Reasoning about knowledge
A lattice model of secure information flow
Communications of the ACM
A logical framework for reasoning about access control models
ACM Transactions on Information and System Security (TISSEC)
On transformation of authorization policies
Data & Knowledge Engineering
Delegation in role-based access control
International Journal of Information Security
Security policy refinement and enforcement for the design of multi-level secure systems
Journal of Computer Security - Privacy, Security and Trust (PST) Technologies: Evolution and Challenges
Non-delegatable authorities in capability systems
Journal of Computer Security
Epistemic reasoning in logic programs
IJCAI'07 Proceedings of the 20th international joint conference on Artifical intelligence
Hi-index | 0.00 |
In this paper, we propose a formal logic approach to specify the system security policies and rules and their reasoning in response to queries of accessing the system resource. Especially we investigate and handle the situation where the security agent's knowledge based on which the access decision is made is not complete. We introduce modal logic to specify and reason about a security domain, then translate the domain into an epistemic logic program [10]. We show that our approach has an expressive power to describe a variety of complex security scenarios.