Protection in operating systems
Communications of the ACM
An algebra for composing access control policies
ACM Transactions on Information and System Security (TISSEC)
A fine-grained access control system for XML documents
ACM Transactions on Information and System Security (TISSEC)
Securing XML Documents with Author-X
IEEE Internet Computing
A propositional policy algebra for access control
ACM Transactions on Information and System Security (TISSEC)
Access-Control Policies via Belnap Logic: Effective and Efficient Composition and Analysis
CSF '08 Proceedings of the 2008 21st IEEE Computer Security Foundations Symposium
D-algebra for composing access control policy decisions
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
An algebra for fine-grained integration of XACML policies
Proceedings of the 14th ACM symposium on Access control models and technologies
Access control policy combining: theory meets practice
Proceedings of the 14th ACM symposium on Access control models and technologies
An authorization framework resilient to policy evaluation failures
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
PTaCL: a language for attribute-based access control in open systems
POST'12 Proceedings of the First international conference on Principles of Security and Trust
PTaCL: a language for attribute-based access control in open systems
POST'12 Proceedings of the First international conference on Principles of Security and Trust
Social access control language (SocACL)
Proceedings of the 6th International Conference on Security of Information and Networks
Science of Computer Programming
| Hi-index | 0.00 |
Many languages and algebras have been proposed in recent years for the specification of authorization policies. For some proposals, such as XACML, the main motivation is to address real-world requirements, typically by providing a complex policy language with somewhat informal evaluation methods; others try to provide a greater degree of formality --- particularly with respect to policy evaluation --- but support far fewer features. In short, there are very few proposals that combine a rich set of language features with a well-defined semantics, and even fewer that do this for authorization policies for attribute-based access control in open environments. In this paper, we decompose the problem of policy specification into two distinct sub-languages: the policy target language (PTL) for target specification, which determines when a policy should be evaluated; and the policy composition language (PCL) for building more complex policies from existing ones. We define syntax and semantics for two such languages and demonstrate that they can be both simple and expressive. PTaCL, the language obtained by combining the features of these two sub-languages, supports the specification of a wide range of policies. However, the power of PTaCL means that it is possible to define policies that could produce unexpected results. We provide an analysis of how PTL should be restricted and how policies written in PCL should be evaluated to minimize the likelihood of undesirable results.