Skip to main content
SpringerLink
Log in

Reasoning for Incomplete Authorizations

  • Conference paper
Knowledge-Based Intelligent Information and Engineering Systems (KES 2008)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 5177))

  • 1914 Accesses

Abstract

Authorization plays an important role to control access to the system resources. It enforces security mechanism in compliance with the polices and rules specified by the security strategies. However, the security rules may not be always complete. In certain situations, we need to evaluate and reason about an incomplete security domain. In this paper, we propose an approach to reason under incomplete security domain by extended logic programs, discuss properties of unknown and conflict queries, and solve these problems by defining a procedure of evaluating the logic programs.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Apt, K.R., Bol, R.N.: Logic programming and negation: A survey. Journal of Logic Programming 19(20), 9–71 (1994)

    Article  MathSciNet  Google Scholar 

  2. Bai, Y.: On XML Document Security. In: International Conference on Software Engineering and Data Engineering, pp. 39–42 (2007)

    Google Scholar 

  3. Bertino, E., Buccafurri, F., Ferrari, E., Rullo, P.: A Logic-based Approach for Enforcing Access Control. Computer Security 8(2-2), 109–140 (2000)

    Google Scholar 

  4. Bertino, E., Catania, B., Ferrari, E., Perlasca, P.: A Logical Framework for Reasoning about Access Control Models. ACM Transactions on Information and System Security 6(1), 71–127 (2003)

    Article  Google Scholar 

  5. Bettini, C., Jajodia, S., Wang, X.S., Wijesekera, D.: Provisions and Obligations in Policy Management and Security Applications. In: Proceedings of the Very Large Database Conference, pp. 502–513 (2002)

    Google Scholar 

  6. Chomicki, J., Lobo, J., Naqvi, S.: A Logical Programming Approach to Conflict Resolution in Policy Management. In: Proceedings of International Conference on Principles of Knowledge Representation and Reasoning, pp. 121–132 (2000)

    Google Scholar 

  7. Crescini, V., Zhang, Y.: A logic Based Approach for Dynamic Access Control. In: Proceedings of 17th Australian Joint Conference on Artificial Intelligence (AI 2004), pp. 623–635 (2004)

    Google Scholar 

  8. Damiani, E., Vimercati, S., Paraboschi, S., Samarati, P.: A Fine Grained Access Control System for XML Documents. ACM Transactions on Information and System Security, 160–202 (2002)

    Google Scholar 

  9. Gelfond, M., Lifschitz, V.: The stable model semantics for logic programming. In: Proceedings of the Fifth Joint International Conference and Symposium, pp. 1070–1080. MIT Press, Cambridge (1988)

    Google Scholar 

  10. Gelfond, M., Lifschitz, V.: Classical negation in logic programs and disjunctive databases. New Generation Computing 9, 365–386 (1991)

    Article  Google Scholar 

  11. Jajodia, S., Samarati, P., Sapino, M.L., Subrahmanian, V.S.: Flexible Support for Multiple Access Control Policies. ACM Transactions on Database Systems 29(2), 214–260 (2001)

    Article  Google Scholar 

  12. Li, N., Grosof, B., Feigenbaum, J.: Delegation Logic: A Logic-based Approach to Distributed Authorization. ACM Transactions on Information and System Security 6(1), 128–171 (2003)

    Article  Google Scholar 

  13. Woo, T.Y.C., Lam, S.S.: Authorization in Distributed systems: A Formal Approach. In: Proceedings of IEEE Symposium on Research in Security and Privacy, pp. 33–50 (1992)

    Google Scholar 

  14. Zhang, Y., Bai, Y.: The Characterization on the Uniqueness of the solution ¬holds(S 1, R, O) can be derived. Answer Set for Prioritized Logic Programs. In: Proceedings of the International Symposium on methodologies on Intelligent Systems, pp. 349–356 (2003)

    Google Scholar 

  15. Zhang, Y., Wu, C.M., Bai, Y.: Implementing Prioritized Logic Programming. AI Communications 14(4), 183–196 (2001)

    MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computing and Mathematics, University of Western Sydney, Locked Bag 1797, Penrith South DC, NSW 1797, Australia

    Yun Bai

Authors
  1. Yun Bai
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Ignac Lovrek Robert J. Howlett Lakhmi C. Jain

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Bai, Y. (2008). Reasoning for Incomplete Authorizations. In: Lovrek, I., Howlett, R.J., Jain, L.C. (eds) Knowledge-Based Intelligent Information and Engineering Systems. KES 2008. Lecture Notes in Computer Science(), vol 5177. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-85563-7_39

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-85563-7_39

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-85562-0

  • Online ISBN: 978-3-540-85563-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation