Publisher: John Wiley & Sons Inc
E-ISSN: 1532-0634|27|15|3877-3891
ISSN: 1532-0626
Source: CONCURRENCY AND COMPUTATION: PRACTICE & EXPERIENCE (ELECTRONIC), Vol.27, Iss.15, 2015-10, pp. : 3877-3891
Disclaimer: Any content in publications that violate the sovereignty, the constitution or regulations of the PRC is not accepted or approved by CNPIEC.
Abstract
SummaryThis paper studies logic‐based methods for representing and evaluating complex access control policies needed by modern applications. In our framework, authorization and delegation rules are specified in a weighted delegatable authorization program, which is an extended logic program. We show how extended logic programs can be used to specify complex security policies, which support weighted administrative privilege delegation, weighted positive and negative authorizations, and weighted authorization propagations. We also present a conflict resolution method that enables flexible delegation control by considering priorities of authorization grantors and weights of authorizations. We show how this method can be specialized to achieve many of the current existing conflict resolution methods. A number of rules are provided to achieve delegation depth control, conflict resolution, and authorization and delegation propagations. We also show how to use SMODELS to implement weighted delegatable authorization program. Copyright © 2015 John Wiley & Sons, Ltd.
Related content
Designing and evaluating weighted delegatable authorizations
CONCURRENCY AND COMPUTATION: PRACTICE & EXPERIENCE (ELECTRONIC), Vol. 1532-0626, Iss. 15, 2015-10 ,pp. :
Access to resources
Recommend
Designing and Evaluating an Adaptive Spoken Dialogue System
By Litman D.J.
User Modeling and User-Adapted Interaction, Vol. 12, Iss. 2-3, 2002-01 ,pp. :