Modular Access Control via Strategic Rewriting

Daniel J. Dougherty Claude Kirchner 1, 2 Hélène Kirchner 1, 2 Anderson Santana de Oliveira 1
1 PROTHEO - Constraints, automatic deduction and software properties proofs
INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
Abstract : Security policies, in particular access control, are fundamental elements of computer security. We address the problem of authoring and analyzing policies in a modular way using techniques developed in the field of term rewriting, focusing especially on the use of rewriting strategies. Term rewriting supports a formalization of access control with a clear declarative semantics based on equational logic and an operational semantics guided by strategies. Well-established term rewriting techniques allow us to check properties of policies such as completeness and the absence of conflicts. A rich language for expressing rewriting strategies is used to define a theory of modular construction of policies in which we can better understand the preservation of properties of policies under composition. The robustness of the approach is illustrated on the composition operators of XACML.
Type de document :
Communication dans un congrès
Joachim Biskup, Javier Lopez. 12th European Symposium On Research In Computer Security - ESORICS 2007, Sep 2007, Dresden, Germany. Springer Berlin / Heidelberg, 4734, pp.578-593, 2007, Lecture Notes in Computer Science. 〈10.1007/978-3-540-74835-9_38〉
Liste complète des métadonnées

https://hal.inria.fr/inria-00185697
Contributeur : Anderson Santana de Oliveira <>
Soumis le : mardi 6 novembre 2007 - 17:32:16
Dernière modification le : jeudi 11 janvier 2018 - 06:19:58

Lien texte intégral

Identifiants

Collections

Citation

Daniel J. Dougherty, Claude Kirchner, Hélène Kirchner, Anderson Santana de Oliveira. Modular Access Control via Strategic Rewriting. Joachim Biskup, Javier Lopez. 12th European Symposium On Research In Computer Security - ESORICS 2007, Sep 2007, Dresden, Germany. Springer Berlin / Heidelberg, 4734, pp.578-593, 2007, Lecture Notes in Computer Science. 〈10.1007/978-3-540-74835-9_38〉. 〈inria-00185697〉

Partager

Métriques

Consultations de la notice

140