A data structure for dynamic trees
Journal of Computer and System Sciences
Logic for Applications
Delegation logic: A logic-based approach to distributed authorization
ACM Transactions on Information and System Security (TISSEC)
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Binder, a Logic-Based Security Language
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
SD3: A Trust Management System with Certified Evaluation
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
A logical reconstruction of SPKI
Journal of Computer Security - Special issue on CSFW14
Cassandra: Flexible Trust Management, Applied to Electronic Health Records
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Understanding SPKI/SDSI using first-order logic
International Journal of Information Security
Using First-Order Logic to Reason about Policies
ACM Transactions on Information and System Security (TISSEC)
On the operational semantics of rights expression languages
Proceedings of the nineth ACM workshop on Digital rights management
Analysis of privacy and security policies
IBM Journal of Research and Development
An analysis of interoperability between licenses
Proceedings of the tenth annual ACM workshop on Digital rights management
An interoperable usage management framework
Proceedings of the tenth annual ACM workshop on Digital rights management
A domain specific language for usage management
Proceedings of the 11th annual ACM workshop on Digital rights management
An approach to the formal analysis of license interoperability
Computers and Electrical Engineering
| Hi-index | 0.00 |
XrML is becoming a popular language in industry for writing software licenses. The semantics for XrML is implicitly given by an algorithm that determines if a permission follows from a set of licenses. We focus on a fragment of the language and use it to highlight some problematic aspects of the algorithm. We then correct the problems, introduce formal semantics, and show that our semantics captures the (corrected) algorithm. Next, we consider the complexity of determining if a permission is implied by a set of XrML licenses. We prove that the general problem is undecidable, but it is polynomial-time computable for an expressive fragment of the language. We extend XrML to capture a wider range of licenses by adding negation to the language. Finally, we discuss the key differences between XrML and MPEG-21, an international standard based on XrML.