Abstract
Reasoning about authorization policies has been a prominent issue in information security research. In a complex information sharing and exchange environment, a user’s request may initiate a sequence of executions of authorization commands in order to decide whether such request should be granted or denied. Becker and Nanz’s logic of State-Modifying Policies (SMP) is a formal system addressing such problem in access control. In this paper, we provide a declarative semantics for SMP through a translation from SMP to Answer Set Programming (ASP). We show that our translation is sound and complete for bounded SMP reasoning. With this translation, we are able not only to directly compute users’ authorization query answers, but also to specifically extract information of how users’ authorization states change in relation to the underlying query answering. In this way, we eventually avoid SMP’s tedious proof system and significantly simply the SMP reasoning process. Furthermore, we argue that the proposed ASP translation of SMP also provides a flexibility to enhance SMP’s capacity for accommodating more complex authorization reasoning problems that the current SMP lacks.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Baral, C.: Knowledge Representation, Reasoning and Declarative Problem Solving. MIT (2003)
Abiteboul, S., Hull, R., Vianu, V.: Foundations of Databases. Addison-Wesley Publishing (1995)
Becker, M.-Y., Nanz, S.: A logic for state-modifying authorization policies. ACM Transactions on Information System Security 13 (2010)
Calimer, F., Ianni, G., Ricca, F.: The third answer set programming system computation. Theory and Practice of Logic Programming (2012)
Dhia, I.B.: Access control in social networks: a reachability-based approach. In: Proceedings of the 2012 Joint EDBT/ICDT Workshops (EDBT-ICDT 2012), pp. 227–232 (2012)
Dimoulas, C., Moore, S., Askarov, A., Chong, S.: Declarative policies for capability control. In: Proceedings of CSF-2014 (2014)
Gebser, M., Kaminski, R., Kaufmann, B., Schaub, T., Schneider, M.T., Ziller, S.: A portfolio solver for answer set programming: preliminary report. In: Delgrande, J.P., Faber, W. (eds.) LPNMR 2011. LNCS, vol. 6645, pp. 352–357. Springer, Heidelberg (2011)
Gebser, M., Kaufmann, B., Neumann, A., Schaub, T.: Conflict-driven answer set solving: From theory to practice. Artificial Intelligence 187–188, 52–89 (2012)
Grasso, G., Leone, N., Ricca, F.: Answer set programming: language, applications and development tools. In: Faber, W., Lembo, D. (eds.) RR 2013. LNCS, vol. 7994, pp. 19–34. Springer, Heidelberg (2013)
Hinrichs, T., Martinoia, D., Garrison, W.C., Lee, A., Panebianco, A., Zuck, L.: Application-sensitive access control evaluation using parameterized expressiveness. In: Proceedings of CSF-2013, pp. 145–160 (2013)
Lierler, Y., Lifschitz, V.: One more decidable class of finitely ground programs. In: Hill, P.M., Warren, D.S. (eds.) ICLP 2009. LNCS, vol. 5649, pp. 489–493. Springer, Heidelberg (2009)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Bai, Y., Caprin, E., Zhang, Y. (2015). Reasoning About the State Change of Authorization Policies. In: Ali, M., Kwon, Y., Lee, CH., Kim, J., Kim, Y. (eds) Current Approaches in Applied Artificial Intelligence. IEA/AIE 2015. Lecture Notes in Computer Science(), vol 9101. Springer, Cham. https://doi.org/10.1007/978-3-319-19066-2_11
Download citation
DOI: https://doi.org/10.1007/978-3-319-19066-2_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-19065-5
Online ISBN: 978-3-319-19066-2
eBook Packages: Computer ScienceComputer Science (R0)