Skip to main content
SpringerLink
Log in

Logic-Based Reasoning on Delegatable Authorizations

  • Conference paper
  • First Online:
Foundations of Intelligent Systems (ISMIS 2002)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 2366))

Included in the following conference series:

Abstract

In this paper, we propose a logic program based formulation that supports delegatable authorizations, where negation as failure, classical negation and rules inheritance are allowable. A conflict resolution policy has been developed in our approach that can be used to support the controlled delegation and exception. In our framework, authorization rules are specified in a Delegatable Authorization Program (DAP) which is an extended logic program associated with different types of partial orderings on the domain, and these orderings specify various inheritance relationships among subjects, objects and access rights in the domain. The semantics of a DAP is defined based on the well-known stable model and the conflict resolution is achieved in the process of model generation for the underlying DAP. Our framework provides users a feasible way to express complex security policies.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. E. Bertino, F. buccafurri, E. Ferrari, P. Rullo, A logical framework for reasoning on data access control policies. proceedings of the 12th IEEE Computer Society Foundations Workshop, pp. 175–189, 1999.

    Google Scholar 

  2. J. Crampton, G. Loizou, G. O’Shea A logic of access control. The Computer Journal, vol. 44, pp. 54–66, 2001.

    Article  MATH  Google Scholar 

  3. M. Gelfond and V. Lifschitz, Classical negation in logic programs and disjunctive databases. New Generation Computing, 9:pp365–385, 1991.

    Article  Google Scholar 

  4. S. Jajodia, P. Samarati, and V.S. Subrahmanian, A logical language for expressing authorizations. Proc. of the 1997 IEEE Symposium on Security and Privacy, pp 31–42, 1997.

    Google Scholar 

  5. C. Ruan and V. Varadharajan, Resolving conflicts in authorization delegations. Submitted, 2002.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computing and Information Technology, University of Western Sydney, Penrith South DC, NSW, 1797, Australia

    Chun Ruan, Vijay Varadharajan & Yan Zhang

Authors
  1. Chun Ruan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vijay Varadharajan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yan Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. UFR d’Informatique, Université Claude Bernard Lyon I, 8, boulevard Niels Bohr, 69622, Villeurbanne Cedex, France

    Mohand-Saïd Hacid

  2. Dept. of Computer Science College of IT, University of North Carolina, Charlotte, NC, 28223, USA

    Zbigniew W. RaÅ›

  3. Băt. L. Equipe de Recherche en Ingénierie des Connaissances, Université Lumière Lyon 2, 5, avenue Pierre Mendes-France, 69676, Bron Cedex, France

    Djamel A. Zighed

  4. LRI, Université Paris Sud, Băt. 490, 91405, Orsay Cedex, France

    Yves Kodratoff

Rights and permissions

Reprints and permissions

Copyright information

© 2002 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Ruan, C., Varadharajan, V., Zhang, Y. (2002). Logic-Based Reasoning on Delegatable Authorizations. In: Hacid, MS., RaÅ›, Z.W., Zighed, D.A., Kodratoff, Y. (eds) Foundations of Intelligent Systems. ISMIS 2002. Lecture Notes in Computer Science(), vol 2366. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48050-1_22

Download citation

  • DOI: https://doi.org/10.1007/3-540-48050-1_22

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-43785-7

  • Online ISBN: 978-3-540-48050-1

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation