Towards a theory of declarative knowledge
Foundations of deductive databases and logic programming
Computer security
The optimal approach to recursive programs
Communications of the ACM
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Principles of Program Analysis
Principles of Program Analysis
Boundary Inference for Enforcing Security Policies in Mobile Ambients
TCS '02 Proceedings of the IFIP 17th World Computer Congress - TC1 Stream / 2nd IFIP International Conference on Theoretical Computer Science: Foundations of Information Technology in the Era of Networking and Mobile Computing
Nordic Journal of Computing
Flow logic: a multi-paradigmatic approach to static analysis
The essence of computation
Flow Logic for Process Calculi
ACM Computing Surveys (CSUR)
Heuristic safety analysis of access control models
Proceedings of the 18th ACM symposium on Access control models and technologies
Hi-index | 0.00 |
The flow logic approach to static analysis amounts to specifying the admissibility of solutions to analysis problems; when specified using formulae in stratified alternation-free least fixed point logic one may use efficient algorithms for computing the least admissible solutions. We extend this scenario to validate the fulfilment of safety and security constraints on admissible solutions; the modified development produces a least solution together with a boolean value indicating whether or not the constraints are validated or violated. The main contribution is the development of a deterministic heuristics for obtaining a solution that is close to the least solution while enforcing the safety or security constraints. We illustrate it on the Bell-LaPadula mandatory access control policy where the heuristics is used to suggest modifications to the security annotations of entities in order for the security policy to hold.