Valerio Genovese

Fibred Security Language

We study access control policies based on the says operator by introducing a logical framework called Fibred Security Language (FSL) which is able to deal with features like joint responsibility between sets of principals and to identify them by means of first-order formulas. FSL is based on a multimodal logic methodology. We first discuss the main contributions from the expressiveness point of view, we give semantics for the language both for classical and intuitionistic fragment), we then prove that in order to express well-known properties like ‘speaks-for’ or ‘hand-off’, defined in terms of says, we do not need second-order logic (unlike previous approaches) but a decidable fragment of first-order logic suffices. We propose a model-driven study of the says axiomatization by constraining the Kripke models in order to respect desirable security properties, we study how existing access control logics can be translated into FSL and we give completeness for the logic.

How to Program Organizations and Roles in the JADE Framework

The organization metaphor is often used in the design and implementation of multiagent systems. However, few agent programming languages provide facilities to define them. Several frameworks are proposed to coordinate MAS with organizations, but they are not programmable with general purpose languages. In this paper we extend the JADE framework with primitives to program in Java organizations structured in roles, and to enable agents to play roles in organizations. Roles facilitate the coordination of agents inside an organization and offer new abilities (powers) in the context of organizations to the agents which satisfy the requirementsnecessary to play the roles. To program organizations and roles, we provide primitives which enable an agent to enact a new role in an organization to invoke powers.

Embedding and automating conditional logics in classical higher-order logic

A sound and complete embedding of conditional logics into classical higher-order logic is presented. This embedding enables the application of off-the-shelf higher-order automated theorem provers and model finders for reasoning within and about conditional logics.

Countermodels from Sequent Calculi in Multi-Modal Logics

A novel countermodel-producing decision procedure that applies to several multi-modal logics, both intuitionistic and classical, is presented. Based on backwards search in labeled sequent calculi, the procedure employs a novel termination condition and countermodel construction. Using the procedure, it is argued that multi-modal variants of several classical and intuitionistic logics including K, T, K4, S4 and their combinations with D are decidable and have the finite model property. At least in the intuitionistic multi-modal case, the decidability results are new. It is further shown that the countermodels produced by the procedure, starting from a set of hypotheses and no goals, characterize the atomic formulas provable from the hypotheses.

Higher-Order Coalition Logic

We introduce and study higher-order coalition logic, a multi modal monadic second-order logic with operators [{x}ψ]φ expressing that the coalition of all agents satisfying ψ(x) can achieve a state in which φ holds. We use neighborhood semantics to model extensive games of perfect information with simultaneous actions and we provide a framework reasoning about agents in the same way as it is reasoning about their abilities. We illustrate higher-order coalition logic to represent and reason about coalition formation and cooperation, we show a more general and expressive way to quantify over coalitions than quantified coalition logic, we give an axiomatization and prove completeness.

A constructive conditional logic for access control: a preliminary report

We define an Intuitionistic Conditional Logic for Access Control called CICL. The logic CICL is based on a conditional language allowing principals to be defined as arbitrary formulas and it includes few uncontroversial axioms of access control logics. We provide an axiomatization and a Kripke model semantics for the logic CICL, and we prove that the axiomatization is sound and complete with respect to the semantics.

A Meta-model of Access Control in a Fibred Security Language

The issue of representing access control requirements continues to demand significant attention. The focus of researchers has traditionally been on developing particular access control models and policy specification languages for particular applications. However, this approach has resulted in an unnecessary surfeit of models and languages. In contrast, we describe a general access control model and a logic-based specification language from which both existing and novel access control models may be derived as particular cases and from which several approaches can be developed for domain-specific applications. We will argue that our general framework has a number of specific attractions and an implication of our work is to encourage a methodological shift from a study of the particulars of access control to its generalities.

Logics in access control: a conditional approach

The paper introduces a framework based on constructive conditional logics to define axiomatization, semantics and proof methods for access control logics. We formalize the well known says operator as a conditional normal modality and, by considering some specific combinations of access control axioms, we define four access control logics, namely, CondUC ACL , Cond U4 ACL , CondIC ACL and Cond I4 ACL . Such logics integrate access control logics with intuitionistic conditional logics and provide a natural formulation of boolean principals. The well known “speaks for” operator introduced in the logic ABLP is defined on the top of the says modality. We provide a Kripke model semantics for the logics and we prove that their axiomatization is sound and complete with respect to the semantics. Also, we develop sound, complete, cut-free sequent calculi for them. For the logic CondUC ACL , which (as concerns atomic principals) is slightly stronger than the logic ICL recently introduced by Garg and Abadi, we also provide a terminating sequent calculus, thus proving that the logic is decidable and that validity in CondUC ACL is in PSPACE.

Labeled Sequent Calculi for Access Control Logics: Countermodels, Saturation and Abduction

We show that Kripke semantics of modal logic, manifest in the syntactic proof formalism of labeled sequent calculi, can be used to solve three central problems in access control: Generating evidence for denial of access (counter model generation), finding all consequences of a policy (saturation) and determining which additional credentials will allow an access (abduction). At the core of our work is a single, non-trivial, counter model producing decision procedure for a specific access control logic. The procedure is based on backwards search in a labeled sequent calculus for the logic. Modifications of the calculus yield a procedure for abduction and, surprisingly, for saturation.

Access Control with Privacy Enhancements a Unified Approach

We describe an approach that aims to unify certain aspects of access control and privacy. Our unified approach is based on the idea of axiomatizing access control in general terms. We show how multiple access control and privacy models and policies can be uniformly represented as particular logical theories in our axiom system. We show that our approach translates into different practical languages for implementation and we give some performance measures for some candidate implementations of our approach.