Entry Becker:2010:LSM from tissec.bib
Last update: Sun Oct 15 02:58:48 MDT 2017
Top |
Symbols |
Numbers |
Math |
A |
B |
C |
D |
E |
F |
G |
H |
I |
J |
K |
L |
M |
N |
O |
P |
Q |
R |
S |
T |
U |
V |
W |
X |
Y |
Z
BibTeX entry
@Article{Becker:2010:LSM,
author = "Moritz Y. Becker and Sebastian Nanz",
title = "A logic for state-modifying authorization policies",
journal = j-TISSEC,
volume = "13",
number = "3",
pages = "20:1--20:??",
month = jul,
year = "2010",
CODEN = "ATISBQ",
DOI = "https://doi.org/10.1145/1805974.1805976",
ISSN = "1094-9224 (print), 1557-7406 (electronic)",
ISSN-L = "1094-9224",
bibdate = "Wed Jul 28 14:57:15 MDT 2010",
bibsource = "http://portal.acm.org/;
http://www.math.utah.edu/pub/tex/bib/tissec.bib",
abstract = "Administering and maintaining access control systems
is a challenging task, especially in environments with
complex and changing authorization requirements. A
number of authorization logics have been proposed that
aim at simplifying access control by factoring the
authorization policy out of the hard-coded resource
guard. However, many policies require the authorization
state to be updated after a granted access request, for
example, to reflect the fact that a user has activated
or deactivated a role. Current authorization languages
cannot express such state modifications; these still
have to be hard-coded into the resource guard. We
present a logic for specifying policies where access
requests can have effects on the authorization state.
The logic is semantically defined by a mapping to
Transaction Logic. Using this approach, updates to the
state are factored out of the resource guard, thus
enhancing maintainability and facilitating more
expressive policies that take the history of access
requests into account. We also present a sound and
complete proof system for reasoning about sequences of
access requests. This gives rise to a goal-oriented
algorithm for finding minimal sequences that lead to a
specified target authorization state.",
acknowledgement = ack-nhfb,
articleno = "20",
fjournal = "ACM Transactions on Information and System Security",
journal-URL = "http://portal.acm.org/browse_dl.cfm?idx=J789",
keywords = "access control; Authorization; Hoare logic; policy",
}
Related entries
- account,
13(3)24,
15(3)13,
18(1)1,
18(4)12
- activated,
10(1)2
- administering,
2(1)34
- aim,
10(3)12,
11(3)13,
12(1)4,
15(3)13,
