008/HPL-2008-188.html
  5. BCG08.
    Beautement A, Coles R, Griffin J, Ioannidis C, Monahan B, Pym D, Sasse MA, Wonham M (2008) Modelling the human and technological costs and benefits of USB memory stick security. In: Johnson ME (eds) Managing information risk and the economics of security. Springer, HeidelbergGoogle Scholar
  6. BGS08.
    Beres Y, Griffin J, Shiu S, Heitman M, Markle D, Ventura P (2008) Analysing the performance of security solutions to reduce vulnerability exposure window. In: Proceedings of 2008 annual computer security applications conference (ACSAC). IEEEGoogle Scholar
  7. Bir79.
    Birtwistle G (1979) Demos—discrete event modelling on Simula. Macmillan, New YorkGoogle Scholar
  8. BN07.
    Becker MY, Nanz S (2007) A logic for state-modifying authorization policies. In: 12th European symposium on research in computer security (ESORICS), Lecture Notes in Computer Science, vol 4734Google Scholar
  9. CFS96.
    Coyne EJ, Feinstein HL, Sandhu R, Youman CE (1996) Role-based access control models. IEEE Comput 29(2): 38–47Google Scholar
  10. CMP08a.
    Collinson M, Monahan B, Pym D (2008a) Located Demos2k—towards a tool for modelling processes and distributed resources. Technical Report HPL-2008-76, HP Labs, 2008. http://library.hp.com/techpubs/2008/HPL-2008-76.html
  11. CMP08b.
    Collinson M, Monahan B, Pym D (2008b) A logical and computational theory of located resource. Technical Report HPL-2008-74R1, HP Labs, 2008 (Submitted). http://library.hp.com/techpubs/2008/HPL-2008-74R1.html
  12. CMP08c.
    Collinson M, Monahan B, Pym D (2008c) An update to located Demos2k. Technical Report HPL-2008-205, HP Labs, 2008. http://library.hp.com/techpubs/2008/HPL-2008-205.html
  13. CP09.
    Collinson M, Pym D (2009) Algebra and logic for resource-based systems modelling. Technical Report HPL-2009-21, HP Labs, 2009 (Submitted). http://library.hp.com/techpubs/2009/HPL-2009-10.html.
  14. CPT07.
    Collinson M, Pym D, Tofts C (2007) Errata for formal aspects of computing (2006) 18:495–517 and their consequences. Formal Aspects Comput 19(4):551–554Google Scholar
  15. Dem.
  16. DeT02.
    DeTreville J (2002) Binder, a logic-based security language. In: Proceedings of 2002 IEEE symposium on security and privacy, pp 105–113Google Scholar
  17. GRS04.
    Guelev DP, Ryan MD, Schobbens P-Y (2004) Model-checking access control policies. In: Seventh information security conference (ISC’04), Lecture Notes in Computer Science, vol 3225. Springer, HeidelbergGoogle Scholar
  18. HM85.
    Hennessy M, Milner R (1985) Algebraic laws for nondeterminism and concurrency. J ACM 32(1): 137–161MATHCrossRefMathSciNetGoogle Scholar
  19. Hoa85.
    Hoare CAR (1985) Communicating sequential processes. Prentice-Hall, Englewood CliffsMATHGoogle Scholar
  20. IO01.
    Ishtiaq S, O’Hearn PW (2001) BI as an assertion language for mutable data structures. In: Proceedings of POPL 2001. ACM, London, pp 14–26Google Scholar
  21. KYM06.
    Kamoda H, Yamaoka M, Matsuda S, Broda K, Sloman M (2006) Access control policy analysis using free variable tableaux. Information Processing Society of Japan (IPSJ) Digital Courier, vol 2Google Scholar
  22. LAB92.
    Lampson B, Abadi M, Burrows M, Wobber E (1992) Authentication in distributed systems: theory and practice. ACM Trans Comput Syst 4(10): 265–310CrossRefGoogle Scholar
