On the sequence of authorization policy transformations

Yun Bai; Yan Zhang; Vijay Varadharajan

doi:10.1007/s10207-004-0069-1

On the sequence of authorization policy transformations

Research output: Contribution to journal › Article

Abstract

In [2, 3], we proposed a model-based approach to specify the transformation of authorizations based on the principle of minimal change [1] and its application in database systems. Nevertheless, there were some limitations in this approach. Firstly, we could not represent a sequence of transformations. Secondly, default authorizations could not be expressed. In this paper, we propose two high-level formal languages, L s and L sd, to specify a sequence of authorization transformations and default authorizations. Our work starts with L s, a simple, but expressive, language to specify certain sequence of authorization transformations. Furthermore, L sd has more powerful expressiveness than L s in the sense that constraints, causal and inherited authorizations, and general default authorizations can be specified.

Original language	English
Pages (from-to)	120-131
Number of pages	12
Journal	International Journal of Information Security
Volume	4
Issue number	1-2
DOIs	https://doi.org/10.1007/s10207-004-0069-1
Publication status	Published - Feb 2005

Keywords

Computer security
Data protection
Database security
Default reasoning
Formal language
Authorization policy
Policy transformations
Default logic

Access to Document

10.1007/s10207-004-0069-1

Cite this

@article{e6f4a1fd7f99454cb63c5acb4e35f3cb,

title = "On the sequence of authorization policy transformations",

abstract = "In [2, 3], we proposed a model-based approach to specify the transformation of authorizations based on the principle of minimal change [1] and its application in database systems. Nevertheless, there were some limitations in this approach. Firstly, we could not represent a sequence of transformations. Secondly, default authorizations could not be expressed. In this paper, we propose two high-level formal languages, L s and L sd, to specify a sequence of authorization transformations and default authorizations. Our work starts with L s, a simple, but expressive, language to specify certain sequence of authorization transformations. Furthermore, L sd has more powerful expressiveness than L s in the sense that constraints, causal and inherited authorizations, and general default authorizations can be specified.",

keywords = "Computer security, Data protection, Database security, Default reasoning, Formal language, Authorization policy, Policy transformations, Default logic",

author = "Yun Bai and Yan Zhang and Vijay Varadharajan",

year = "2005",

month = feb,

doi = "10.1007/s10207-004-0069-1",

language = "English",

volume = "4",

pages = "120--131",

journal = "International Journal of Information Security",

issn = "1615-5262",

publisher = "Springer",

number = "1-2",

}

TY - JOUR

T1 - On the sequence of authorization policy transformations

AU - Bai, Yun

AU - Zhang, Yan

AU - Varadharajan, Vijay

PY - 2005/2

Y1 - 2005/2

N2 - In [2, 3], we proposed a model-based approach to specify the transformation of authorizations based on the principle of minimal change [1] and its application in database systems. Nevertheless, there were some limitations in this approach. Firstly, we could not represent a sequence of transformations. Secondly, default authorizations could not be expressed. In this paper, we propose two high-level formal languages, L s and L sd, to specify a sequence of authorization transformations and default authorizations. Our work starts with L s, a simple, but expressive, language to specify certain sequence of authorization transformations. Furthermore, L sd has more powerful expressiveness than L s in the sense that constraints, causal and inherited authorizations, and general default authorizations can be specified.

AB - In [2, 3], we proposed a model-based approach to specify the transformation of authorizations based on the principle of minimal change [1] and its application in database systems. Nevertheless, there were some limitations in this approach. Firstly, we could not represent a sequence of transformations. Secondly, default authorizations could not be expressed. In this paper, we propose two high-level formal languages, L s and L sd, to specify a sequence of authorization transformations and default authorizations. Our work starts with L s, a simple, but expressive, language to specify certain sequence of authorization transformations. Furthermore, L sd has more powerful expressiveness than L s in the sense that constraints, causal and inherited authorizations, and general default authorizations can be specified.

KW - Computer security

KW - Data protection

KW - Database security

KW - Default reasoning

KW - Formal language

KW - Authorization policy

KW - Policy transformations

KW - Default logic

UR - http://handle.uws.edu.au:8081/1959.7/9936

UR - http://www.scopus.com/inward/record.url?scp=14844341563&partnerID=8YFLogxK

U2 - 10.1007/s10207-004-0069-1

DO - 10.1007/s10207-004-0069-1

M3 - Article

SN - 1615-5262

VL - 4

SP - 120

EP - 131

JO - International Journal of Information Security

JF - International Journal of Information Security

IS - 1-2

ER -

On the sequence of authorization policy transformations

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this