17(3)12
- algorithm,
1(1)26,
2(1)3,
2(1)65,
2(1)105,
2(3)295,
9(2)162,
9(4)391,
9(4)421,
10(1)4,
10(4)3,
11(1)4,
11(3)12,
12(2)8,
12(3)17,
12(4)20,
13(1)10,
13(3)22,
13(3)24,
13(3)26,
13(3)27,
13(3)28,
13(4)36,
13(4)41,
14(1)3,
14(1)13,
14(3)25,
15(3)11,
15(4)15,
15(4)17,
16(1)4,
17(3)11,
17(4)13,
18(1)1,
18(1)4,
18(4)14
- approach,
1(1)3,
1(1)26,
2(1)34,
2(2)138,
2(3)269,
2(3)295,
5(2)119,
5(3)203,
6(1)128,
7(3)392,
9(4)391,
9(4)421,
10(1)2,
10(1)4,
10(3)11,
10(3)12,
10(4)4,
11(1)3,
11(3)15,
11(3)16,
11(4)17,
11(4)19,
12(1)1,
12(1)4,
12(2)11,
12(3)14,
13(3)24,
13(4)31,
13(4)35,
13(4)36,
14(1)8,
14(3)23,
14(4)29,
15(1)4,
15(3)12,
15(3)13,
15(4)15,
15(4)17,
15(4)18,
16(2)5,
16(2)7,
16(2)8,
16(4)15,
16(4)16,
17(3)12,
17(4)14,
18(2)5,
18(2)7,
18(3)11
- authorization,
1(1)26,
2(1)34,
2(1)65,
2(1)105,
2(2)177,
3(4)207,
4(4)453,
5(1)62,
6(1)128,
6(4)566,
7(2)175,
7(3)363,
10(4)2,
11(1)2,
11(1)3,
11(1)4,
12(1)6,
12(2)8,
12(3)15,
13(3)25,
13(4)40,
14(1)3,
14(1)8,
14(3)23,
15(3)13,
17(2)5
- been,
1(1)93,
2(3)269,
2(3)332,
10(1)2,
10(3)12,
10(4)4,
11(1)2,
11(4)17,
11(4)22,
11(4)23,
12(1)1,
12(1)2,
12(3)17,
13(3)27,
13(4)36,
13(4)39,
14(1)3,
14(1)13,
14(1)14,
14(3)27,
14(4)28,
15(2)10,
16(3)10,
16(4)14,
17(1)3,
17(3)12,
17(4)14,
17(4)15,
17(4)16,
18(2)7,
18(4)14
- cannot,
1(1)66,
2(2)177,
10(2)7,
11(3)12,
11(3)13,
12(1)5,
12(2)9,
12(3)14,
13(4)39,
14(3)27,
15(2)6,
15(2)9,
15(4)17,
16(1)3,
16(4)16
- challenging,
9(4)391,
10(4)3,
11(3)14,
12(1)2,
13(3)27,
15(2)9,
17(1)4
- changing,
12(1)1,
15(3)13
- coded, hard-,
12(1)4
- complete,
10(1)4,
10(2)5,
10(4)2,
11(2)5,
12(1)1,
12(3)17,
13(3)27,
13(4)40,
14(4)31,
15(4)18
- complex,
10(1)4,
12(3)14,
13(3)24,
14(1)13,
16(3)10,
16(4)17
- current,
2(1)34,
2(1)65,
2(2)177,
2(4)390,
11(4)18,
11(4)20,
11(4)22,
12(2)8,
12(2)10,
13(4)35,
15(3)12,
16(3)10,
16(4)13,
16(4)16,
17(1)1,
17(1)2,
17(2)6,
17(3)9
- defined,
2(1)105,
12(1)1,
13(1)10,
13(3)26,
14(3)25,
15(2)6,
16(1)4,
16(2)5,
17(1)3
- effect,
10(4)1,
11(2)3,
12(3)17,
13(1)10,
14(1)10,
15(3)12,
17(1)1
- enhancing,
16(3)9
- environments,
4(4)407,
7(3)392,
11(1)2,
11(3)14,
11(4)22,
12(3)15,
13(3)25,
13(4)32,
13(4)37,
13(4)38,
15(2)9,
18(3)11
- especially,
2(1)105,
11(2)1,
11(3)15,
11(4)17,
12(3)15,
12(4)21,
15(2)9,
16(2)5,
17(4)16
- example,
10(4)5,
12(1)1,
12(2)11,
12(3)19,
12(4)20,
13(4)30,
13(4)35,
13(4)39,
13(4)40,
15(2)10,
16(1)3,
16(2)5,
16(3)10,
17(1)2,
17(1)4,
