|
|||||
|
|
On transformation of authorization policies |
|
| Authors: | Yun Vijay |
| Affiliation: | a School of Computing and Information Technology, University of Western Sydney, Locked Bag 1797, Penrith South DC, NSW 1797, Australia b Department of Computing, Macquarie University, North Ryde, NSW 2109, Australia |
| Abstract: | In this paper, we propose a logic based approach to specify and to reason about transformation of authorization policies. The authorization policy is specified using a policy base which comprises a finite set of facts and access constraints. We define the structure of the policy transformation and employ a model-based semantics to perform the transformation under the principle of minimal change. Furthermore, we extend model-based semantics by introducing preference ordering to resolve possible conflicts during transformation of policies. We also discuss the implementation of the model-based transformation approach and analyse the complexity of the algorithms introduced. Our system is able to represent both implicit and incomplete authorization requirements and reason about nonmonotonic properties. |
| Keywords: | Logic based specification Security Authorization policy Transformations |
| 本文献已被 ScienceDirect 等数据库收录! | |