Relaxed Safeness in Datalog-Based Policies

  • Moritz Y. Becker
  • Jason Mackay
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7018)

Abstract

This paper presents a safeness condition that is more liberal than the one commonly imposed on Datalog, based on classifying predicate arguments into input and output arguments, thereby extending the expressiveness of Datalog-based policy languages. It is also shown that the relaxed safeness condition is a powerful tool for adding important features to such languages.

Keywords

Policy Language Logic Programming Trust Management Predicate Symbol Ground Instance 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Becker, M.: Information governance in nhs’s npfit: A case for policy specification. International Journal of Medical Informatics 76(5-6), 432–437 (2007)CrossRefGoogle Scholar
  2. 2.
    Becker, M.Y., Fournet, C., Gordon, A.D.: SecPAL: Design and semantics of a decentralized authorization language. Journal of Computer Security 18(4), 619–665 (2010)CrossRefGoogle Scholar
  3. 3.
    Becker, M.Y., Sewell, P.: Cassandra: Flexible trust management, applied to electronic health records. In: IEEE Computer Security Foundations, pp. 139–154 (2004)Google Scholar
  4. 4.
    Bell, D.E., Lapadula, L.J.: Secure computer systems: Unified exposition and Multics interpretation. Technical report, The MITRE Corporation (July 1975)Google Scholar
  5. 5.
    Boley, H., Tabet, S., Wagner, G.: Design rationale of RuleML: A markup language for semantic web rules. In: International Semantic Web Working Symposium (SWWS), pp. 381–402 (2001)Google Scholar
  6. 6.
    Ceri, S., Gottlob, G., Tanca, L.: What you always wanted to know about Datalog (and never dared to ask). IEEE Transactions on Knowledge and Data Engineering 1(1), 146–166 (1989)CrossRefGoogle Scholar
  7. 7.
    Dantsin, E., Eiter, T., Gottlob, G., Voronkov, A.: Complexity and expressive power of logic programming. In: CCC 1997: Proceedings of the 12th Annual IEEE Conference on Computational Complexity, p. 82. IEEE Computer Society, Washington, DC (1997)Google Scholar
  8. 8.
    De Bruijn, J., Lausen, H., Polleres, A., Fensel, D.: The web service modeling language WSML: An overview. In: Sure, Y., Domingue, J. (eds.) ESWC 2006. LNCS, vol. 4011, pp. 590–604. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  9. 9.
    Debray, S.K., Warren, D.S.: Automatic mode inference for logic programs. Journal of Logic Programming 5(3), 207–229 (1988)MathSciNetCrossRefMATHGoogle Scholar
  10. 10.
    Detreville, J.: Binder, a logic-based security language. In: IEEE Symposium on Security and Privacy, pp. 105–113 (2002)Google Scholar
  11. 11.
    Horrocks, I., Patel-Schneider, P., Boley, H., Tabet, S., Grosof, B., Dean, M.: SWRL: A semantic web rule language combining OWL and RuleML. W3C Member Submission (2010)Google Scholar
  12. 12.
    Jaffar, J., Maher, M.J.: Constraint logic programming: a survey. Journal of Logic Programming 19/20, 503–581 (1994)MathSciNetCrossRefMATHGoogle Scholar
  13. 13.
    Jim, T.: SD3: A trust management system with certified evaluation. In: Proceedings of the 2001 IEEE Symposium on Security and Privacy, pp. 106–115 (2001)Google Scholar
  14. 14.
    Li, N., Grosof, B., Feigenbaum, J.: A practically implementable and tractable delegation logic. In: IEEE Symposium on Security and Privacy, pp. 27–42 (2000)Google Scholar
  15. 15.
    Li, N., Mitchell, J.C.: Datalog with constraints: A foundation for trust management languages. In: Dahl, V. (ed.) PADL 2003. LNCS, vol. 2562, pp. 58–73. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  16. 16.
    Sandhu, R.: Rationale for the RBAC96 family of access control models. In: Proceedings of the 1st ACM Workshop on Role-Based Access Control (1997)Google Scholar
  17. 17.
    Sintek, M., Decker, S.: TRIPLE – a query, inference, and transformation language for the semantic web. In: Horrocks, I., Hendler, J. (eds.) ISWC 2002. LNCS, vol. 2342, pp. 364–378. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  18. 18.
    Smolka, G.: Making control and data flow in logic programs explicit. In: ACM Symposium on LISP and Functional Programming, pp. 311–322 (1984)Google Scholar
  19. 19.
    Stärk, R.F.: Input/output dependencies of normal logic programs. Journal of Logic and Computation 4(3), 249 (1994)MathSciNetCrossRefMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Moritz Y. Becker
    • 1
  • Jason Mackay
    • 1
  1. 1.Microsoft ResearchRedmondUSA

Personalised recommendations