On transformation of authorization policies | Macquarie University ResearchOnline

Home

Please use this identifier to cite or link to this item: http://hdl.handle.net/1959.14/8459

11 Visitors

12 Hits

0 Downloads

Title: On transformation of authorization policies
Related: Data and knowledge engineering, Vol. 45, Issue 3, p.333-357
DOI: 10.1016/S0169-023X(02)00194-5
Publisher: Elsevier
Date: 2003
Author/Creator: Bai, Yun
Author/Creator: Varadharajan, Vijay
Description: In this paper, we propose a logic based approach to specify and to reason about transformation of authorization policies. The authorization policy is specified using a policy base which comprises a finite set of facts and access constraints. We define the structure of the policy transformation and employ a model-based semantics to perform the transformation under the principle of minimal change. Furthermore, we extend model-based semantics by introducing preference ordering to resolve possible conflicts during transformation of policies. We also discuss the implementation of the model-based transformation approach and analyse the complexity of the algorithms introduced. Our system is able to represent both implicit and incomplete authorization requirements and reason about nonmonotonic properties.
Description: 25 page(s)
Subject Keyword: logic based specification
Subject Keyword: security
Subject Keyword: authorization policy
Subject Keyword: transformations
Resource Type: journal article
Organisation: Macquarie University. Dept. of Computing

Macquarie University ResearchOnline