Results 11  20
of
1,831
Supporting Multiple Access Control Policies in Database Systems
 ACM Transactions on Database Systems
, 1996
"... Although there are several choices of policies for protection of information, access control models have been developed for a fixed set predefined access control policies that are then built into the corresponding access control mechanisms. This becomes a problem, however, if the access control req ..."
Abstract

Cited by 304 (45 self)
 Add to MetaCart
Although there are several choices of policies for protection of information, access control models have been developed for a fixed set predefined access control policies that are then built into the corresponding access control mechanisms. This becomes a problem, however, if the access control requirements of an application are different from the policies built into a mechanism. In most cases, the only solution is to enforce the requirements as part of the application code, but this makes verification, modification, and adequate enforcement of these policies impossible. In this paper, we propose a flexible authorization mechanism that can support different security policies. The mechanism enforces a general authorization model onto which multiple access control policies can be mapped. The model permits negative and positive authorizations, authorizations that must be strongly obeyed and authorizations that allow for exceptions, and enforces ownership together with delegation of admin...
A generalized temporal rolebased access control model
, 2001
"... Rolebased access control (RBAC) models are receiving increasing attention as a generalized approach to access control. Roles may be available to users at certain time periods, and unavailable at others. Moreover, there can be temporal dependencies among roles. To tackle such dynamic aspects, we int ..."
Abstract

Cited by 304 (22 self)
 Add to MetaCart
Rolebased access control (RBAC) models are receiving increasing attention as a generalized approach to access control. Roles may be available to users at certain time periods, and unavailable at others. Moreover, there can be temporal dependencies among roles. To tackle such dynamic aspects, we introduce TemporalRBAC (TRBAC), an extension of the RBAC model. TRBAC supports periodic role enabling and disabling—possibly with individual exceptions for particular users— and temporal dependencies among such actions, expressed by means of role triggers. Role trigger actions may be either immediately executed, or deferred by an explicitly specified amount of time. Enabling and disabling actions may be given a priority, which is used to solve conflicting actions. A formal semantics for the specification language is provided, and a polynomial safeness check is introduced to reject ambiguous or inconsistent specifications. Finally, a system implementing TRBAC on top of a conventional DBMS is presented.
Splitting a Logic Program
 Principles of Knowledge Representation
, 1994
"... In many cases, a logic program can be divided into two parts, so that one of them, the \bottom " part, does not refer to the predicates de ned in the \top " part. The \bottom " rules can be used then for the evaluation of the predicates that they de ne, and the computed va ..."
Abstract

Cited by 294 (16 self)
 Add to MetaCart
(Show Context)
In many cases, a logic program can be divided into two parts, so that one of them, the \bottom &quot; part, does not refer to the predicates de ned in the \top &quot; part. The \bottom &quot; rules can be used then for the evaluation of the predicates that they de ne, and the computed values can be used to simplify the \top &quot; de nitions. We discuss this idea of splitting a program in the context of the answer set semantics. The main theorem shows how computing the answer sets for a program can be simpli ed when the program is split into parts. The programs covered by the theorem may use both negation as failure and classical negation, and their rules may have disjunctive heads. The usefulness of the concept of splitting for the investigation of answer sets is illustrated by several applications. First, we show that a conservative extension theorem by Gelfond and Przymusinska and a theorem on the closed world assumption by Gelfond and Lifschitz are easy consequences of the splitting theorem. Second, (locally) strati ed programs are shown to have a simple characterization in terms of splitting. The existence and uniqueness of an answer set for such a program can be easily derived from this characterization. Third, we relate the idea of splitting to the notion of orderconsistency. 1
Smodels  an Implementation of the Stable Model and WellFounded Semantics for Normal Logic Programs
, 1997
"... The Smodels system is a C++ implementation of the wellfounded and stable model semantics for rangerestricted functionfree normal programs. The system includes two modules: (i) smodels which implements the two semantics for ground programs and (ii) parse which computes a grounded version of a range ..."
Abstract

