skip to main content
research-article

Access control via belnap logic: Intuitive, expressive, and analyzable policy composition

Published:06 June 2011Publication History
Skip Abstract Section

Abstract

Access control to IT systems increasingly relies on the ability to compose policies. Hence there is benefit in any framework for policy composition that is intuitive, formal (and so “analyzable” and “implementable”), expressive, independent of specific application domains, and yet able to be extended to create domain-specific instances. Here we develop such a framework based on Belnap logic. An access-control policy is interpreted as a four-valued predicate that maps access requests to either grant, deny, conflict, or unspecified -- the four values of the Belnap bilattice. We define an expressive access-control policy language PBel, having composition operators based on the operators of Belnap logic. Natural orderings on policies are obtained by lifting the truth and information orderings of the Belnap bilattice. These orderings lead to a query language in which policy analyses, for example, conflict freedom, can be specified. Policy analysis is supported through a reduction of the validity of policy queries to the validity of propositional formulas on predicates over access requests. We evaluate our approach through firewall policy and RBAC policy examples, and discuss domain-specific and generic extensions of our policy language.

References

  1. Abadi, M., Burrows, M., Lampson, B., and Plotkin, G. 1993. A calculus for access control in distributed systems. ACM Trans. Program. Lang. Syst. 15, 4, 706--734. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Arieli, O. and Avron, A. 1998. The value of the four values. Artif. Intell. 102, 1, 97--141. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Bauer, L., Ligatti, J., and Walker, D. 2005. Composing security policies with Polymer. In Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI'05). ACM, New York, 305--314. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Belnap, N. D. 1977. A useful four-valued logic. In Modern Uses of Multiple-Valued Logic, J. M. Dunn and G. Epstein Eds., D. Reidel, Dordrecht, 8--37.Google ScholarGoogle Scholar
  5. Blaze, M., Feigenbaum, J., Ioannidis, J., and Keromytis, A. D. 1999. The role of trust management in distributed systems security. In Secure Internet Programming, Lecture Notes in Computer Science, vol. 1603, Springer, Berlin, 185--210. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Bonatti, P., De Capitani Di Vimercati, S., and Samarati, P. 2002. An algebra for composing access control policies. ACM Trans. Inform. Syst. Security. 5, 1, 1--35. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Bruns, G., Dantas, D. S., and Huth, M. 2007. A simple and expressive semantic framework for policy composition in access control. In Proceedings of the 5th Workshop on Formal Methods in Security Engineering: From Specifications to Code. V. D. Gligor and H. Mantel Eds., ACM, New York, 12--21. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Bruns, G. and Huth, M. 2008. Access control via Belnap logic: Effective and efficient composition and analysis. In Proceedings of the 21st IEEE Computer Security Foundations Symposium. A. Sabelfeld Ed., IEEE, Los Alamitos, CA, 163--176. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Bruns, G. and Huth, M. 2011. Access control via Belnap logic: Intuitive, expressive, and analyzable policy composition. Tech. rep. 2011/6, Department of Computing, Imperial College London.Google ScholarGoogle Scholar
  10. Capretta, V., Stepien, B., Felty, A., and Matwin, S. 2007. Formal correctness of conflict detection for firewalls. In Proceedings of the ACM Workshop on Formal Methods in Security Engineering (FMSE'07). ACM, New York, 22--30. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. CiscoWorks. 2004. Using management center for firewalls 1.3.2. Cisco Systems, Inc.Google ScholarGoogle Scholar
  12. Dijkstra, E. W. 1976. A Discipline of Programming. Prentice Hall, Englewood Cliffs, NJ. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Ferraiolo, D. and Kuhn, D. R. 1992. Role-based access control. In Proceedings of the NIST-NSA National Computer Security Conference. 554--563.Google ScholarGoogle Scholar
  14. Ferraiolo, D. F., Kuhn, D. R., and Chandramouli, R. 2003. Role-Based Access Control 2nd Ed., Artech House, Norwood, MA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Fitting, M. 1991. Bilattices and the semantics of logic programming. J. Logic Program. 11, 1&2, 91--116. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Fitting, M. 2006. Bilattices are nice things. In Self-Reference, Center for the Study of Language and Information.Google ScholarGoogle Scholar
  17. Ginsberg, M. 1988. Multivalued logics: A uniform approach to reasoning in AI. Comput. Intell. 4, 256--316.Google ScholarGoogle ScholarCross RefCross Ref
  18. Halpern, J. and Weissman, V. 2003. Using first-order logic to reason about policies. In Proceedings of the Computer Security Foundations Workshop (CSFW'03).Google ScholarGoogle Scholar
  19. Halpern, J. Y. and Meyden, R. V. D. 2001. A logical reconstruction of SPKI. In Proceedings of the 14th IEEE Workshop on Computer Security Foundations (CSFW'01). IEEE Computer Society, Los Alamitos, CA, 59. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Jajodia, S., Samarati, P., Sapino, M. L., and Subrahmanian, V. S. 2001. Flexible support for multiple access control policies. ACM Trans. Datab. Syst. 26, 2, 214--260. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Kleene, S. C. 1952. Introduction to Metamathematics. D. Van Nostrand.Google ScholarGoogle Scholar
