Combining logics for modelling security policies

Authors:
Chuchang Liu;Patrick McLean;Maris A. Ozols
Affiliations:
Defence Science and Technology Organisation, Edinburgh, SA, Australia;Defence Science and Technology Organisation, Edinburgh, SA, Australia;Defence Science and Technology Organisation, Edinburgh, SA, Australia
Venue:
ACSC '05 Proceedings of the Twenty-eighth Australasian conference on Computer Science - Volume 38
Year:
2005

Citing 12
Cited 1

Temporal logics and their applications

Temporal logics and their applications
Properties of independently axiomatizable bimodal logics

Journal of Symbolic Logic
A logic for reasoning about security

ACM Transactions on Computer Systems (TOCS)
Reasoning about knowledge

Reasoning about knowledge
Deontic logic in computer science: normative system specification

Deontic logic in computer science: normative system specification
Dealing with multiple granularity of time in temporal logic programming

Journal of Symbolic Computation - Special issue: executable temporal logics
Epistemic Logic for AI and Computer Science

Epistemic Logic for AI and Computer Science
A Modal Logical Framework for Security Policies

ISMIS '97 Proceedings of the 10th International Symposium on Foundations of Intelligent Systems
A Flexible Method for Information System Security Policy Specification

ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security
Specifying a security policy: a case study

CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
Analyzing consistency of security policies

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Specification and verification of security policies

Specification and verification of security policies

Theories of Trust for Communication Protocols

ATC '09 Proceedings of the 6th International Conference on Autonomic and Trusted Computing

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper considers a logical framework for modelling security policies for information systems. Epistemic, deontic and temporal logics can respectively be used to express what an agent knows or believes, what an agent is permitted or forbidden to know or do, and the dynamic progress of a system over time. In modelling a security policy for a practical system, one may need to combine these logical notions to express statements of the policy, so a combination of logics is considered. We investigate the issues regarding techniques for combining logics, approaches to formalizing security policies based on a combined logic, and strategies applied for reasoning about the security properties required to be satisfied by a policy. Several possible future research directions under this logical framework are discussed.