Monotonicity and Completeness in Attribute-Based Access Control

  • Jason Crampton
  • Charles Morisset
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8743)


There have been many proposals for access control models and authorization policy languages, which are used to inform the design of access control systems. Most, if not all, of these proposals impose restrictions on the implementation of access control systems, thereby limiting the type of authorization requests that can be processed or the structure of the authorization policies that can be specified. In this paper, we develop a formal characterization of the features of an access control model that imposes few restrictions of this nature. Our characterization is intended to be a generic framework for access control, from which we may derive access control models and reason about the properties of those models. In this paper, we consider the properties of monotonicity and completeness, the first being particularly important for attribute-based access control systems. XACML, an XML-based language and architecture for attribute-based access control, is neither monotonic nor complete. Using our framework, we define attribute-based access control models, in the style of XACML, that are, respectively, monotonic and complete.


Access Control Policy Language Access Control Policy Access Control Model Policy Decision Point 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bishop, M.: Computer Security: Art and Science. Addison-Wesley (2002)Google Scholar
  2. 2.
    Crampton, J., Morisset, C.: PTaCL: A language for attribute-based access control in open systems. In: Degano, P., Guttman, J.D. (eds.) Principles of Security and Trust. LNCS, vol. 7215, pp. 390–409. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  3. 3.
    Griesmayer, A., Morisset, C.: Automated certification of authorisation policy resistance. In: Crampton, J., Jajodia, S., Mayes, K. (eds.) ESORICS 2013. LNCS, vol. 8134, pp. 574–591. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  4. 4.
    Ferraiolo, D., Atluri, V.: A meta model for access control: why is it needed and is it even possible to achieve? In: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, pp. 153–154. ACM (2008)Google Scholar
  5. 5.
    eXtensible Access Control Markup Language (XACML) Version 3.0, OASIS, committee Specification 01 (2010)Google Scholar
  6. 6.
    Ferraiolo, D.F., Kuhn, D.R.: Role-based access control. In: Proceedings of the 15th National Computer Security Conference, pp. 554–563 (1992)Google Scholar
  7. 7.
    Barker, S.: The next 700 access control models or a unifying meta-model? In: Carminati, B., Joshi, J. (eds.) SACMAT, pp. 187–196. ACM (2009)Google Scholar
  8. 8.
    Crampton, J., Morisset, C.: Towards a generic formal framework for access control systems. CoRR, vol. abs/1204.2342 (2012)Google Scholar
  9. 9.
    Harrison, M., Ruzzo, W., Ullman, J.: Protection in operating systems. Communications of the ACM 19(8), 461–471 (1976)CrossRefMATHMathSciNetGoogle Scholar
  10. 10.
    Rao, P., Lin, D., Bertino, E., Li, N., Lobo, J.: An algebra for fine-grained integration of XACML policies. In: Carminati, B., Joshi, J. (eds.) SACMAT, pp. 63–72. ACM (2009)Google Scholar
  11. 11.
    Bruns, G., Huth, M.: Access control via Belnap logic: Intuitive, expressive, and analyzable policy composition. ACM Transactions on Information and System Security 14(1), 9 (2011)CrossRefGoogle Scholar
  12. 12.
    Tschantz, M.C., Krishnamurthi, S.: Towards reasonability properties for access-control policy languages. In: Ferraiolo, D.F., Ray, I. (eds.) SACMAT, pp. 160–169. ACM (2006)Google Scholar
  13. 13.
    Blamey, S.: Partial Logic. In: Handbook of Philosophical Logic, vol. 5, pp. 261–353. Kluwer Academic Publishers (2002)Google Scholar
  14. 14.
    Crampton, J., Huth, M.: An authorization framework resilient to policy evaluation failures. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 472–487. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  15. 15.
    Woo, T.Y.C., Lam, S.S.: Authorizations in distributed systems: A new approach. Journal of Computer Security 2(2-3), 107–136 (1993)Google Scholar
  16. 16.
    Bertino, E., Catania, B., Ferrari, E., Perlasca, P.: A logical framework for reasoning about access control models. ACM Transactions on Information and System Security 6(1), 71–127 (2003)CrossRefGoogle Scholar
  17. 17.
    Bonatti, P., De Capitani Di Vimercati, S., Samarati, P.: An algebra for composing access control policies. ACM Transactions on Information and System Security 5(1), 1–35 (2002)CrossRefGoogle Scholar
  18. 18.
    Crampton, J., Huth, M.: A framework for the modular specification and orchestration of authorization policies. In: Aura, T., Järvinen, K., Nyberg, K. (eds.) NordSec 2010. LNCS, vol. 7127, pp. 155–170. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  19. 19.
    Damianou, N., Dulay, N., Lupu, E.C., Sloman, M.: The Ponder policy specification language. In: Sloman, M., Lobo, J., Lupu, E.C. (eds.) POLICY 2001. LNCS, vol. 1995, pp. 18–38. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  20. 20.
    Jajodia, S., Samarati, P., Sapino, M.L., Subrahmanian, V.S.: Flexible support for multiple access control policies. ACM Transactions on Database Systems 26(2), 214–260 (2001)CrossRefMATHGoogle Scholar
  21. 21.
    Li, N., Wang, Q., Qardaji, W.H., Bertino, E., Rao, P., Lobo, J., Lin, D.: Access control policy combining: theory meets practice. In: Carminati, B., Joshi, J. (eds.) SACMAT, pp. 135–144. ACM (2009)Google Scholar
  22. 22.
    Ni, Q., Bertino, E., Lobo, J.: D-algebra for composing access control policy decisions. In: Li, W., Susilo, W., Tupakula, U.K., Safavi-Naini, R., Varadharajan, V. (eds.) ASIACCS, pp. 298–309. ACM (2009)Google Scholar
  23. 23.
    eXtensible Access Control Markup Language (XACML) Version 2.0, OASIS, committee Specification (2005)Google Scholar
  24. 24.
    Wijesekera, D., Jajodia, S.: A propositional policy algebra for access control. ACM Transactions on Information and System Security 6(2), 235–286 (2003)CrossRefGoogle Scholar
  25. 25.
    Habib, L., Jaume, M., Morisset, C.: A formal comparison of the Bell & LaPadula and RBAC models. In: Rak, M., Abraham, A., Casola, V. (eds.) IAS, pp. 3–8. IEEE Computer Society (2008)Google Scholar
  26. 26.
    Osborn, S., Sandhu, R., Munawer, Q.: Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Transactions on Information and System Security 3(2), 85–106 (2000)CrossRefGoogle Scholar
  27. 27.
    Tripunitara, M.V., Li, N.: A theory for comparing the expressive power of access control models. Journal of Computer Security 15(2), 231–272 (2007)Google Scholar
  28. 28.
    Schneider, F.B.: Enforceable security policies. ACM Trans. Inf. Syst. Secur. 3(1), 30–50 (2000)CrossRefGoogle Scholar
  29. 29.
    Carminati, B., Joshi, J. (eds.): Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, SACMAT 2009, Stresa, Italy, June 3-5. ACM (2009)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Jason Crampton
    • 1
  • Charles Morisset
    • 2
  1. 1.Royal HollowayUniversity of LondonUK
  2. 2.Newcastle UniversityUK

Personalised recommendations