Results 1 
8 of
8
A logicbased framework for attribute based access control
 In Workshop on Formal Methods in Security Engineering
, 2004
"... Attribute based access control (ABAC) grants accesses to services based on the attributes possessed by the requester. Thus, ABAC differs from the traditional discretionary access control model by replacing the subject by a set of attributes and the object by a set of services in the access control ..."
Abstract

Cited by 71 (3 self)
 Add to MetaCart
Attribute based access control (ABAC) grants accesses to services based on the attributes possessed by the requester. Thus, ABAC differs from the traditional discretionary access control model by replacing the subject by a set of attributes and the object by a set of services in the access control matrix. The former is appropriate in an identityless system like the Internet where subjects are identified by their characteristics, such as those substantiated by certificates. These can be modeled as attribute sets. The latter is appropriate because most Internet users are not privy to method names residing on remote servers. These can be modeled as sets of service options. We present a framework that models this aspect of access control using logic programming with set constraints of a computable set theory [DPPR00]. Our framework specifies policies as stratified constraint flounderfree logic programs that admit primitive recursion. The design of the policy specification framework ensures that they are consistent and complete. Our ABAC policies can be transformed to ensure faster runtimes.
Uniform Closures: OrderTheoretically Reconstructing Logic Program Semantics and Abstract Domain Refinement
 Inform. and Comput
, 1998
"... Domain Refinements Roberto Giacobazzi Dipartimento di Informatica Universit`a di Pisa Corso Italia 40, 56125 Pisa, Italy giaco@di.unipi.it Francesco Ranzato Dipartimento di Matematica Pura ed Applicata Universit`a di Padova Via Belzoni 7, 35131 Padova, Italy franz@math.unipd.it Abstract The no ..."
Abstract

Cited by 9 (6 self)
 Add to MetaCart
(Show Context)
Domain Refinements Roberto Giacobazzi Dipartimento di Informatica Universit`a di Pisa Corso Italia 40, 56125 Pisa, Italy giaco@di.unipi.it Francesco Ranzato Dipartimento di Matematica Pura ed Applicata Universit`a di Padova Via Belzoni 7, 35131 Padova, Italy franz@math.unipd.it Abstract The notion of uniform closure operator is introduced, and it is shown how this concept surfaces in two different areas of application of abstract interpretation, notably in semantics design for logic programs and in the theory of abstract domain refinements. In logic programming, uniform closures permit to generalize, from an ordertheoretic perspective, the standard hierarchy of declarative semantics. In particular, we show how to reconstruct the modeltheoretic characterization of the wellknown ssemantics using pure ordertheoretic concepts only. As far as the systematic refinement operators on abstract domains are concerned, we show that uniform closures capture precisely the property of a ref...
Stable Generated Models of Generalized Constraint Logic Programs
 In Proc. WFLP 2001
, 2001
"... We present a declarative semantics of generalized constraint logic programs based on stable generated models. Generalized logic programs contain arbitrary quantifier free formulas in the bodies and heads of their rules. Up to now the only declarative semantics for this program class is defined i ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
(Show Context)
We present a declarative semantics of generalized constraint logic programs based on stable generated models. Generalized logic programs contain arbitrary quantifier free formulas in the bodies and heads of their rules. Up to now the only declarative semantics for this program class is defined in terms of stable generated models introduced by Herre and Wagner.
Security policy cognizant module composition,” Available at http://cs.gmu.edu
, 2010
"... Componentbased software development and deployment is based on developing individual software modules that are composed on an as needed basis. Such modules expose the computations they provide and their dependencies on providing these computations that results in a well known requiresprovides ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
(Show Context)
Componentbased software development and deployment is based on developing individual software modules that are composed on an as needed basis. Such modules expose the computations they provide and their dependencies on providing these computations that results in a well known requiresprovides specifications for modules. This paper provides a framework to combine modules that specify their requiresprovides interfaces in a policy dependent way. Our framework specify policies as combinations of Constraint Logic Programming (CLP) based rules and our policies can cover multiple aspects associated of compositions, such as security and quality of service. We apply our framework to specify Quality of Protection (QoP) and Quality of Service (QoP) policies. An example shows the applicability of our policy language to a teleconferencing application with multiple security and resource usage policies. 1
Analysis of Normal Logic Programs
"... In this paper we present a dataflow analysis method for normal logic programs interpreted with negation as failure or constructive negation. We apply our method to a well known analysis for logic programs: the depth(k) analysis for approximating the set of computed answers. The analysis is correct w ..."
