Reasoning about the consequences of authorization policies in a linear epistemic logic

Reasoning about the consequences of authorization policies in a linear epistemic logic (2009)

Cached

Download Links

by Henry DeYoung , Frank Pfenning

Citations:

BibTeX

@TECHREPORT{DeYoung09reasoningabout,
    author = {Henry DeYoung and Frank Pfenning},
    title = { Reasoning about the consequences of authorization policies in a linear epistemic logic},
    institution = {},
    year = {2009}
}

Bookmark

OpenURL

Abstract

Authorization policies are not stand-alone objects: they are used to selectively permit actions that change the state of a system. Thus, it is desirable to have a framework for reasoning about the semantic consequences of policies. To this end, we extend a rewriting interpretation of linear logic with connectives for modeling affirmation, knowledge, and possession. To cleanly confine semantic effects to the rewrite sequence, we introduce a monad. The result is a richly expressive logic that elegantly integrates policies and their effects. After presenting this logic and its metatheory, we demonstrate its utility by proving properties that relate a simple file system’s policies to their semantic consequences.

Citations

651	Notions of computation and monads - Moggi - 1991
541	Linear Logic - Girard - 1987
315	A calculus for access control in distributed systems - Abadi, Burrows, et al. - 1993
290	Logic programming with focusing proofs in linear logic - Andreoli - 1992
191	Semantical considerations on Floyd-Hoare logic - Pratt - 1976
161	Proof-carrying authentication - Appel, Felten - 1999
138	Proving properties of security protocols by induction - Paulson - 1997
134	A.: A metanotation for protocol analysis - Cervesato, Durgin, et al. - 1999
117	On the meanings of the logical constants and the justifications of the logical laws - Martin-Löf - 1996
53	Propositional lax logic - Fairtlough, Mendler - 1997
52	Access control in a core calculus of dependency - Abadi
51	Computational types from a logical perspective - Benton, Bierman, et al. - 1998
37	Access Control for the Web via Proof-Carrying Authorization - BAUER
37	Monadic Concurrent Linear Logic Programming - López, Pfenning, et al. - 2005
30	Typed MSR: Syntax and Examples - Cervesato
29	Focussing and proof construction - Andreoli
22	Breaking and fixing publickey Kerberos - Cervesato, Jaggard, et al. - 2008
19	The Dolev-Yao Intruder is the Most Powerful Attacker - Cervesato - 2001
18	A machine checkable logic of knowledge for specifying security properties of electronic commerce protocols - Clarke, Jha, et al. - 1998
13	and Itay Neeman. DKAL: Distributed-knowledge authorization language - Gurevich - 2008
12	Dkal: Distributed-knowledge authorization language - GUREVICH, I
12	Logic, Theoretical Computer Science 50 - Girard, Linear - 1987
12	A linear logic of affirmation and knowledge - Garg, Bauer, et al. - 2006
10	Focussing and proof construction. Annals Pure Applied Logic - Andreoli - 2001
10	Relating multiset rewriting and process algebras for security protocol analysis - Bistarelli, Cervesato, et al. - 2005
10	Data access specification and the most powerful symbolic attacker in MSR - Cervesato - 2002
9	R.J.: Substructural operational semantics as ordered logic programming - Pfenning, Simmons - 2009
7	Relating state-based and process-based concurrency through linear logic (full-version - Cervesato, Scedrov
7	A secure compiler for session abstractions - Corin, Deniélou, et al.
6	Variations in Access Control Logic - ABADI - 2008