Logic-based reasoning on delegatable authorizations

Chun Ruan, Vijay Varadharajan, Yan Zhang, Mohand-Saïd Hacid

    Research output: Chapter in Book / Conference PaperConference Paper

    Abstract

    ![CDATA[In this paper, we propose a logic program based formulation that supports delegatable authorizations, where negation as failure, classical negation and rules inheritance are allowable. A conflict resolution policy has been developed in our approach that can be used to support the controlled delegation and exception. In our framework, authorization rules are specified in a Delegatable Authorization Program (DAP) which is an extended logic program associated with different types of partial orderings on the domain, and these orderings specify various inheritance relationships among subjects, objects and access rights in the domain. The semantics of a DAP is defined based on the well-known stable model and the conflict resolution is achieved in the process of model generation for the underlying DAP. Our framework provides users a feasible way to express complex security policies.]]
    Original languageEnglish
    Title of host publicationFoundations of Intelligent Systems: Proceedings of the 13th International Symposium, ISMIS 2002, Lyon, France, June 27-29, 2002
    PublisherSpringer-Verlag
    Number of pages9
    ISBN (Print)3540437851
    Publication statusPublished - 2002
    EventInternational Symposium on Methodologies for Intelligent Systems -
    Duration: 1 Jan 2002 → …

    Conference

    ConferenceInternational Symposium on Methodologies for Intelligent Systems
    Period1/01/02 → …

    Keywords

    • expert systems (computer science)
    • logic programming
    • Delegatable Authorization Program (DAP)
    • computer science

    Fingerprint

    Dive into the research topics of 'Logic-based reasoning on delegatable authorizations'. Together they form a unique fingerprint.

    Cite this