Statecharts: A visual formalism for complex systems
Science of Computer Programming
Design and validation of computer protocols
Design and validation of computer protocols
Miro: Visual Specification of Security
IEEE Transactions on Software Engineering
Handbook of logic in artificial intelligence and logic programming (vol. 3)
IEEE Spectrum
Formal methods: state of the art and future directions
ACM Computing Surveys (CSUR) - Special ACM 50th-anniversary issue: strategic directions in computing research
The Unified Modeling Language user guide
The Unified Modeling Language user guide
Conflicts in Policy-Based Distributed Systems Management
IEEE Transactions on Software Engineering
A declarative approach to business rules in contracts: courteous logic programs in XML
Proceedings of the 1st ACM conference on Electronic commerce
A hybrid model for specifying features and detecting interactions
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on the feature interactions in telecommunications systems
ACM Transactions on Information and System Security (TISSEC)
Exploiting Behavioral Hierarchy for Efficient Model Checking
CAV '02 Proceedings of the 14th International Conference on Computer Aided Verification
On the Analysis of Regulations using Defeasible Rules
HICSS '99 Proceedings of the Thirty-second Annual Hawaii International Conference on System Sciences-Volume 6 - Volume 6
Propositional defeasible logic has linear complexity
Theory and Practice of Logic Programming
Timed constraint programming: a declarative approach to usage control
PPDP '05 Proceedings of the 7th ACM SIGPLAN international conference on Principles and practice of declarative programming
Defeasible security policy composition for web services
Proceedings of the fourth ACM workshop on Formal methods in security
Access control via belnap logic: Intuitive, expressive, and analyzable policy composition
ACM Transactions on Information and System Security (TISSEC)
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
| Hi-index | 0.00 |
Embedded devices like smartcards can now run multiple interacting applications. A particular challenge in this domain is to dynamically integrate diverse security policies. In this paper we show how a framework based on a concise formal model lets us securely customize a payment card equipped with a programmable chip. We present policy automata, a formal model of computations that grant or deny access to a resource. This model combines defeasible logic with state machines, representing complex policies as combinations of simpler modular policies. We use the model in a framework for specifying, merging and analyzing modular policies. This framework is implemented as Polaris, a tool which analyzes policy automata to reveal potential conflicts or redundancies, and compiles automata into Java Card applets.