skip to main content
10.1145/1314436.1314439acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
Article

A simple and expressive semantic framework for policy composition in access control

Published: 02 November 2007 Publication History

Abstract

In defining large, complex access control policies, one would like to compose sub-policies, perhaps authored by different organizations, into a single global policy. Existing policy composition approaches tend to be ad-hoc, and do not explain whether too many or too few policy combinators have been defined. We define an access controlpolicy as a four-valued predicate that maps accesses to either grant, deny, conflict, or unspecified. These correspond to the four elements of the Belnap bilattice. Functions on this bilattice are then extended to policies to serve as policy combinators. We argue that this approach provides a simple andnatural semantic framework for policy composition, with a minimal but functionally complete set of policy combinators. We define derived, higher-level operators that are convenient for the specification of access control policies, and enable the decoupling of conflict resolution from policy composition. Finally, we propose a basic query language and show that it can reduce important analyses (e.g., conflict analysis) to checks of policy refinement.

References

[1]
M. Abadi, M. Burrows, B. Lampson, and G. Plotkin. A calculus for access control in distributed systems. ACM Trans. Program. Lang. Syst., 15(4):706--734, 1993.
[2]
O. Arieli and A. Avron. The Logical Role of the Four-Valued Bilattice. In Proceedings of the 13th Annual Symposium on Logic in Computer Science (LICS 98), pages 118--126. IEEE Press, 1998.
[3]
O. Arieli and A. Avron. The value of the four values. Artificial Intelligence, 102(1):97--141, 1998.
[4]
A. Banerjee and D. A. Naumann. History-based access control and secure information flow. In Proc. of the workshop on Construction and Analysis of Safe, Secure and Interoperable Smart Cards (CASSIS), LNCS 3362, pages 27--48. Springer-Verlag, 2005.
[5]
N. D. Belnap. A useful four-valued logic. In J. M. Dunn and G. Epstein, editors, Modern Uses of Multiple-Valued Logic, pages 8--37. D. Reidel, Dordrecht, 1977.
[6]
P. Bonatti, S. de Capitani di Vimercati, and P. Samarati. An algebra for composing access control policies. ACM Transactions on Information and System Security, 5(1):1--35, 2002.
[7]
P. Cousot and R. Cousot. Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Conf. Record of the Sixth Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL), pages 238--252. ACM Press, New York, 1977.
[8]
D. J. Dougherty, K. Fisler, and S. Krishnamurthi. Specifying and reasoning about dynamic access-control policies. In U. Furbach and N. Shankar, editors, Automated Reasoning - Third Int'l Joint Conference on Automated Reasoning (IJCAR), LNAI 4130. Springer-Verlag, 2006.
[9]
D. Ferraiolo and D. R. Kuhn. Role-Based Access Control. In Proc. of the NIST-NSA National (USA) Computer Security Conference, pages 554--563, 1992.
[10]
D. F. Ferraiolo, D. R. Kuhn, and R. Chandramouli. Role-Based Access Control (Second Edition). Artech House, Inc., Norwood, MA, USA, 2003.
[11]
M. Fitting. Bilattices in logic programming. In 20th Int'l Symposium on Multiple-Valued Logic, Charlotte, pages 238--247. IEEE CS Press, Los Alamitos, 1990.
[12]
M. Fitting. Bilattices and the semantics of logic programming. Journal of Logic Programming, 11(1&2):91--116, 1991.
[13]
M. Fitting. Kleene's three valued logics and their children. Fundam. Inf., 20(1--3):113--131, 1994.
[14]
M. Fitting. Bilattices are nice things. In T. Bolander, V. Hendricks, and S. A. Pedersen, editors, Self-Reference, pages 53--77. Center for the Study of Language and Information, 2006.
[15]
M. Ginsberg. Multivalued logics: a uniform approach to reasoning in AI. Computational Intelligence, 4:256--316, 1988.
[16]
J. Halpern and V. Weissman. Using first-order logic to reason about policies. In Proceedings of the Computer Security Foundations Workshop (CSFW'03), 2003.
[17]
S. Jajodia, P. Samarati, M. L. Sapino, and V. S. Subrahmanian. Flexible support for multiple access control policies. ACM Trans. Database Syst., 26(2):214--260, 2001.
[18]
S. C. Kleene. Introduction to Metamathematics. D. Van Nostrand, 1952.
[19]
A. J. Lee, J. P. Boyer, L. E. Olson, and C. A. Gunter. Defeasible security policy composition for web services. In Proc. of workshop in Formal Methods in Security Engineering, pages 45--54. ACM Press, 2006.
[20]
J. Moffett and M. Sloman. Policy conflict analysis in distributed systems management. Journal of Organizational Computing, 4(1):1--22, 1994.
[21]
B. Nuseibeh and S. Easterbrook. The process of inconsistency management: a framework for understanding. In Proc. of workshop on Database and Expert Systems Applications, pages 364--368. IEEE Computer Society, 1999.
[22]
C. Ribeiro, A. Zuquete, P. Ferreira, and P. Guedes. SPL: An access control language for security policies and complex constraints. In Proc. of the Network and Distributed System Security Symposium (NDSS). Internet Society, 2001.

