A logic for reasoning about security

Authors:
Janice Glasgow;Glenn Macewen;Prakash Panangaden
Affiliations:
-;-;-
Venue:
ACM Transactions on Computer Systems (TOCS)
Year:
1992

Citing 13
Cited 21

Operator nets

Proc. of the IFIP TC 10 working conference on Fifth generation computer architectures
The development and proof of a formal specification for a multilevel secure system

ACM Transactions on Computer Systems (TOCS)
Building a secure computer system

Building a secure computer system
A logic of authentication

ACM Transactions on Computer Systems (TOCS)
The SeaView Security Model

IEEE Transactions on Software Engineering
Stating security requirements with tolerable sets

ACM Transactions on Computer Systems (TOCS)
Formal Models for Computer Security

ACM Computing Surveys (CSUR)
A lattice model of secure information flow

Communications of the ACM
"Sometime" is sometimes "not never": on the temporal logic of programs

POPL '80 Proceedings of the 7th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The temporal logic of branching time

POPL '81 Proceedings of the 8th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Authentication: A Practical Study in Belief and Action

Proceedings of the 2nd Conference on Theoretical Aspects of Reasoning about Knowledge
Design and verification of secure systems

SOSP '81 Proceedings of the eighth ACM symposium on Operating systems principles
Knowledge and common knowledge in a distributed environment

PODC '84 Proceedings of the third annual ACM symposium on Principles of distributed computing

Formal query languages for secure relational databases

ACM Transactions on Database Systems (TODS)
Modelling multidomain security

NSPW '92-93 Proceedings on the 1992-1993 workshop on New security paradigms
A MAC Policy Framework for Multilevel Relational Databases

IEEE Transactions on Knowledge and Data Engineering
A Semantic Framework of the Multilevel Secure Relational Model

IEEE Transactions on Knowledge and Data Engineering
Reasoning about Public-Key Certification: On Bindings between Entities and Public Keys

FC '99 Proceedings of the Third International Conference on Financial Cryptography
Group Principals and the Formalization of Anonymity

FM '99 Proceedings of the Wold Congress on Formal Methods in the Development of Computing Systems-Volume I - Volume I
Enterprise privacy promises and enforcement

WITS '05 Proceedings of the 2005 workshop on Issues in the theory of security
A logical approach to multilevel security of probabilistic systems

Distributed Computing
Combining logics for modelling security policies

ACSC '05 Proceedings of the Twenty-eighth Australasian conference on Computer Science - Volume 38
Deciding knowledge properties of security protocols

TARK '05 Proceedings of the 10th conference on Theoretical aspects of rationality and knowledge
Anonymity and information hiding in multiagent systems

Journal of Computer Security
Peer-to-peer form based web information systems

ADC '06 Proceedings of the 17th Australasian Database Conference - Volume 49
A (restricted) quantifier elimination for security protocols

Theoretical Computer Science - Automated reasoning for security protocol analysis
An epistemic framework for privacy protection in database linking

Data & Knowledge Engineering
Temporal Logics of Knowledge and their Applications in Security

Electronic Notes in Theoretical Computer Science (ENTCS)
Using First-Order Logic to Reason about Policies

ACM Transactions on Information and System Security (TISSEC)
Granulation as a privacy protection mechanism

Transactions on rough sets VII
A modal logic for role-based access control

MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
An approach to understanding policy based on autonomy and voluntary cooperation

DSOM'05 Proceedings of the 16th IFIP/IEEE Ambient Networks international conference on Distributed Systems: operations and Management
Toward exploiting location-based and video information in negotiated access control policies

ICISS'05 Proceedings of the First international conference on Information Systems Security
Opacity generalised to transition systems

FAST'05 Proceedings of the Third international conference on Formal Aspects in Security and Trust

Quantified Score

Hi-index	0.00

Visualization

Abstract

A formal framework called Security Logic (SL) is developed for specifying and reasoning about security policies and for verifying that system designs adhere to such policies. Included in this modal logic framework are definitions of knowledge, permission, and obligation. Permission is used to specify secrecy policies and obligation to specify integrity policies. The combination of policies is addressed and examples based on policies from the current literature are given.