Steve Barker

Term rewriting for access control

We demonstrate how access control models and policies can be represented by using term rewriting systems, and how rewriting may be used for evaluating access requests and for proving properties of an access control policy. We focus on two kinds of access control models: discretionary models, based on access control lists (ACLs), and role-based access control (RBAC) models. For RBAC models, we show that we can specify several variants, including models with role hierarchies, and constraints and support for security administrator review querying.

Dynamic event-based access control as term rewriting

Despite the widespread adoption of Role-based Access Control (RBAC) models, new access control models are required for new applications for which RBAC may not be especially well suited and for which implementations of RBAC do not enable properties of access control policies to be adequately defined and proven. To address these issues, we propose a form of access control model that is based upon the key notion of an event. The access control model that we propose is intended to permit the representation of access control requirements in a distributed and changing computing environment, the proving of properties of access control policies defined in terms of our model, and direct implementations for access control checking.

Personalizing access control by generalizing access control

We address the problem of providing data subjects with self-selected controls on access to their personal information. Existing approaches for this are not always sufficient in terms of offering the degrees of control and scope for individualization of access policies that are needed for personal data protection (and usage). We introduce a conceptual framework, a syntax, a semantics, and an axiomatization of a generalized form of access control meta-model, which may be specialized in various ways to enable data subjects to specify flexibly what access controls are to apply on their personal data.

A Meta-model of Access Control in a Fibred Security Language

The issue of representing access control requirements continues to demand significant attention. The focus of researchers has traditionally been on developing particular access control models and policy specification languages for particular applications. However, this approach has resulted in an unnecessary surfeit of models and languages. In contrast, we describe a general access control model and a logic-based specification language from which both existing and novel access control models may be derived as particular cases and from which several approaches can be developed for domain-specific applications. We will argue that our general framework has a number of specific attractions and an implication of our work is to encourage a methodological shift from a study of the particulars of access control to its generalities.

Access Control with Privacy Enhancements a Unified Approach

We describe an approach that aims to unify certain aspects of access control and privacy. Our unified approach is based on the idea of axiomatizing access control in general terms. We show how multiple access control and privacy models and policies can be uniformly represented as particular logical theories in our axiom system. We show that our approach translates into different practical languages for implementation and we give some performance measures for some candidate implementations of our approach.

Logical approaches to authorization policies

We show how core concepts in access control can be represented in axiomatic terms and how multiple access control models and policies can be uniformly represented as particular logical theories in the axiom system that we introduce. Authorization policies are represented in our framework by using a form of answer set programming. We describe the motivations for our approach and we consider how properties of policies can be proven in our scheme.

Dynamic Meta-level Access Control in SQL

Standard SQL is insufficiently expressive for representing many access control policies that are needed in practice. Nevertheless, we show how rich forms of access control policies can be defined within SQL when small amounts of contextual information are available to query evaluators. Rather than the standard, relational structure perspective that has been adopted for fine-grained access control, we consider instead the representation of dynamic fine-grained access control (DFMAC) policy requirements at the access policy level. We also show how DFMAC policies may be represented in SQL and we give some performance results for an implementation of our approach.

Access Control for Deductive Databases by Logic Programming

We show how logic programs may be used to protect deductive databases from the unauthorized retrieval of positive and negative information, and from unauthorized insert and delete requests. To achieve this protection, a deductive database is expressed in a form that is guaranteed to permit only authorized access requests to be performed. The protection of the positive information that may be retrieved from a database and the information that may be inserted are treated in a uniform way as is the protection of the negative information in the database, and the information that may be deleted.

Secommunity: a framework for distributed access control

We describe an approach for distributed access control policies that is based on a nonmonotonic semantics and the use of logic programming for policy specification and the evaluation of access requests. Our approach allows assertions of relevance to access control to be made by individual agents or on a community-based level and different strengths of testimonial warrant may be distinguished by using various logical operators. We describe a form of ASP that allows for remote access request evaluation and we discuss a DLV-based implementation of our approach.

Dynamics in delegation and revocation schemes: a logical approach

In this paper we first introduce a logic for describing formally a family of delegation and revocation models that are based on the work in Hagstrom et al., We then extend our logic to accommodate an epistemic interpretation of trust within the framework that we define. What emerges from this work is a rich framework of formally well-defined delegation and revocation schemes that accommodates an important trust component.