18(1)1,
18(2)8,
18(4)13
- express,
2(1)65,
13(3)26
- expressive,
1(1)93,
11(4)21,
12(1)1,
13(3)28,
14(1)8,
14(1)9,
15(3)13,
16(4)17,
17(1)2
- facilitating,
17(3)12
- fact,
11(4)19,
11(4)22,
15(3)12,
18(1)2
- factoring,
11(2)6
- finding,
12(2)10,
13(1)10,
15(2)7,
15(4)15,
16(1)4,
17(4)14,
18(1)1,
18(4)13
- give,
9(4)391,
10(4)6,
11(2)4,
11(3)13,
11(4)22,
12(1)2,
12(1)6,
13(3)21,
13(4)39,
14(3)26,
16(1)3,
18(1)1
- guard,
4(3)289,
13(3)28
- hard-coded,
12(1)4
- has,
1(1)93,
2(1)105,
2(2)138,
2(3)230,
2(3)269,
2(3)332,
9(4)391,
10(1)3,
10(1)4,
10(3)10,
11(1)2,
11(2)2,
11(3)14,
11(4)17,
11(4)19,
11(4)22,
11(4)23,
12(1)2,
12(2)9,
12(2)10,
12(3)15,
12(4)22,
13(3)25,
13(3)26,
13(3)27,
13(3)28,
13(4)36,
14(1)3,
14(1)12,
14(1)14,
14(3)26,
14(4)28,
15(1)2,
15(2)6,
15(2)10,
15(3)12,
16(2)8,
16(4)14,
17(1)2,
17(1)3,
17(3)9,
17(3)11,
17(4)14,
17(4)15,
17(4)16,
18(2)7,
18(3)11,
18(4)14
- have,
1(1)66,
1(1)93,
2(1)65,
2(2)138,
2(3)230,
2(3)269,
10(1)2,
10(1)4,
10(2)5,
10(3)10,
10(3)12,
10(4)4,
10(4)5,
10(4)6,
11(1)2,
11(2)1,
11(2)5,
11(3)15,
11(3)16,
11(4)17,
11(4)18,
11(4)21,
12(1)1,
12(1)2,
12(2)10,
12(2)13,
12(3)15,
12(3)16,
12(3)17,
12(4)20,
13(3)26,
13(3)27,
13(3)28,
13(4)32,
13(4)36,
13(4)39,
13(4)40,
14(1)6,
14(1)7,
14(1)10,
14(1)13,
14(1)14,
14(3)27,
14(4)28,
14(4)29,
15(2)7,
15(2)9,
15(2)10,
15(3)12,
15(4)18,
16(2)7,
16(2)8,
16(3)10,
16(4)15,
16(4)16,
17(1)3,
17(3)11,
17(3)12,
17(4)13,
17(4)15,
18(1)1,
18(1)3,
18(2)5,
18(2)7,
18(4)13
- history,
9(3)235,
12(1)1,
14(1)2
- however,
2(3)269,
10(2)5,
10(2)8,
11(2)6,
11(3)15,
11(4)18,
11(4)20,
11(4)22,
13(3)22,
13(4)35,
13(4)38,
13(4)39,
14(1)14,
14(3)24,
14(4)28,
14(4)29,
15(2)10,
16(2)7,
16(3)11,
17(1)2,
17(1)4,
17(3)12,
17(4)15,
18(1)1,
18(2)7,
18(4)13
- language,
2(1)65,
9(4)391,
9(4)421,
10(1)3,
10(2)8,
11(1)2,
11(1)4,
11(4)21,
12(1)1,
12(2)12,
13(3)24,
13(3)26,
13(3)28,
14(1)9,
15(1)2,
15(2)8,
16(1)3,
16(3)9,
16(4)17,
17(1)2,
17(1)3
- lead,
1(1)3,
2(1)3,
10(4)4,
10(4)5,
11(4)17,
12(1)2,
13(4)29,
17(1)2,
18(3)10,
18(4)13
- logic,
2(1)3,
2(1)65,
2(3)332,
6(1)128,
6(4)501,
11(4)21,
12(1)1,
14(1)8,
14(1)9,
16(4)17,
17(1)2,
17(2)5,
18(2)7
- maintaining,
2(4)390,
11(2)6,
13(1)5,
16(3)12,
17(4)15
- many,
1(1)93,
2(1)65,
2(2)159,
2(3)332,
10(1)4,
10(4)1,
11(3)13,
11(4)22,
11(4)23,
12(1)2,
12(3)17,
12(3)18,
13(3)22,
13(4)38,
13(4)39,
15(1)4,
15(2)6,
15(2)7,
16(2)5,
16(3)9,
16(4)17,
17(1)4,
17(3)12,
18(1)1,
18(4)13