  22. Lee, A. J., Boyer, J. P., Olson, L. E., and Gunter, C. A. 2006. Defeasible security policy composition for web services. In Proceedings of the 4th ACM Workshop on Formal Methods in Security (FMSE'06). ACM, New York, 45--54. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Li, N., Grosof, B. N., and Feigenbaum, J. 2003. Delegation logic: A logic-based approach to distributed authorization. ACM Trans. Inform. Syst. Security 6. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Li, N. and Mao, Z. 2007. Administration in role-based access control. In Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security (ASIACCS'07). ACM, New York, 127--138. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Li, N., Wang, Q., Qardaji, W., Bertino, E., Rao, P., Lobo, J., and Lin, D. 2009. Access control policy combining: Theory meets practice. In Proceedings of the 14th ACM Symposium on Access Control Models and Technologies. ACM, New York, 135--144. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. McDougall, M., Alur, R., and Gunter, C. A. 2004. A model-based approach to integrating security policies for embedded devices. In Proceedings of the 4th ACM International Conference on Embedded Software (EMSOFT'04). ACM, New York, 211--219. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Meyer, B. 1992. Applying “Design by Contract”. IEEE Computer 25, 10, 40--51. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Mitchell, J. C. 1996. Foundations for Programming Languages. MIT Press, Cambridge, MA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Moffett, J. and Sloman, M. 1994. Policy conflict analysis in distributed systems management. J. Organiz. Comput. 4, 1, 1--22.Google ScholarGoogle ScholarCross RefCross Ref
  30. Moses, T. 2005. eXtensible access control markup language (XACML). Version 2.0, Committee specification, OASIS.Google ScholarGoogle Scholar
  31. Ni, Q., Bertino, E., and Lobo, J. 2009. D-algebra for composing access control policy decisions. In Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS'09). ACM, New York, 298--309. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Nuseibeh, B. and Easterbrook, S. 1999. The process of inconsistency management: A framework for understanding. In Proceedings of the Workshop on Database and Expert Systems Applications. IEEE, Los Alamitos, CA, 364--368. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Rao, P., Lin, D., Bertino, E., Li, N., and Lobo, J. 2009. An algebra for fine-grained integration of XACML policies. In Proceedings of the 14th ACM Symposium on Access Control Models and Technologies (SACMAT'09). ACM, New York, 63--72. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Reiter, R. 1980. A logic for default reasoning. Artif. Intell. 13, 1-2, 81--132.Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Ribeiro, C., Zuquete, A., Ferreira, P., and Guedes, P. 2001. SPL: An access control language for security policies and complex constraints. In Proceedings of the Network and Distributed System Security Symposium (NDSS'01).Google ScholarGoogle Scholar
  36. Sandhu, R. S., Bhamidipati, V., and Munawer, Q. 1999. The ARBAC97 model for role-based administration of roles. ACM Trans. Inform. Syst. Security 2, 1, 105--135. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. Schmidt, D. 1995. The Structure of Typed Programming Languages. The MIT Press, Cambridge, MA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Sedayao, J. 2001. Cisco IOS Access Lists. O'Reilly. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. Woo, T. Y. C. and Lam, S. S. 1993. Authorizations in distributed systems: A new approach. J. Comput. Security 2, 2-3, 107--136.Google ScholarGoogle ScholarCross RefCross Ref

Index Terms

  1. Access control via belnap logic: Intuitive, expressive, and analyzable policy composition

              Recommendations

              Comments

              Login options

              Check if you have access through your login credentials or your institution to get full access on this article.

              Sign in

              Full Access

              • Published in

                cover image ACM Transactions on Information and System Security
                ACM Transactions on Information and System Security  Volume 14, Issue 1
                May 2011
                366 pages
                ISSN:1094-9224
                EISSN:1557-7406
                DOI:10.1145/1952982
                Issue’s Table of Contents

                Copyright © 2011 ACM

                Publisher

                Association for Computing Machinery

                New York, NY, United States

                Publication History

                • Published: 6 June 2011
                • Accepted: 1 August 2010
                • Revised: 1 June 2010
                • Received: 1 September 2009
                Published in tissec Volume 14, Issue 1

                Permissions

                Request permissions about this article.

                Request Permissions

                Check for updates

                Qualifiers

                • research-article
                • Research
                • Refereed

              PDF Format

              View or Download as a PDF file.

              PDF

              eReader

              View online with eReader.

              eReader
              About Cookies On This Site

              We use cookies to ensure that we give you the best experience on our website.

              Learn more

              Got it!