Abstract
 Add to MetaCart
In this paper we present a dataflow analysis method for normal logic programs interpreted with negation as failure or constructive negation. We apply our method to a well known analysis for logic programs: the depth(k) analysis for approximating the set of computed answers. The analysis is correct w.r.t. SLDNF resolution and optimal w.r.t. constructive negation.
Motivation Partial Stable Generated Models of Generalized Logic Programs with Constraints
"... Logic programs are an important knowledge representation tool. In many cases, definite logic programs are too restricted to formalize problems intuitively. Therefore definite logic programs have been extended in several ways by additional syntactic constructs such as negation and disjunction. A very ..."
Abstract
 Add to MetaCart
Logic programs are an important knowledge representation tool. In many cases, definite logic programs are too restricted to formalize problems intuitively. Therefore definite logic programs have been extended in several ways by additional syntactic constructs such as negation and disjunction. A very expressive program class are generalized logic programs. Their rules may contain any quantifier free formula in both their body and head. Definite, normal and disjunctive logic programs are special cases of generalized logic programs. Constraint logic programming, defined in [4], extends definite logic programs by constraints: logical expressions that describe special properties of the problem domain. The combination of these two extensions defines the syntax of generalized logic programs with constraints (�ÄÈ �). Declarative semantics provides a mathematically precise
Stable Generated Models of Generalized Constraint Logic Programs
"... t n ) is an atom of L(\Sigma R ; \Sigma F ; V; F ) iff p 2 \Sigma R with arity n and all t i are terms in Term(\Sigma F ; V ). Literals are elements of Lit P;C = L(\Sigma R ; \Sigma F ; V; fnotg). Given a (purely relational) program signature \Sigma R P and a constraint signature \Sig ..."
Abstract
 Add to MetaCart
t n ) is an atom of L(\Sigma R ; \Sigma F ; V; F ) iff p 2 \Sigma R with arity n and all t i are terms in Term(\Sigma F ; V ). Literals are elements of Lit P;C = L(\Sigma R ; \Sigma F ; V; fnotg). Given a (purely relational) program signature \Sigma R P and a constraint signature \Sigma C = (\Sigma R C ; \Sigma F C ) we define the constraint language L C = L(\Sigma R C ; \Sigma F C ; V; F ) (using constraint predicates only) and the program language<F
QoP and QoS Policy Cognizant Module Composition
"... Abstract—Componentbased software engineering is generally recognized as one of the best methods to develop, deploy, and manage increasingly complex software systems. To enable the dynamic composition of software modules, it is often required to expose their functionality dependencies. This results ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract—Componentbased software engineering is generally recognized as one of the best methods to develop, deploy, and manage increasingly complex software systems. To enable the dynamic composition of software modules, it is often required to expose their functionality dependencies. This results the a wellknown requiresprovides specifications ’ model. In this paper, we introduce a framework that enables individual software components to specify their requiresprovides interfaces in a policy dependent way. Our framework specifies policies as combinations of Constraint Logic Programming (CLP) based rules. Moreover, our policies are flexible and expressive, allowing the enforcement of multiple aspects for the requested composition including security and quality of service. We apply our framework to specify Quality of Protection (QoP) and Quality of Service (QoS) policies. We demonstrate the applicability of our policy language using as an example a teleconferencing application with diverse requirements for the specification of security and resource policies. KeywordsPolicybased software composition; Policies for software interfaces; Policies for aspectoriented software I.