- mapping,
16(1)2
- minimal,
12(2)8,
12(4)21,
15(2)10,
17(4)16
- modification,
9(4)461,
12(2)8,
12(3)18,
13(3)25,
16(2)6,
18(2)5
- more,
2(1)3,
2(1)65,
2(3)332,
9(2)181,
9(4)391,
9(4)421,
9(4)461,
10(1)4,
10(3)9,
10(4)1,
10(4)4,
10(4)6,
11(2)3,
11(2)4,
11(2)6,
11(3)14,
11(4)21,
12(1)1,
12(2)8,
12(2)10,
12(2)12,
12(2)13,
12(3)18,
13(1)10,
13(3)21,
13(3)22,
13(3)28,
13(4)32,
13(4)34,
13(4)39,
14(3)27,
14(4)31,
15(1)2,
15(1)5,
15(2)8,
15(2)9,
15(3)11,
15(3)12,
15(4)16,
16(1)2,
16(2)8,
16(3)10,
16(3)11,
16(4)17,
17(1)2,
17(1)3,
17(3)9,
17(4)14,
17(4)16,
18(1)1,
18(3)11,
18(4)13
- number,
7(2)319,
9(2)181,
10(1)4,
10(2)5,
10(3)11,
10(3)12,
10(4)5,
11(1)2,
11(2)5,
11(3)12,
11(3)14,
11(3)15,
12(1)1,
12(1)2,
12(1)5,
12(1)6,
12(2)8,
12(2)9,
12(2)13,
12(3)16,
12(3)18,
12(4)21,
13(1)10,
13(3)22,
13(3)25,
13(4)32,
13(4)34,
14(1)11,
14(3)26,
14(4)31,
15(1)4,
15(2)7,
15(2)8,
15(4)15,
16(1)4,
16(2)7,
16(4)14,
16(4)16,
17(3)10,
17(4)16,
18(2)8
- present,
1(1)26,
2(1)3,
2(1)65,
2(2)177,
2(3)230,
2(3)269,
2(3)295,
2(4)354,
7(2)319,
9(2)181,
9(4)461,
10(1)2,
10(2)7,
10(3)10,
10(3)11,
10(3)12,
10(4)2,
10(4)3,
11(1)2,
11(1)4,
11(2)2,
11(2)5,
11(3)14,
11(4)22,
12(1)2,
12(1)4,
12(2)10,
12(2)11,
12(3)14,
12(3)15,
12(3)16,
12(3)17,
12(4)22,
13(1)10,
13(3)22,
13(3)25,
13(3)28,
13(4)29,
13(4)41,
14(1)4,
14(1)5,
14(1)6,
15(1)2,
15(2)6,
15(2)8,
15(2)10,
15(3)12,
15(3)13,
15(4)16,
15(4)18,
16(2)6,
16(2)7,
16(4)13,
16(4)14,
17(1)4,
17(2)6,
17(2)7,
17(2)8,
17(3)9,
17(3)12,
17(4)14,
17(4)15,
17(4)16,
18(1)3,
18(1)4,
18(2)7,
18(3)9,
18(3)10,
18(3)11,
18(4)12,
18(4)14
- proof,
1(1)93,
2(3)230,
2(3)332,
2(4)354,
9(2)181,
10(2)6,
11(3)13,
12(1)3,
12(2)8,
13(3)25,
14(1)12,
15(1)4,
17(1)4,
17(4)15,
18(1)4,
18(2)8
- proposed,
1(1)93,
2(2)138,
2(3)269,
2(4)416,
4(3)224,
9(2)162,
9(4)421,
10(1)2,
10(3)12,
10(4)4,
11(1)2,
11(1)3,
11(2)5,
11(3)14,
11(4)22,
11(4)23,
12(1)2,
12(1)3,
12(3)18,
12(4)21,
13(3)27,
13(3)28,
13(4)36,
13(4)38,
13(4)39,
14(3)24,
14(3)27,
15(1)5,
15(3)11,
15(3)13,
15(4)15,
15(4)17,
16(3)10,
16(3)11,
16(4)14,
16(4)16,
17(1)3,
17(4)14,
18(3)11
- reasoning,
2(3)332,
6(1)71,
7(4)591,
11(3)12,
12(1)4,
12(1)5,
14(1)8,
14(2)16
- reflect,
15(4)15
- request,
1(1)66,
10(1)3,
11(2)3,
14(1)2,
14(1)8,
14(1)9,
16(4)13,
16(4)14,
16(4)17,
17(1)2
- require,
2(3)269,
10(1)2,
11(1)3,
11(2)2,
11(4)22,
12(1)3,
12(1)6,
12(3)16,
12(4)20,
13(3)21,
13(4)29,
13(4)33,
13(4)35,
13(4)40,
14(1)2,
