A modal deconstruction of access control logics

Authors:
Deepak Garg;Martín Abadi
Affiliations:
Carnegie Mellon University;University of California, Santa Cruz and Microsoft Research, Silicon Valley
Venue:
FOSSACS'08/ETAPS'08 Proceedings of the Theory and practice of software, 11th international conference on Foundations of software science and computational structures
Year:
2008

Citing 26
Cited 12

Notions of computation and monads

Information and Computation
Authentication in distributed systems: theory and practice

ACM Transactions on Computer Systems (TOCS)
A calculus for access control in distributed systems

ACM Transactions on Programming Languages and Systems (TOPLAS)
Authentication in the Taos operating system

ACM Transactions on Computer Systems (TOCS) - Special issue on operating systems principles
Propositional lax logic

Information and Computation
Proof-carrying authentication

CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Delegation logic: A logic-based approach to distributed authorization

ACM Transactions on Information and System Security (TISSEC)
DATALOG with Constraints: A Foundation for Trust Management Languages

PADL '03 Proceedings of the 5th International Symposium on Practical Aspects of Declarative Languages
Logic in Access Control

LICS '03 Proceedings of the 18th Annual IEEE Symposium on Logic in Computer Science
Binder, a Logic-Based Security Language

SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
A judgmental reconstruction of modal logic

Mathematical Structures in Computer Science
Proof search in Lax Logic

Mathematical Structures in Computer Science
Computational types from a logical perspective

Journal of Functional Programming
Access control for the web via proof-carrying authorization

Access control for the web via proof-carrying authorization
Computer Security in the Real World

Computer
Distributed Proving in Access-Control Systems

SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Beyond proof-of-compliance: security analysis in trust management

Journal of the ACM (JACM)
Non-Interference in Constructive Authorization Logic

CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Access Control in a Core Calculus of Dependency

Electronic Notes in Theoretical Computer Science (ENTCS)
Audit-based compliance control

International Journal of Information Security
Design and Semantics of a Decentralized Authorization Language

CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Do As I SaY! Programmatic Access Control with Explicit Identities

CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
A Type Discipline for Authorization in Distributed Systems

CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Alpaca: extensible authorization for distributed services

Proceedings of the 14th ACM conference on Computer and communications security
Device-enabled authorization in the grey system

ISC'05 Proceedings of the 8th international conference on Information Security
A linear logic of authorization and knowledge

ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security

Game Semantics for Access Control

Electronic Notes in Theoretical Computer Science (ENTCS)
A logic for authorization provenance

ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
SecPAL: Design and semantics of a decentralized authorization language

Journal of Computer Security - Digital Identity Management (DIM 2007)
A constructive conditional logic for access control: a preliminary report

Proceedings of the 2010 conference on ECAI 2010: 19th European Conference on Artificial Intelligence
Combining logics in simple type theory

CLIMA'10 Proceedings of the 11th international conference on Computational logic in multi-agent systems
Modal Access Control LogicAxiomatization, Semantics and FOL Theorem Proving

Proceedings of the 2010 conference on STAIRS 2010: Proceedings of the Fifth Starting AI Researchers' Symposium
A conditional constructive logic for access control and its sequent calculus

TABLEAUX'11 Proceedings of the 20th international conference on Automated reasoning with analytic tableaux and related methods
Combining and automating classical and non-classical logics in classical higher-order logics

Annals of Mathematics and Artificial Intelligence
Relationship-based access control: its expression and enforcement through hybrid logic

Proceedings of the second ACM conference on Data and Application Security and Privacy
New modalities for access control logics: permission, control and ratification

STM'11 Proceedings of the 7th international conference on Security and Trust Management
On the Complexity of Linear Authorization Logics

LICS '12 Proceedings of the 2012 27th Annual IEEE/ACM Symposium on Logic in Computer Science
Belief semantics of authorization logic

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present a translation from a logic of access control with a "says" operator to the classical modal logic S4. We prove that the translation is sound and complete. We also show that it extends to logics with boolean combinations of principals and with a "speaks for" relation. While a straightforward definition of this relation requires second-order quantifiers, we use our translation for obtaining alternative, quantifier-free presentations. We also derive decidability and complexity results for the logics of access control.