Cited By

View all
  • (2022)Modular Composition of Access Control Policies: A Framework to Build Multi-Site Multi-Level CombinationsProceedings of the 27th ACM on Symposium on Access Control Models and Technologies10.1145/3532105.3535043(7-18)Online publication date: 7-Jun-2022
  • (2019)Policy Reconciliation and Migration in Attribute Based Access ControlInformation Systems Security10.1007/978-3-030-36945-3_6(99-120)Online publication date: 3-Dec-2019
  • (2017)Logical Language of Certificate-Based Access Control in Security ModelsProceedings of the 2017 International Conference on Cryptography, Security and Privacy10.1145/3058060.3058067(131-135)Online publication date: 17-Mar-2017
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
FMSE '07: Proceedings of the 2007 ACM workshop on Formal methods in security engineering
November 2007
88 pages
ISBN:9781595938879
DOI:10.1145/1314436
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 02 November 2007

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. access-control policy languages
  2. bilattices
  3. multi-valued logic

Qualifiers

  • Article

Conference

CCS07
Sponsor:

Upcoming Conference

CCS '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)9
  • Downloads (Last 6 weeks)1
Reflects downloads up to 20 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2022)Modular Composition of Access Control Policies: A Framework to Build Multi-Site Multi-Level CombinationsProceedings of the 27th ACM on Symposium on Access Control Models and Technologies10.1145/3532105.3535043(7-18)Online publication date: 7-Jun-2022
  • (2019)Policy Reconciliation and Migration in Attribute Based Access ControlInformation Systems Security10.1007/978-3-030-36945-3_6(99-120)Online publication date: 3-Dec-2019
  • (2017)Logical Language of Certificate-Based Access Control in Security ModelsProceedings of the 2017 International Conference on Cryptography, Security and Privacy10.1145/3058060.3058067(131-135)Online publication date: 17-Mar-2017
  • (2017)Formal specification and integration of distributed security policiesComputer Languages, Systems and Structures10.1016/j.cl.2016.12.00449:C(1-35)Online publication date: 1-Sep-2017
  • (2016)Security patterns modeling and formalization for pattern-based development of secure software systemsInnovations in Systems and Software Engineering10.1007/s11334-015-0259-112:2(109-140)Online publication date: 1-Jun-2016
  • (2015)A Formal Model of Policy ReconciliationProceedings of the 2015 23rd Euromicro International Conference on Parallel, Distributed, and Network-Based Processing10.1109/PDP.2015.42(587-594)Online publication date: 4-Mar-2015
  • (2015)Decision Diagrams for XACML Policy Evaluation and ManagementComputers and Security10.1016/j.cose.2014.11.00349:C(1-16)Online publication date: 1-Mar-2015
  • (2015)A Framework for Policy Similarity Evaluation and Migration Based on Change DetectionNetwork and System Security10.1007/978-3-319-25645-0_13(191-205)Online publication date: 6-Nov-2015
  • (2014)InsidersCloud Management and Security10.1002/9781118817087.ch11(167-176)Online publication date: 13-Jun-2014
  • (2012)A Practical Framework for Policy Composition and Conflict ResolutionInternational Journal of Secure Software Engineering10.4018/jsse.20121001013:4(1-26)Online publication date: Oct-2012
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media