Journal of Symbolic Computation
Term rewriting and all that
Termination of term rewriting using dependency pairs
Theoretical Computer Science - Trees in algebra and programming
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
Term Rewriting Systems
Priority Rewriting: Semantics, Confluence, and Conditional
RTA '89 Proceedings of the 3rd International Conference on Rewriting Techniques and Applications
Proving Innermost Normalisation Automatically
RTA '97 Proceedings of the 8th International Conference on Rewriting Techniques and Applications
Canonical Forms and Unification
Proceedings of the 5th Conference on Automated Deduction
Flexible access control policy specification with constraint logic programming
ACM Transactions on Information and System Security (TISSEC)
Computer Networks: The International Journal of Computer and Telecommunications Networking
Tyrolean termination tool: Techniques and features
Information and Computation
Higher-Order and Symbolic Computation
Rewriting-Based Access Control Policies
Electronic Notes in Theoretical Computer Science (ENTCS)
Weaving rewrite-based access control policies
Proceedings of the 2007 ACM workshop on Formal methods in security engineering
Termination of rewriting under strategies
ACM Transactions on Computational Logic (TOCL)
Termination of Priority Rewriting
LATA '09 Proceedings of the 3rd International Conference on Language and Automata Theory and Applications
Termination of narrowing revisited
Theoretical Computer Science
Tom: piggybacking rewriting on java
RTA'07 Proceedings of the 18th international conference on Term rewriting and applications
Symbolic model checking of infinite-state systems using narrowing
RTA'07 Proceedings of the 18th international conference on Term rewriting and applications
A proof of weak termination providing the right way to terminate
ICTAC'04 Proceedings of the First international conference on Theoretical Aspects of Computing
Automated termination analysis for Haskell: from term rewriting to programming languages
RTA'06 Proceedings of the 17th international conference on Term Rewriting and Applications
Narrowing, abstraction and constraints for proving properties of reduction relations
Rewriting Computation and Proof
Modular access control via strategic rewriting
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Termination Of Term Rewriting By Semantic Labelling
Fundamenta Informaticae
Component-based security policy design with colored Petri nets
Semantics and algebraic specification
An integrated framework for the diagnosis and correction of rule-based programs
Theoretical Computer Science
Symbolic analysis of network security policies using rewrite systems
Proceedings of the 13th international ACM SIGPLAN symposium on Principles and practices of declarative programming
An access control language based on term rewriting and description logic
WFLP'10 Proceedings of the 19th international conference on Functional and constraint logic programming
A dynamic access control model
Applied Intelligence
Formal specification and validation of security policies
FPS'11 Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security
Automated analysis of rule-based access control policies
PLPV '13 Proceedings of the 7th workshop on Programming languages meets program verification
Data Linkage Algebra, Data Linkage Dynamics, and Priority Rewriting
Fundamenta Informaticae
Hi-index | 0.01 |
The rewrite-based approach provides executable specifications for security policies, which can be independently designed, verified, and then anchored on programs using a modular discipline. In this paper, we describe how to perform queries over these rule-based policies in order to increase the trust of the policy author on the correct behavior of the policy. The analysis we provide is founded on the strategic narrowing process, which provides both the necessary abstraction for simulating executions of the policy over access requests and the mechanism for solving what-if queries from the security administrator. We illustrate this general approach by the analysis of a firewall system policy.