Abstract
A policy describes the conditions under which an action is permitted or forbidden. We show that a fragment of (multi-sorted) first-order logic can be used to represent and reason about policies. Because we use first-order logic, policies have a clear syntax and semantics. We show that further restricting the fragment results in a language that is still quite expressive yet is also tractable. More precisely, questions about entailment, such as “May Alice access the file?”, can be answered in time that is a low-order polynomial (indeed, almost linear in some cases), as can questions about the consistency of policy sets.
- Abadi, M., Burrows, M., Lampson, B., and Plotkin, G. D. 1993. A calculus for access control in distributed systems. ACM Trans. Program. Lang. Syst. 15, 4, 706--734.]] Google Scholar
Digital Library
- Appel, A. W. and Felten, E. W. 1999. Proof-carrying authentication. In Proceedings of the ACM Conference on Computer and Communications Security (CCS'99). 52--62.]] Google Scholar
Digital Library
- Apple Computer, I. 2004. iTunes: Terms of sale. Available at http://www.apple.com/support/ itunes/legal/policies.html.]]Google Scholar
- Becker, M. Y. and Sewell, P. 2004. Cassandra: Flexible trust management, applied to electronic health records. In Proceedings of the 17th IEEE Computer Security Foundations Workshop (CSFW'04). 139--154.]] Google Scholar
Digital Library
- Bertino, E., Bettini, C., Ferrari, E., and Samarati, P. 1998. An access control model supporting periodicity constraints and temporal reasoning. ACM Trans. Database Syst. 23, 3, 231--285.]] Google Scholar
Digital Library
- Blaze, M., Feigenbaum, J., Ioannidis, J., and Keromytis, A. 1998. The KeyNote trust management system. Available at http://www.cis.upenn.edu/~angelos/keynote.html.]]Google Scholar
- Blaze, M., Feigenbaum, J., and Lacy, J. 1996. Decentralized trust management. In Proceedings of the 1996 IEEE Symposium on Security and Privacy (SP'96). 164--173.]] Google Scholar
Digital Library
- Blaze, M., Feigenbaum, J., and Strauss, M. 1998. Compliance checking in the PolicyMaker trust management system. In Proceedings of Financial Cryptography (FC'98) 1998. 254--274.]] Google Scholar
Digital Library
- Börger, E., Grädel, E., and Gurevich, Y. 1997. The Classical Decision Problem. Perspectives of Mathematical Logic. Springer-Verlag, Berlin, Germany. 2nd printing (Universitext) 2001.]]Google Scholar
- Brand, D. 1975. Proving theorems with the modification method. SIAM J. Comput. 4, 4, 412--430.]]Google Scholar
Digital Library
- Chomicki, J., Lobo, J., and Naqvi, S. 2000. A logic programming approach to conflict resolution in policy management. In Principles of Knowledge Representation and Reasoning: Proceedings of the 9th International Conference (KR'00). 121--132.]]Google Scholar
- ContentGuard. 2001. XrML: The digital rights language for trusted content and services. Available at http://www.xrml.org/.]]Google Scholar
- DeTreville, J. 2002. Binder, a logic-based security language. In Proceedings of the 2002 IEEE Symposium on Security and Privacy (SP'02). 95--103.]] Google Scholar
Digital Library
- Ellison, C., Frantz, B., Lampson, B., Rivest, R., Thomas, B., and Ylonen, T. 1999a. Simple public key certificate. Available at http://world.std.com/~cme/spki.txt. Internet RFC 2693.]]Google Scholar
- Ellison, C., Frantz, B., Lampson, B., Rivest, R., Thomas, B., and Ylonen, T. 1999b. SPKI certificate theory. Available at http://www.ietf.org/html.charters/spki-charter.html. Internet RFC 2693.]] Google Scholar
Digital Library
- Enderton, H. B. 1972. A Mathematical Introduction to Logic. Academic Press, New York.]]Google Scholar
- Ferraiolo, D., Barkley, J., and Kuhn, D. 1999. A role based access control model and reference implementation within a corporate intranet. ACM Trans. Inform. Syst. Secur. 1, 2, 34--64.]] Google Scholar
Digital Library
- Garcia-Molina, H., Ullman, J. D., and Widom, J. 2002. Database Systems: The Complete Book. Prentice Hall, New Jersey.]]Google Scholar
Digital Library
- Glasgow, J., MacEwen, G., and Panangaden, P. 1992. A logic for reasoning about security. ACM Trans. Comput. Syst. 10, 3, 226--264.]] Google Scholar
Digital Library
- Griffiths, P. and Wade, B. 1976. An authorization mechanism for a relational database system. ACM Trans. Database Syst. 1, 3, 242--255.]] Google Scholar
Digital Library
- Halpern, J. Y. and van der Meyden, R. 2003. A logical reconstruction of SPKI. J. Comput. Secur. 11, 4, 581--614.]] Google Scholar
Digital Library
- Halpern, J. Y., van der Meyden, R., and Schneider, F. 1999. Logical foundations for trust management. Unpublished manuscript.]]Google Scholar
- Halpern, J. Y. and Weissman, V. 2003. Using first-order logic to reason about policies. In Proceedings of the 16th IEEE Computer Security Foundations Workshop (CSFW'03). 187--201.]]Google Scholar
- Halpern, J. Y. and Weissman, V. 2008. A formal foundation for XrML. J. ACM 55, 1.]] Google Scholar
