Abstract
Trust management is a promising approach for the authorization in distributed environment. There are two key issues for a trust management system: how to design high-level policy language and how to solve the compliance-checking problem [3,4]. We adopt this approach to deal with distributed authorization with delegation. In this paper, we propose an authorization language Aâ„’, a human-understandable high level language to specify various authorization policies. We define the semantics of Aâ„’ through Answer Set Programming. Language Aâ„’ has rich expressive power which can not only specify delegation, threshold structures addressed in previous approaches, but also represent structured resources and privileges, positive and negative authorizations, separation of duty, incomplete information reasoning and partial authorization and delegation. We also demonstrate the application of language Aâ„’ through an authorization scenario.
| Original language | English |
|---|---|
| Pages (from-to) | 303-315 |
| Number of pages | 13 |
| Journal | Lecture Notes in Computer Science |
| Volume | 3574 |
| DOIs | |
| Publication status | Published - 2005 |
Keywords
- Access control
- Computer networks
- Computer security
- Knowledge representation (Information theory)
- Nonmonotonic reasoning
- Security measures
- Authorization
- Answer set programming
- Knowledge representation
- Trust management
- Delegation