We present a declarative authorization language that strikes a careful balance between syntactic and semantic simplicity, policy expressiveness, and execution efficiency. The syntax is close to natural language, and the semantics consists of just three deduction rules. The language can express many common policy idioms using constraints, controlled delegation, recursive predicates, and negated queries. We describe an execution strategy based on translation to Datalog with Constraints, and table-based resolution. We show that this execution strategy is sound, complete, and always terminates, despite recursion and negation, as long as simple syntactic conditions are met.

By using or providing feedback on the SecPAL Specification (comprised of the SecPAL formal model, SecPAL Schema Specification, and SecPAL Schema) (“Specification”), you agree to the following terms and conditions: • Microsoft hereby grants you permission to copy and review the Specification (a) as a reference to assist you in planning and designing your implementation of the Specification and (b) to provide feedback on the Specification to Microsoft. You may not modify, create derivative works from, subset, or extend the Specification. • Provided that you comply with all the terms of use for the Specification, Microsoft agrees to grant you a royalty-free license under reasonable and non-discriminatory terms and conditions to Microsoft patents that Microsoft deems necessary to implement the Specification. You must comply with and implement all normative portions of the Specification in its entirety; you may not elect to implement only portions of the Specification. Unless otherwise specifically mentioned all sections of the Specification should be considered normative. • You have no obligation to give Microsoft any suggestions, comments or other feedback (“Feedback”) relating to the Specification. If you do give Microsoft Feedback on the Specification, You agree: (a) Microsoft may freely use, reproduce, license, distribute, and otherwise commercialize Your Feedback in any Microsoft product or service offering; (b) you also grant third parties, without charge, only those patent rights necessary to implement those portions of the Specification that incorporate your Feedback; and (c) you will not give Microsoft any Feedback (i) that you have reason to believe is subject to any patent, copyright or other intellectual property claim or right of any third party; or (ii) subject to license terms which seek to require any Microsoft product offering incorporating or derived from such Feedback, or other Microsoft intellectual property, to be licensed to or otherwise shared with any third party.

Many access control models and policies have been proposed in recent years for different purposes. Access control is now evolving with the complex environments that it support. In open environments such as the Internet, the decision to grant access to a resource is often based on the characteristics of the requestor rather than its identity. Also, people have often little control over their personal information once it has been disclosed to third parties. Privacy and secondary usage regulations are increasingly demanding attention. In this paper, we present the emerging trends in the access control field to address the new needs and desiderata of today's systems

Security policies, in particular access control, are fundamental elements of computer security. We address the problem of authoring and analyzing policies in a modular way using techniques developed in the field of term rewriting, focusing especially on the use of rewriting strategies. Term rewriting supports a formalization of access control with a clear declarative semantics based on equational logic and an operational semantics guided by strategies. Wellestablished term rewriting techniques allow us to check properties of policies such as the absence of conflicts and the property of always returning a decision. A rich language for expressing rewriting strategies is used to define a theory of modular construction of policies in which we can better understand the preservation of properties of policies under composition. The robustness of the approach is illustrated on the composition operators of XACML.

Abstract not found