Conflicts in Policy-Based Distributed Systems Management
IEEE Transactions on Software Engineering
A declarative approach to business rules in contracts: courteous logic programs in XML
Proceedings of the 1st ACM conference on Electronic commerce
A modular approach to composing access control policies
Proceedings of the 7th ACM conference on Computer and communications security
Automated negotiation from declarative contract descriptions
Proceedings of the fifth international conference on Autonomous agents
Dealing with Multi-policy Security in Large Open Distributed Systems
ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security
On the Analysis of Regulations using Defeasible Rules
HICSS '99 Proceedings of the Thirty-second Annual Hawaii International Conference on System Sciences-Volume 6 - Volume 6
What is Default Reasoning Good For ? Applications Revisited
HICSS '99 Proceedings of the Thirty-second Annual Hawaii International Conference on System Sciences-Volume 6 - Volume 6
Supporting Multiple Access Control Policies in Database Systems
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Analyzing consistency of security policies
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
A model-based approach to integrating security policies for embedded devices
Proceedings of the 4th ACM international conference on Embedded software
Propositional defeasible logic has linear complexity
Theory and Practice of Logic Programming
Verifying policy-based security for web services
Proceedings of the 11th ACM conference on Computer and communications security
Modeling and analyzing integrated policies
Modeling and analyzing integrated policies
WSEmail: Secure Internet Messaging Based on Web Services
ICWS '05 Proceedings of the IEEE International Conference on Web Services
Verified Interoperable Implementations of Security Protocols
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Securing the drop-box architecture for assisted living
Proceedings of the fourth ACM workshop on Formal methods in security
A simple and expressive semantic framework for policy composition in access control
Proceedings of the 2007 ACM workshop on Formal methods in security engineering
Proceedings of the 2007 conference on New Trends in Software Methodologies, Tools and Techniques: Proceedings of the sixth SoMeT_07
Handling inheritance violation for secure interoperation of heterogeneous systems
International Journal of Security and Networks
Component-based security policy design with colored Petri nets
Semantics and algebraic specification
Validating security policy conformance with WS-security requirements
IWSEC'10 Proceedings of the 5th international conference on Advances in information and computer security
Access control via belnap logic: Intuitive, expressive, and analyzable policy composition
ACM Transactions on Information and System Security (TISSEC)
Towards coequal authorization for dynamic collaboration
AMT'11 Proceedings of the 7th international conference on Active media technology
AMPol-Q: adaptive middleware policy to support qos
ICSOC'06 Proceedings of the 4th international conference on Service-Oriented Computing
Modular access control via strategic rewriting
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Hi-index | 0.00 |
The ability to automatically compose security policies created by multiple organizations is fundamental to the development of scalable security systems. The diversity of policies leads to conflicts and the need to resolve priorities between rules. In this paper we explore the concept of defeasible policy composition, wherein policies are represented in defeasible logic and composition is based on rules for non-monotonic inference. This enables policy writers to assert rules tentatively; when policies are composed the policy with the firmest position takes precedence. In addition, the structure of our policies allows for composition to occur using a single operator; this allows for entirely automated composition. We argue that this provides a practical system that can be understood by typical policy writers, analyzed rigorously by theoreticians, and efficiently automated by computers. We aim to partially validate these claims here with a formulation of defeasible policy composition for web services, an emerging foundation for B2B commerce on the World Wide Web.