A calculus for access control in distributed systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
Delegation logic: A logic-based approach to distributed authorization
ACM Transactions on Information and System Security (TISSEC)
Binder, a Logic-Based Security Language
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Beyond Proof-of-Compliance: Safety and Availability Analysis in Trust Management
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Decentralized Trust Management
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Delegation logic: a logic-based approach to distributed authorization
Delegation logic: a logic-based approach to distributed authorization
Design and Semantics of a Decentralized Authorization Language
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
DKAL: Distributed-Knowledge Authorization Language
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
A constructive conditional logic for access control: a preliminary report
Proceedings of the 2010 conference on ECAI 2010: 19th European Conference on Artificial Intelligence
Logic of infons: The propositional case
ACM Transactions on Computational Logic (TOCL)
Modal Access Control LogicAxiomatization, Semantics and FOL Theorem Proving
Proceedings of the 2010 conference on STAIRS 2010: Proceedings of the Fifth Starting AI Researchers' Symposium
Yuri, logic, and computer science
Fields of logic and computation
A conditional constructive logic for access control and its sequent calculus
TABLEAUX'11 Proceedings of the 20th international conference on Automated reasoning with analytic tableaux and related methods
Hi-index | 0.00 |
DKAL is a new expressive high-level authorization language. It has been successfully tried at Microsoft which led to further improvements of the language itself. One improvement is the separation of concerns between static core policies and dynamic workflow; important safety properties can be proved from the core policies alone, independently from the workflow. Another improvement is true decentralization; different principals live in different worlds exchanging information by means of communication and filtering assertions. We also present some complexity results.