A modal logic for information system security

Yun Bai; Kahled M. Khan

A modal logic for information system security

Yun Bai, Kahled M. Khan

Research output: Chapter in Book / Conference Paper › Conference Paper › peer-review

Abstract

As a security mechanism, authorization or access control ensures that all accesses to the system resources occur exclusively according to the access polices and rules specified by the systemsecurity agent. Authorization specification has been extensively studied and a variety of approaches have been investigated. In this paper, we propose a knowledge oriented formal language to specify the system security policies and their reasoning in response to system resource access request. The semantics of our language is provided by translating our language into epistemic logic program in which knowledge related modal operators are employed to represent agents' knowledge in reasoning. We demonstrate how our authorization language handles the situation where the security agent's knowledge on access decision is incomplete.

Original language	English
Title of host publication	Information Security 2011: Proceedings of the 9th Australasian Information Security Conference (AISC 2011): Perth, Australia, 17-20 January 2011
Publisher	Australian Computer Society
Pages	51-56
Number of pages	6
ISBN (Print)	9781920682965
Publication status	Published - 2011
Event	Australasian Information Security Conference - Duration: 17 Jan 2011 → …

Publication series

Name
ISSN (Print)	1445-1336

Conference

Conference	Australasian Information Security Conference
Period	17/01/11 → …

Cite this

@inproceedings{a5b7b58baf164828a33a852db17046af,

title = "A modal logic for information system security",

abstract = "As a security mechanism, authorization or access control ensures that all accesses to the system resources occur exclusively according to the access polices and rules specified by the systemsecurity agent. Authorization specification has been extensively studied and a variety of approaches have been investigated. In this paper, we propose a knowledge oriented formal language to specify the system security policies and their reasoning in response to system resource access request. The semantics of our language is provided by translating our language into epistemic logic program in which knowledge related modal operators are employed to represent agents' knowledge in reasoning. We demonstrate how our authorization language handles the situation where the security agent's knowledge on access decision is incomplete.",

author = "Yun Bai and Khan, {Kahled M.}",

year = "2011",

language = "English",

isbn = "9781920682965",

publisher = "Australian Computer Society",

pages = "51--56",

booktitle = "Information Security 2011: Proceedings of the 9th Australasian Information Security Conference (AISC 2011): Perth, Australia, 17-20 January 2011",

note = "Australasian Information Security Conference ; Conference date: 17-01-2011",

}

TY - GEN

T1 - A modal logic for information system security

AU - Bai, Yun

AU - Khan, Kahled M.

PY - 2011

Y1 - 2011

N2 - As a security mechanism, authorization or access control ensures that all accesses to the system resources occur exclusively according to the access polices and rules specified by the systemsecurity agent. Authorization specification has been extensively studied and a variety of approaches have been investigated. In this paper, we propose a knowledge oriented formal language to specify the system security policies and their reasoning in response to system resource access request. The semantics of our language is provided by translating our language into epistemic logic program in which knowledge related modal operators are employed to represent agents' knowledge in reasoning. We demonstrate how our authorization language handles the situation where the security agent's knowledge on access decision is incomplete.

AB - As a security mechanism, authorization or access control ensures that all accesses to the system resources occur exclusively according to the access polices and rules specified by the systemsecurity agent. Authorization specification has been extensively studied and a variety of approaches have been investigated. In this paper, we propose a knowledge oriented formal language to specify the system security policies and their reasoning in response to system resource access request. The semantics of our language is provided by translating our language into epistemic logic program in which knowledge related modal operators are employed to represent agents' knowledge in reasoning. We demonstrate how our authorization language handles the situation where the security agent's knowledge on access decision is incomplete.

UR - http://handle.uws.edu.au:8081/1959.7/544652

M3 - Conference Paper

SN - 9781920682965

SP - 51

EP - 56

BT - Information Security 2011: Proceedings of the 9th Australasian Information Security Conference (AISC 2011): Perth, Australia, 17-20 January 2011

PB - Australian Computer Society

T2 - Australasian Information Security Conference

Y2 - 17 January 2011

ER -

A modal logic for information system security

Abstract

Publication series

Conference

Other files and links

Fingerprint

Cite this