Decentralized Composite Access Control

  • Petar Tsankov
  • Srdjan Marinovic
  • Mohammad Torabi Dashti
  • David Basin
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8414)


Formal foundations for access control policies with both authority delegation and policy composition operators are partial and limited. Correctness guarantees cannot therefore be formally stated and verified for decentralized composite access control systems, such as those based on XACML 3. To address this problem we develop a formal policy language BelLog that can express both delegation and composition operators. We illustrate, through examples, how BelLog can be used to specify practical policies. Moreover, we present an analysis framework for reasoning about BelLog policies and we give decidability and complexity results for policy entailment and policy containment in BelLog.


Access Control Composition Operator Policy Language Project Leader Policy Context 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A.: The KeyNote Trust-Management System Version 2. RFC 2704 (Informational) (September 1999)Google Scholar
  2. 2.
    SNIC: SweGrid: e-Infrastructure for Computing and Storage,
  3. 3.
    Axiomatics: Policy Decision Points (September 2013)Google Scholar
  4. 4.
    Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I., Zaharia, M.: A View of Cloud Computing. Commun. ACM 53(4), 50–58 (2010)CrossRefGoogle Scholar
  5. 5.
    Ceri, S., Gottlob, G., Tanca, L.: What You Always Wanted to Know About Datalog (And Never Dared to Ask). IEEE Trans. on Knowl. and Data Eng., 146–166 (1989)Google Scholar
  6. 6.
    Belnap, N.D.: A Useful Four-Valued Logic. In: Modern Uses of Multiple-Valued Logic. D. Reidel (1977)Google Scholar
  7. 7.
    Bruns, G., Huth, M.: Access Control via Belnap Logic: Intuitive, Expressive, and Analyzable Policy Composition. ACM Trans. Inf. Syst. Secur., 1–27 (2011)Google Scholar
  8. 8.
    Crampton, J., Morisset, C.: PTaCL: A Language for Attribute-Based Access Control in Open Systems. In: Degano, P., Guttman, J.D. (eds.) POST 2013. LNCS, vol. 7215, pp. 390–409. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  9. 9.
    Ni, Q., Bertino, E., Lobo, J.: D-Algebra for Composing Access Control Policy Decisions. In: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, ASIACCS 2009, pp. 298–309. ACM (2009)Google Scholar
  10. 10.
    Gurevich, Y., Neeman, I.: DKAL: Distributed-Knowledge Authorization Language. Computer Security Foundations Symposium, 149–162 (2008)Google Scholar
  11. 11.
    Becker, M.Y., Fournet, C., Gordon, A.D.: SecPAL: Design and semantics of a decentralized authorization language. Journal of Computer Security, 619–665 (2010)Google Scholar
  12. 12.
    Li, N., Mitchell, J., Winsborough, W.: Design of a Role-based Trust-management Framework. In: IEEE Symposium on Security and Privacy, pp. 114–130 (2002)Google Scholar
  13. 13.
    Garg, D., Pfenn, F.: Non-Interference in Constructive Authorization Logic. In: Proceedings of the 19th IEEE Workshop on Computer Security Foundations, CSFW 2006, pp. 283–296. IEEE Computer Society, Washington, DC (2006)Google Scholar
  14. 14.
    Abadi, M.: Access Control in a Core Calculus of Dependency. Electronic Notes in Theoretical Computer Science 172, 5–31 (2007)CrossRefMathSciNetGoogle Scholar
  15. 15.
    Fitting, M.: Bilattices in Logic Programming. In: Proceedings of the Twentieth International Symposium on Multiple-Valued Logic, pp. 238–246 (1990)Google Scholar
  16. 16.
    Marinovic, S., Craven, R., Ma, J., Dulay, N.: Rumpole: A Flexible Break-glass Access Control Model. In: Symposium on Access Control Models and Technologies, SACMAT 2011, pp. 73–82. ACM (2011)Google Scholar
  17. 17.
    Dong, C., Dulay, N.: Shinren: Non-monotonic Trust Management for Distributed Systems. In: Nishigaki, M., Jøsang, A., Murayama, Y., Marsh, S. (eds.) IFIPTM 2010, vol. 321, pp. 125–140. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  18. 18.
    Kolovski, V., Hendler, J., Parsia, B.: Analyzing Web Access Control Policies. In: Proceedings of the 16th International Conference on WWW, pp. 677–686. ACM (2007)Google Scholar
  19. 19.
    Tsankov, P., Marinovic, S., Dashti, M.T., Basin, D.: Decentralized Composite Access Control. Technical report, ETH Zurich (2014),
  20. 20.
    Apt, K.R., Blair, H.A., Walker, A.: Towards a Theory of Declarative Knowledge. In: Minker, J. (ed.) Foundations of Deductive Databases and Logic Programming, pp. 89–148. Morgan Kaufmann Publishers Inc. (1988)Google Scholar
  21. 21.
    Abiteboul, S., Hull, R., Vianu, V.: Foundations of Databases. Addison-Wesley (1995)Google Scholar
  22. 22.
    Vardi, M.Y.: The Complexity of Relational Query Languages (Extended Abstract). In: Proceedings of the Fourteenth Annual ACM Symposium on Theory of Computing, STOC 1982, pp. 137–146. ACM, New York (1982)CrossRefGoogle Scholar
  23. 23.
    Shmueli, O.: Decidability and Expressiveness Aspects of Logic Queries. In: Proceedings of the ACM Symposium on Principles of Database Systems. ACM (1987)Google Scholar
  24. 24.
    Rissanen, E.: XACML 3.0 Additional Combining Algorithms Profile Version 1.0. Technical report, AxiomaticsGoogle Scholar
  25. 25.
    OASIS: eXtensible Access Control Markup Language,
  26. 26.
    Seitz, L., Rissanen, E., Sandholm, T., Firozabadi, B.S., Mulmo, O.: Policy Administration Control and Delegation Using XACML and Delegent. In: Proceedings of the International Workshop on Grid Computing, pp. 49–54. IEEE (2005)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  • Petar Tsankov
    • 1
  • Srdjan Marinovic
    • 1
  • Mohammad Torabi Dashti
    • 1
  • David Basin
    • 1
  1. 1.Institute of Information SecurityETH ZurichSwitzerland

Personalised recommendations