A generic approach for security policies composition: position paper

Abstract

When modelling access control in distributed systems, the problem of security policies composition arises. Much work has been done on different ways of combining policies, and using different logics to do this. In this paper, we propose a more general approach based on a 4-valued logic, that abstracts from the specific setting, and groups together many of the existing ways for combining policies. Moreover, we propose going one step further, by twisting the 4-valued logic and obtaining a more traditional approach that might therefore be more appropriate for analysis.