A modal logic for information system security
Abstract
As a security mechanism, authorization or access control ensures that all accesses to the system resources occur exclusively according to the access polices and rules specified by the systemsecurity agent. Authorization specification has been extensively studied and a variety of approaches have been investigated. In this paper, we propose a knowledge oriented formal language to specify the system security policies and their reasoning in response to system resource access request. The semantics of our language is provided by translating our language into epistemic logic program in which knowledge related modal operators are employed to represent agents' knowledge in reasoning. We demonstrate how our authorization language handles the situation where the security agent's knowledge on access decision is incomplete.
Collections
- Computer Science & Engineering [2402 items ]