Cited by 293 (9 self)
 Add to MetaCart
The Smodels system is a C++ implementation of the wellfounded and stable model semantics for rangerestricted functionfree normal programs. The system includes two modules: (i) smodels which implements the two semantics for ground programs and (ii) parse which computes a grounded version of a rangerestricted functionfree normal program. The latter module does not produce the whole set of ground instances of the program but a subset that is sufficient in the sense that no stable models are lost. The implementation of the stable model semantics for ground programs is based on bottomup backtracking search where a powerful pruning method is employed. The pruning method exploits an approximation technique for stable models which is closely related to the wellfounded semantics. One of the advantages of this novel technique is that it can be implemented to work in linear space. This makes it possible to apply the stable model semantics also in areas where resulting programs are highly n...
Logic Programming and Negation: A Survey
 JOURNAL OF LOGIC PROGRAMMING
, 1994
"... We survey here various approaches which were proposed to incorporate negation in logic programs. We concentrate on the prooftheoretic and modeltheoretic issues and the relationships between them. ..."
Abstract

Cited by 272 (8 self)
 Add to MetaCart
We survey here various approaches which were proposed to incorporate negation in logic programs. We concentrate on the prooftheoretic and modeltheoretic issues and the relationships between them.
ASSAT: Computing Answer Sets of a Logic Program by SAT Solvers
 Artificial Intelligence
, 2002
"... We propose a new translation from normal logic programs with constraints under the answer set semantics to propositional logic. Given a normal logic program, we show that by adding, for each loop in the program, a corresponding loop formula to the program’s completion, we obtain a onetoone corresp ..."
Abstract

Cited by 259 (7 self)
 Add to MetaCart
(Show Context)
We propose a new translation from normal logic programs with constraints under the answer set semantics to propositional logic. Given a normal logic program, we show that by adding, for each loop in the program, a corresponding loop formula to the program’s completion, we obtain a onetoone correspondence between the answer sets of the program and the models of the resulting propositional theory. In the worst case, there may be an exponential number of loops in a logic program. To address this problem, we propose an approach that adds loop formulas a few at a time, selectively. Based on these results, we implement a system called ASSAT(X), depending on the SAT solver X used, for computing one answer set of a normal logic program with constraints. We test the system on a variety of benchmarks including the graph coloring, the blocks world planning, and Hamiltonian Circuit domains. Our experimental results show that in these domains, for the task of generating one answer set of a normal logic program, our system has a clear edge over the stateofart answer set programming systems Smodels and DLV. 1 1
The Alternating Fixpoint of Logic Programs with Negation
, 1995
"... The alternating fixpoint of a logic program with negation is defined constructively. The underlying idea is monotonically to build up a set of negative conclusions until the least fixpoint is reached, using a transformation related to the one that defines stable models. From a fixed set of negative ..."
Abstract

Cited by 243 (3 self)
 Add to MetaCart
The alternating fixpoint of a logic program with negation is defined constructively. The underlying idea is monotonically to build up a set of negative conclusions until the least fixpoint is reached, using a transformation related to the one that defines stable models. From a fixed set of negative conclusions, the positive conclusions follow (without deriving any further negative ones), by traditional Horn clause semantics. The union of positive and negative conclusions is called the alternating xpoint partial model. The name "alternating" was chosen because the transformation runs in two passes; the first pass transforms an underestimate of the set of negative conclusions into an (intermediate) overestimate; the second pass transforms the overestimate into a new underestimate; the composition of the two passes is monotonic. The principal contributions of this work are (1) that the alternating fixpoint partial model is identical to the wellfounded partial model, and (2) that alternating xpoint logic is at least as expressive as xpoint logic on all structures. Also, on finite structures, fixpoint logic is as expressive as alternating fixpoint logic.
Logic Programming and Knowledge Representation
 Journal of Logic Programming
, 1994
"... In this paper, we review recent work aimed at the application of declarative logic programming to knowledge representation in artificial intelligence. We consider exten sions of the language of definite logic programs by classical (strong) negation, disjunc tion, and some modal operators and sh ..."
Abstract

Cited by 242 (20 self)
 Add to MetaCart
In this paper, we review recent work aimed at the application of declarative logic programming to knowledge representation in artificial intelligence. We consider exten sions of the language of definite logic programs by classical (strong) negation, disjunc tion, and some modal operators and show how each of the added features extends the representational power of the language.
Delegation Logic: A Logicbased Approach to Distributed Authorization
 ACM Transactions on Information and System Security
, 2000
"... We address the problem of authorization in largescale, open... ..."
Abstract

Cited by 242 (14 self)
 Add to MetaCart
(Show Context)
We address the problem of authorization in largescale, open...