Abstract
A policy is a statement that an action is permitted or forbidden if certain conditions hold. We introduce a language for reasoning about policies called Rosetta. What makes Rosetta different from existing approaches is that its syntax is essentially a fragment of English. The language also has formal semantics, and we can prove whether a permission follows from a set of Rosetta policies in polynomial time. These features make it fairly easy for policy language developers to provide translations between their languages and ours. As a result, policy writers and (human) readers can create and access policies via the interface of their choice; these policies can be translated to Rosetta; and once in Rosetta can be translated to an appropriate language for enforcement.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Altova. Xmlspy (2004), http://www.xmlspy.com/productside.html
Association for Computing Machinery. The ACM guide: Terms of usage (2004), http://portal.acm.org/info/usage.cfm
Bertino, E., Bettini, C., Ferrari, E., Samarati, P.: An access control model supporting periodicity constraints and temporal reasoning. ACM Transactions on Database Systems 23(3), 231–285 (1998)
DeTreville, J.: Binder, a logic-based security language. In: Proceedings 2002 IEEE Symposium on Security and Privacy, pp. 95–103 (2002)
Enderton, H.B.: A Mathematical Introduction to Logic. Academic Press, New York (1972)
Garcia-Molina, H., Ullman, J.D., Widom, J.: Database Systems: The Complete Book. Prentice Hall, New Jersey (2002)
Halpern, J., Weissman, V.: Using first-order logic to reason about policies. In: Proc. 16th IEEE Computer Security Foundations Workshop, pp. 187–201 (2003)
Halpern, J., Weissman, V.: A formal foundation for XrML. In: Proc. 17th IEEE Computer Security Foundations Workshop (2004)
Iannella, R.: ODRL: The open digital rights language initiative (2001), http://odrl.net/
Jim, T.: SD3: A trust management system with certified evaluation. In: Proceedings 2001 IEEE Symposium on Security and Privacy, pp. 106–115 (2001)
Li, N., Grosof, B.N., Feigenbaum, J.: Delegation Logic: A logic-based approach to distributed authorization. ACM Transaction on Information and System Security, TISSEC (2003) (to appear)
Li, N., Mitchell, J.C.: Datalog with constraints: A foundation for trust management languages. In: Proceedings of the Fifth International Symposium on Practical Aspects of Declarative Languages (January 2003) (to appear)
Li, N., Mitchell, J.C., Winsborough, W.H.: Design of a role-based trust-management framework. In: Proceedings 2002 IEEE Symposium on Security and Privacy, pp. 114–130 (2002)
MPEG. Information technology—Multimedia framework (MPEG-21) – Part 5: Rights expression language (ISO/IEC 21000-5:2004) (2004), http://www.iso.ch/iso/en/
Pucella, R., Weissman, V.: A formal foundation for ODRL rights. In: Workshop on Issues in the Theory of Security, WITS (2004)
Ltd SyncRo Soft. Oxygen (2004), http://www.oxygenxml.com/javawebstart
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Weissman, V., Lagoze, C. (2004). Towards a Policy Language for Humans and Computers. In: Heery, R., Lyon, L. (eds) Research and Advanced Technology for Digital Libraries. ECDL 2004. Lecture Notes in Computer Science, vol 3232. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30230-8_47
Download citation
DOI: https://doi.org/10.1007/978-3-540-30230-8_47
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-23013-7
Online ISBN: 978-3-540-30230-8
eBook Packages: Springer Book Archive