On the sequence of authorization policy transformations

Yun Bai; Yan Zhang; Vijay Varadharajan

doi:10.1007/s10207-004-0069-1

On the sequence of authorization policy transformations

Research output: Contribution to journal › Article

Abstract

In [2, 3], we proposed a model-based approach to specify the transformation of authorizations based on the principle of minimal change [10] and its application in database systems. Nevertheless, there were some limitations in this approach. Firstly, we could not represent a sequence of transformations. Secondly, default authorizations could not be expressed. In this paper, we propose two high-level formal languages, Ls and Lsd, to specify a sequence of authorization transformations and default authorizations. Our work starts with Ls, a simple, but expressive, language to specify certain sequence of authorization transformations. Furthermore, Lsd has more powerful expressiveness than Ls in the sense that constraints, causal and inherited authorizations, and general default authorizations can be specified.

Original language	English
Pages (from-to)	120-131
Number of pages	12
Journal	International Journal of Information Security
Volume	4
Issue number	45323
DOIs	https://doi.org/10.1007/s10207-004-0069-1
Publication status	Published - 2005

Keywords

Computer security
Data protection
Database security
Default reasoning

Access to Document

10.1007/s10207-004-0069-1

Cite this

@article{e6f4a1fd7f99454cb63c5acb4e35f3cb,

title = "On the sequence of authorization policy transformations",

abstract = "In [2, 3], we proposed a model-based approach to specify the transformation of authorizations based on the principle of minimal change [10] and its application in database systems. Nevertheless, there were some limitations in this approach. Firstly, we could not represent a sequence of transformations. Secondly, default authorizations could not be expressed. In this paper, we propose two high-level formal languages, Ls and Lsd, to specify a sequence of authorization transformations and default authorizations. Our work starts with Ls, a simple, but expressive, language to specify certain sequence of authorization transformations. Furthermore, Lsd has more powerful expressiveness than Ls in the sense that constraints, causal and inherited authorizations, and general default authorizations can be specified.",

keywords = "Computer security, Data protection, Database security, Default reasoning",

author = "Yun Bai and Yan Zhang and Vijay Varadharajan",

year = "2005",

doi = "10.1007/s10207-004-0069-1",

language = "English",

volume = "4",

pages = "120--131",

journal = "International Journal of Information Security",

issn = "1615-5262",

publisher = "Springer",

number = "45323",

}

TY - JOUR

T1 - On the sequence of authorization policy transformations

AU - Bai, Yun

AU - Zhang, Yan

AU - Varadharajan, Vijay

PY - 2005

Y1 - 2005

N2 - In [2, 3], we proposed a model-based approach to specify the transformation of authorizations based on the principle of minimal change [10] and its application in database systems. Nevertheless, there were some limitations in this approach. Firstly, we could not represent a sequence of transformations. Secondly, default authorizations could not be expressed. In this paper, we propose two high-level formal languages, Ls and Lsd, to specify a sequence of authorization transformations and default authorizations. Our work starts with Ls, a simple, but expressive, language to specify certain sequence of authorization transformations. Furthermore, Lsd has more powerful expressiveness than Ls in the sense that constraints, causal and inherited authorizations, and general default authorizations can be specified.

AB - In [2, 3], we proposed a model-based approach to specify the transformation of authorizations based on the principle of minimal change [10] and its application in database systems. Nevertheless, there were some limitations in this approach. Firstly, we could not represent a sequence of transformations. Secondly, default authorizations could not be expressed. In this paper, we propose two high-level formal languages, Ls and Lsd, to specify a sequence of authorization transformations and default authorizations. Our work starts with Ls, a simple, but expressive, language to specify certain sequence of authorization transformations. Furthermore, Lsd has more powerful expressiveness than Ls in the sense that constraints, causal and inherited authorizations, and general default authorizations can be specified.

KW - Computer security

KW - Data protection

KW - Database security

KW - Default reasoning

UR - http://handle.uws.edu.au:8081/1959.7/9936

U2 - 10.1007/s10207-004-0069-1

DO - 10.1007/s10207-004-0069-1

M3 - Article

SN - 1615-5262

VL - 4

SP - 120

EP - 131

JO - International Journal of Information Security

JF - International Journal of Information Security

IS - 45323

ER -

On the sequence of authorization policy transformations

Abstract

Keywords

Access to Document

Other files and links

Fingerprint

Cite this