{"title":"用于组合访问控制策略的重写框架","authors":"Clara Bertolissi, M. Fernández","doi":"10.1145/1389449.1389476","DOIUrl":null,"url":null,"abstract":"In large, and often distributed, environments, where access control information may be shared across multiple sites, the combination of individual specifications in order to define a coherent access control policy is of fundamental importance. In order to ensure non-ambiguous behaviour, formal languages, often relying on firstorder logic, have been developed for the description of access control policies. We propose in this paper a formalisation of policy composition by means of term rewriting. We show how, in this setting, we are able to express a wide range of policy combinations and reason about them. Modularity properties of rewrite systems can be used to derive the correctness of the global policy, i.e. that every access request has an answer and this answer is unique","PeriodicalId":248980,"journal":{"name":"Proceedings of the 10th international ACM SIGPLAN conference on Principles and practice of declarative programming","volume":"200 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"31","resultStr":"{\"title\":\"A rewriting framework for the composition of access control policies\",\"authors\":\"Clara Bertolissi, M. Fernández\",\"doi\":\"10.1145/1389449.1389476\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In large, and often distributed, environments, where access control information may be shared across multiple sites, the combination of individual specifications in order to define a coherent access control policy is of fundamental importance. In order to ensure non-ambiguous behaviour, formal languages, often relying on firstorder logic, have been developed for the description of access control policies. We propose in this paper a formalisation of policy composition by means of term rewriting. We show how, in this setting, we are able to express a wide range of policy combinations and reason about them. Modularity properties of rewrite systems can be used to derive the correctness of the global policy, i.e. that every access request has an answer and this answer is unique\",\"PeriodicalId\":248980,\"journal\":{\"name\":\"Proceedings of the 10th international ACM SIGPLAN conference on Principles and practice of declarative programming\",\"volume\":\"200 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2008-07-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"31\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 10th international ACM SIGPLAN conference on Principles and practice of declarative programming\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/1389449.1389476\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 10th international ACM SIGPLAN conference on Principles and practice of declarative programming","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1389449.1389476","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A rewriting framework for the composition of access control policies
In large, and often distributed, environments, where access control information may be shared across multiple sites, the combination of individual specifications in order to define a coherent access control policy is of fundamental importance. In order to ensure non-ambiguous behaviour, formal languages, often relying on firstorder logic, have been developed for the description of access control policies. We propose in this paper a formalisation of policy composition by means of term rewriting. We show how, in this setting, we are able to express a wide range of policy combinations and reason about them. Modularity properties of rewrite systems can be used to derive the correctness of the global policy, i.e. that every access request has an answer and this answer is unique
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