14(3)27,
15(2)6,
15(4)16,
16(4)13,
17(2)5,
17(3)9,
17(3)10,
17(4)16,
18(1)2,
18(4)13
- requirements,
2(2)177,
2(3)295,
10(2)7,
11(1)4,
12(1)1,
12(1)5,
12(2)8,
13(3)22,
15(2)6,
15(3)13,
16(1)4,
17(3)10,
18(1)3,
18(4)13
- resource,
2(3)332,
9(4)391,
10(4)4,
11(1)2,
11(1)3,
11(1)4,
11(2)2,
11(3)14,
11(4)19,
11(4)20,
12(1)1,
12(1)6,
12(4)22,
14(1)7,
14(1)10,
15(4)18,
17(1)2,
17(3)9,
18(2)6
- role,
2(1)3,
2(1)65,
2(1)105,
2(2)177,
9(2)113,
10(1)2,
10(2)5,
10(4)2,
11(1)3,
11(4)20,
12(1)1,
12(3)15,
13(3)27,
13(4)36,
13(4)40,
15(3)13,
15(4)15,
15(4)18
- sequence,
2(3)295,
10(2)8,
13(4)35,
14(4)32,
15(1)2,
15(2)10,
16(2)8
- sound,
10(2)6,
10(4)2,
15(4)18,
16(2)6
- specified,
1(1)26,
9(4)421,
10(4)2,
11(1)3,
11(1)4,
11(2)4,
12(3)19,
13(3)28,
13(4)35,
17(1)2
- specifying,
2(3)332,
9(4)421,
10(1)2,
10(1)3,
14(1)8,
15(3)13,
16(2)5
- state,
1(1)93,
2(2)177,
10(2)5,
12(1)4,
12(1)5,
12(2)8,
12(4)20,
13(1)10,
14(1)6,
14(1)10,
14(1)13,
14(4)32,
16(1)3,
17(2)7,
18(1)3,
18(1)4
- still,
1(1)26,
10(1)2,
11(4)17,
11(4)21,
12(2)13,
12(4)20,
13(3)25,
14(3)27,
17(2)8,
18(2)7
- take,
2(4)416,
10(4)1,
12(3)17,
12(3)19,
12(4)22,
16(2)5,
16(3)9,
16(3)10,
16(4)15,
17(3)10,
18(1)4,
18(2)5,
18(4)12
- target,
2(4)416,
11(4)23,
13(3)28,
13(4)35,
15(2)10,
15(4)17,
16(4)14,
17(4)13,
17(4)16
- task,
2(1)65,
2(3)295,
9(4)391,
10(2)5,
11(4)23,
12(3)14,
12(4)20,
13(3)27,
15(2)9,
15(3)13,
16(3)11,
17(1)4
- thus,
2(2)138,
10(3)12,
10(4)5,
14(1)12,
14(3)26,
14(3)27,
15(1)4,
16(2)7,
17(3)10,
17(3)11,
18(1)1,
18(4)13
- transaction,
1(1)26,
1(1)66,
2(4)354,
4(4)321,
17(3)10,
18(1)2
- update,
9(4)421,
11(3)15,
12(3)18,
13(4)37,
17(4)15
- updated,
14(3)26,
16(2)5
- using,
2(2)138,
2(2)177,
2(3)332,
4(3)289,
6(2)258,
6(3)327,
9(2)113,
9(2)162,
9(2)181,
9(3)292,
9(3)325,
9(4)461,
10(1)4,
10(2)8,
10(3)11,
10(4)3,
10(4)6,
11(1)2,
11(2)1,
11(2)2,
11(2)3,
11(3)14,
11(4)19,
11(4)21,
12(2)10,
12(2)11,
13(1)2,
13(1)8,
13(3)26,
13(4)31,
13(4)35,
13(4)39,
14(1)3,
14(1)12,
14(1)14,
14(3)27,
15(1)2,
15(3)11,
15(3)12,
15(4)15,
15(4)17,
16(1)1,
16(1)2,
16(1)4,
16(2)5,
16(2)6,
16(3)10,
16(4)17,
17(1)1,
17(2)5,
17(3)10,
17(3)11,
17(4)13,
17(4)14,
17(4)16,
18(2)7,
18(2)8,
18(3)10,
18(3)11,
18(4)14
- where,
2(3)230,
9(4)461,
10(4)4,
10(4)5,
10(4)6,
11(3)12,
11(3)13,
11(4)19,
12(1)3,
12(3)15,
12(3)16,
12(4)20,
13(3)22,
13(4)33,
13(4)37,
14(1)7,
15(2)6,
15(3)12,
15(3)13,
16(1)4,
16(2)5,
17(3)10,
17(4)16,
18(1)2,
18(2)8