  23. Lam71.
    Lampson BW (1971) Protection. In: Proceedings of fifth Princeton symposium information sciences and systems, pp 437–443Google Scholar
  24. LW08.
    Li N, Wang Q (2008) Beyond separation of duty: An algebra for specifying high-level security policies. J ACM 55(3)Google Scholar
  25. Mil80.
    Milner R (1980) A calculus of communicating systems, Lecture Notes in Computer Science, vol 92. Springer, HeidelbergGoogle Scholar
  26. Mil83.
    Milner R (1983) Calculi for synchrony and asynchrony. Theor Comput Sci 25: 267–310MATHCrossRefMathSciNetGoogle Scholar
  27. Mil89.
    Milner R (1989) Communication and concurrency. Prentice-Hall, Englewood CliffsMATHGoogle Scholar
  28. OHe07.
    O’Hearn PW (2007) Resources, concurrency and local reasoning. Theor Comput Sci 375(1–3): 271–307MATHCrossRefMathSciNetGoogle Scholar
  29. OP99.
    O’Hearn P, Pym D (1999) The logic of bunched implications. Bull Symb Logic 5(2): 215–244MATHCrossRefMathSciNetGoogle Scholar
  30. Plo04.
    Plotkin GD (2004) Structural operational semantics. J Logic Algebraic Program 60:17–139 (Original manuscript 1981)Google Scholar
  31. POY04.
    Pym D, O’Hearn P, Yang H (2004) Possible worlds and resources: the semantics of BI. Theor Comput Sci 315(1): 257–305MATHCrossRefMathSciNetGoogle Scholar
  32. PT06.
    Pym D, Tofts C (2006) A calculus and logic of resources and processes. Formal Aspects Comput 18(4):495–517. Errata in [CPT07]Google Scholar
  33. PT07.
    Pym D, Tofts C (2007) Systems modelling via resources and processes: philosphy, calculus, semantics, and logic. In: Cardelli L, Fiore M, Winskel G (eds) Computation, meaning and logic: articles dedicated to Gordon Plotkin, Electronic Notes in Theoretical Computer Science, vol 107. Elsevier, Amsterdam, pp 545–587. Errata in [CPT07]Google Scholar
  34. Pym99.
    Pym D (1999) On bunched predicate logic. In: Proceedings of LICS’99, pp 183–192. IEEE, New YorkGoogle Scholar
  35. Pym02.
    Pym DJ (2002) The semantics and proof theory of the logic of bunched implications, Applied Logic Series, vol 26. Kluwer, Dordrecht. Errata at: http://www.cs.bath.ac.uk/~pym/BI-monograph-errata.pdf
  36. Rey02.
    Reynolds JC (2002) Separation logic: a logic for shared mutable data structures. In: Proceedings of LICS’02. IEEE, New York, pp 55–74Google Scholar
  37. RSG01.
    Ryan P, Schneider S, Goldsmith M, Lowe G, Roscoe B (2001) The modelling and analysis of security protocols. Addison-Wesley, ReadingGoogle Scholar
  38. Sch96.
    Schneider S (1996) Security properties and CSP. In: IEEE symposium on security and privacy, pp 174–187Google Scholar
  39. SMR06.
    Scedrov A, Mitchell JC, Ramanathan A, Teague V (2006) A probabilistic polynomial-time process calculus for the analysis of cryptographic protocols. Theor Comput Scie 353: 118–164MATHCrossRefMathSciNetGoogle Scholar
  40. SS75.
    Saltzer JH, Shroeder MD (1975) The protection of information in computer systems. Proc IEEE 63(9): 1278–1308CrossRefGoogle Scholar
  41. Sti01.
    Stirling C (2001) Modal and temporal properties of processes. Springer, HeidelbergGoogle Scholar

Copyright information

© British Computer Society 2009

Authors and Affiliations

  1. 1.Hewlett-Packard LaboratoriesStoke Gifford, BristolUK

Personalised recommendations