Abstract
This paper discusses the representation of a variety of role-based access control (RBAC) security models in which users and permissions may be assigned to roles for restricted periods of time. These security models are formulated as logic programs which specify the security information which protects data, and from which a user’s permission to perform operations on data items may be determined by theorem-proving. The representation and verification of integrity constraints on these logic programs is described, and practical issues are considered together with the technical results which apply to the approach.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abiteboul, S., Hull, R., and Vianu, V., Foundations of Databases, Addison-Wesley, 1995.
Apt, K., Blair, H., and Walker, A., Towards a theory of declarative knowledge, in J. Minker (Ed.), Foundations of Deductive Databases and Logic Programming, Morgan-Kaufmann, 1988.
Barker, S., Security policy specification in logic, International Conference on Artificial Intelligence, 2000.
Barker, S., Protecting deductive databases from unauthorized retrievals, To Appear.
Bertino, E., Bettini, C., Ferrari, E., and Samarati, P., A temporal access control mechanism for database systems, IEEE Trans. on KDE, 8(1), 1996.
Castano, S., Fugini, M., Martella, G., and Samarati, P., Database Security, Addison-Wesley, 1994.
Chen, W., Swift., T., and Warren, D., Efficient top-down computation of queries under the well-founded semantics, JLP, 24, 1995.
Clark, K., Negation as failure, in H. Gallaire and J. Minker(Eds), Logic and Databases, Plenum, 1978.
Decker, H., and Celma, M., A slick procedure for integrity checking in deductive databases, ICLP, 1994.
Eshghi, K., Abductive planning with the event calculus, ICLP, 1988.
Griffiths, P. P., and Wade, B.W., An authorization mechanism for relational database systems, A CM TODS, 1(3), 1976.
Jajodia, S., Samarati, P., Subrahmanian, V., and Bertino, E., A unified framework for enforcing multiple access control policies in Proc. ACM SIGMOD International Conference on Management of Data, 1997.
Kowalski, R., Database updates in the Event Calculus, JLP, 12, 1992.
Kuhn, D. R., Mutual exclusion of roles as a means of implementing separation of duty in role-based access control systems, Proc. 2nd ACM Workshop on Role-Based Access, 1997.
Kunen, K., Signed data dependencies in logic programs, JLP, 7, 1989.
LLoyd, J., Foundations of Logic Programming, Springer, 1987.
Sadri, F. and Kowalski, R., Variants of the event calculus, ICLP, 1995.
Sadri, F. and Kowalski, R., A theorem-proving approach to database integrity in Foundations of Deductive Databases and Logic Programming, J. Minker (Ed.), Morgan-Kaufmann, 1988.
Sandhu, R., Coyne, E., Feinstein, H., and Youman, C., Role-Based access control: a multi-dimensional view, Proc. 10th Annual Computer Security Applications Conf., 1994.
Sandhu, R., Coyne, E., Feinstein, H., and Youman, C., Role-Based access control models, IEEE Computer, 1996.
Sagonas, K., Swift, T., Warren, D., Freire, J., Rao. P., The XSB System, Version 2.0, Programmer’s Manual, 1999.
Shepherdson, J., Negation as failure, completion and stratification in D. Gabbay et al. (Eds), Handbook of Logic in AI and Logic Programming, Volume 5, Logic Programming, Oxford, 1997.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Barker, S. (2000). Data Protection by Logic Programming. In: Lloyd, J., et al. Computational Logic — CL 2000. CL 2000. Lecture Notes in Computer Science(), vol 1861. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-44957-4_87
Download citation
DOI: https://doi.org/10.1007/3-540-44957-4_87
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-67797-0
Online ISBN: 978-3-540-44957-7
eBook Packages: Springer Book Archive