Operational Semantics for DKAL: Application and Analysis

Authors:
Yuri Gurevich;Arnab Roy
Affiliations:
Microsoft Research Redmond,;Stanford University,
Venue:
TrustBus '09 Proceedings of the 6th International Conference on Trust, Privacy and Security in Digital Business
Year:
2009

Citing 8
Cited 5

A calculus for access control in distributed systems

ACM Transactions on Programming Languages and Systems (TOPLAS)
Delegation logic: A logic-based approach to distributed authorization

ACM Transactions on Information and System Security (TISSEC)
Binder, a Logic-Based Security Language

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Beyond Proof-of-Compliance: Safety and Availability Analysis in Trust Management

SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Decentralized Trust Management

SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Delegation logic: a logic-based approach to distributed authorization

Delegation logic: a logic-based approach to distributed authorization
Design and Semantics of a Decentralized Authorization Language

CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
DKAL: Distributed-Knowledge Authorization Language

CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium

A constructive conditional logic for access control: a preliminary report

Proceedings of the 2010 conference on ECAI 2010: 19th European Conference on Artificial Intelligence
Logic of infons: The propositional case

ACM Transactions on Computational Logic (TOCL)
Modal Access Control LogicAxiomatization, Semantics and FOL Theorem Proving

Proceedings of the 2010 conference on STAIRS 2010: Proceedings of the Fifth Starting AI Researchers' Symposium
Yuri, logic, and computer science

Fields of logic and computation
A conditional constructive logic for access control and its sequent calculus

TABLEAUX'11 Proceedings of the 20th international conference on Automated reasoning with analytic tableaux and related methods

Quantified Score

Hi-index	0.00

Visualization

Abstract

DKAL is a new expressive high-level authorization language. It has been successfully tried at Microsoft which led to further improvements of the language itself. One improvement is the separation of concerns between static core policies and dynamic workflow; important safety properties can be proved from the core policies alone, independently from the workflow. Another improvement is true decentralization; different principals live in different worlds exchanging information by means of communication and filtering assertions. We also present some complexity results.