Abstract
Authorization plays an important role to control access to the system resources. It enforces security mechanism in compliance with the polices and rules specified by the security strategies. However, the security rules may not be always complete. In certain situations, we need to evaluate and reason about an incomplete security domain. In this paper, we propose an approach to reason under incomplete security domain by extended logic programs, discuss properties of unknown and conflict queries, and solve these problems by defining a procedure of evaluating the logic programs.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Apt, K.R., Bol, R.N.: Logic programming and negation: A survey. Journal of Logic Programming 19(20), 9–71 (1994)
Bai, Y.: On XML Document Security. In: International Conference on Software Engineering and Data Engineering, pp. 39–42 (2007)
Bertino, E., Buccafurri, F., Ferrari, E., Rullo, P.: A Logic-based Approach for Enforcing Access Control. Computer Security 8(2-2), 109–140 (2000)
Bertino, E., Catania, B., Ferrari, E., Perlasca, P.: A Logical Framework for Reasoning about Access Control Models. ACM Transactions on Information and System Security 6(1), 71–127 (2003)
Bettini, C., Jajodia, S., Wang, X.S., Wijesekera, D.: Provisions and Obligations in Policy Management and Security Applications. In: Proceedings of the Very Large Database Conference, pp. 502–513 (2002)
Chomicki, J., Lobo, J., Naqvi, S.: A Logical Programming Approach to Conflict Resolution in Policy Management. In: Proceedings of International Conference on Principles of Knowledge Representation and Reasoning, pp. 121–132 (2000)
Crescini, V., Zhang, Y.: A logic Based Approach for Dynamic Access Control. In: Proceedings of 17th Australian Joint Conference on Artificial Intelligence (AI 2004), pp. 623–635 (2004)
Damiani, E., Vimercati, S., Paraboschi, S., Samarati, P.: A Fine Grained Access Control System for XML Documents. ACM Transactions on Information and System Security, 160–202 (2002)
Gelfond, M., Lifschitz, V.: The stable model semantics for logic programming. In: Proceedings of the Fifth Joint International Conference and Symposium, pp. 1070–1080. MIT Press, Cambridge (1988)
Gelfond, M., Lifschitz, V.: Classical negation in logic programs and disjunctive databases. New Generation Computing 9, 365–386 (1991)
Jajodia, S., Samarati, P., Sapino, M.L., Subrahmanian, V.S.: Flexible Support for Multiple Access Control Policies. ACM Transactions on Database Systems 29(2), 214–260 (2001)
Li, N., Grosof, B., Feigenbaum, J.: Delegation Logic: A Logic-based Approach to Distributed Authorization. ACM Transactions on Information and System Security 6(1), 128–171 (2003)
Woo, T.Y.C., Lam, S.S.: Authorization in Distributed systems: A Formal Approach. In: Proceedings of IEEE Symposium on Research in Security and Privacy, pp. 33–50 (1992)
Zhang, Y., Bai, Y.: The Characterization on the Uniqueness of the solution ¬holds(S 1, R, O) can be derived. Answer Set for Prioritized Logic Programs. In: Proceedings of the International Symposium on methodologies on Intelligent Systems, pp. 349–356 (2003)
Zhang, Y., Wu, C.M., Bai, Y.: Implementing Prioritized Logic Programming. AI Communications 14(4), 183–196 (2001)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bai, Y. (2008). Reasoning for Incomplete Authorizations. In: Lovrek, I., Howlett, R.J., Jain, L.C. (eds) Knowledge-Based Intelligent Information and Engineering Systems. KES 2008. Lecture Notes in Computer Science(), vol 5177. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-85563-7_39
Download citation
DOI: https://doi.org/10.1007/978-3-540-85563-7_39
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-85562-0
Online ISBN: 978-3-540-85563-7
eBook Packages: Computer ScienceComputer Science (R0)