Digital Library
- Hitchens, M. and Varadharajan, V. 2001. Tower: A language for role based access control. In Proceedings of the International Workshop of Policies for Distributed Systems and Networks (POLICY'00). 88--106.]] Google Scholar
Digital Library
- Iannella, R. 2001. ODRL: The open digital rights language initiative. Available at http://odrl.net/.]]Google Scholar
- Ioannidis, Y. and Sellis, T. 1992. Supporting inconsistent rules in database systems. J. Intell. Inform. Syst. 1, 3/4, 243--270.]]Google Scholar
Cross Ref
- Jajodia, S., Samarati, P., Sapino, M. L., and Subrahmanian, V. 2001. Flexible support for multiple access control policies. ACM Trans. Database Syst. 26, 2, 214--260.]] Google Scholar
Digital Library
- Jim, T. 2001. Sd3: A trust management system with certified evaluation. In Proceedings of the 2001 IEEE Symposium on Security and Privacy (SP'01). 106--115.]] Google Scholar
Digital Library
- Lampson, B., Abadi, M., Burrows, M., and Wobber, E. 1992. Authentication in distributed systems: Theory and practice. ACM Trans. Comput. Syst. 10, 4, 265--310.]] Google Scholar
Digital Library
- Li, N., Grosof, B. N., and Feigenbaum, J. 2003. Delegation logic: A logic-based approach to distributed authorization. ACM Trans. Inf. Syst. Secur. 6, 1, 128--171.]] Google Scholar
Digital Library
- Li, N. and Mitchell, J. C. 2003. Datalog with constraints: A foundation for trust management languages. In Proceedings of the 5th International Symposium on Practical Aspects of Declarative Languages (PADL'03). 58--73.]] Google Scholar
Digital Library
- Li, N. and Mitchell, J. C. 2006. Understanding spki/sdsi using first-order logic. Int. J. Inform. Secur. 5, 1, 48--64.]] Google Scholar
Digital Library
- Li, N., Mitchell, J. C., and Winsborough, W. H. 2002. Design of a role-based trust-management framework. In Proceedings of the IEEE Symposium on Security and Privacy (SP'02). 114--130.]] Google Scholar
Digital Library
- Microsoft. 2003. Information rights management in Office Professional Edition 2003. Available at http://www.microsoft.com/office/editions/prodinfo/technologies/irm.mspx.]]Google Scholar
- Moses, T. 2005. XACML: The eXtensible Access Control Markup Language, version 2.0. Available at http://www.xacml.org.]]Google Scholar
- MPEG. 2004. Information technology---Multimedia framework (MPEG-21) -- Part 5: Rights Expression Language (ISO/IEC 21000-5:2004). Available at http://www.iso.ch/iso/en/.]]Google Scholar
- Nelson, G. and Oppen, D. C. 1980. Fast decision procedures based on congruence closure. JACM 27, 2, 356--364.]] Google Scholar
Digital Library
- Nerode, A. and Shore, R. 1997. Logic for Applications, 2nd ed. Springer-Verlag, New York.]] Google Scholar
Digital Library
- Pfleeger, C. P. 1997. Security in Computing. Prentice Hall, New Jersey.]] Google Scholar
Digital Library
- Pucella, R. and Weissman, V. 2004. A formal foundation for ODRL rights. In Workshop on Issues in the Theory of Security (WITS'04).]]Google Scholar
- Rivest, R. and Lampson, B. 1996. SDSI --- A simple distributed security infrastructure. Available at http://theory.lcs.mit.edu/~cis/sdsi.html.]]Google Scholar
- Robinson, G. and Wos, L. 1983. Paramodulation and theorem-proving in first-order theories with equality. In Automation of Reasoning 2: Classical Papers on Computational Logic 1967-1970, J. Siekmann and G. Wrightson, Eds. Springer, Berlin, Heidelberg, 298--313.]]Google Scholar
- Sandhu, R. S., Coyne, E. J., Feinstein, H. L., and Youman, C. E. 1996. Role-based access control models. IEEE Comput. 29, 2, 38--47.]] Google Scholar
Digital Library
- Sleator, D. and Tarjan, R. 1983. A data structure for dynamic trees. J. Comput. Syst. Sci. 26, 3, 362--391.]] Google Scholar
Digital Library
- Stockmeyer, L. J. 1977. The polynomial-time hierarchy. Theor. Comput. Sci. 3, 1--22.]]Google Scholar
Cross Ref
- Weissman, V. and Lagoze, C. 2004. Towards a policy language for humans and computers. In Proceedings of the 8th European Conference on Digital Libraries (ECDL'04). 513--525.]]Google Scholar
- Wright, G. H. v. 1951. An Essay in Modal Logic. North-Holland, Amsterdam.]]Google Scholar
Index Terms
Using First-Order Logic to Reason about Policies
Recommendations
First-Order Modal Logic: Frame Definability and a Lindström Theorem
We generalize two well-known model-theoretic characterization theorems from propositional modal logic to first-order modal logic (FML, for short). We first study FML-definable frames and give a version of the Goldblatt---Thomason theorem for this logic. ...
Formalization of the Resolution Calculus for First-Order Logic
I present a formalization in Isabelle/HOL of the resolution calculus for first-order logic with formal soundness and completeness proofs. To prove the calculus sound, I use the substitution lemma, and to prove it complete, I use Herbrand interpretations ...






Comments