Tracking and constraining authorization provenance

Jinwei Hu, Khaled M. Khan, Yun Bai, Yan Zhang

    Research output: Contribution to journalArticlepeer-review

    Abstract

    Authorization provenance concerns how an authorization is derived. It appears important to define authorization provenance to (1) analyze policy bases, (2) defend against a class of attacks, and (3) audit authorizations. In this paper, we study a notion of authorization provenance, based on a recently proposed logic in the literature. By examining a collection of properties, we show this definition captures the intuitions of authorization provenance. We also present an application of our notion of authorization provenance: specifying and enforcing a new type of security requirements.
    Original languageEnglish
    Pages (from-to)669-678
    Number of pages10
    JournalLecture Notes in Computer Science
    Volume7345
    DOIs
    Publication statusPublished - 2012

    Keywords

    • security requirements
    • industrial engineering
    • intelligent systems
    • authorization provenance

    Fingerprint

    Dive into the research topics of 'Tracking and constraining authorization provenance'. Together they form a unique fingerprint.

    Cite this