{"title":"语义感知访问控制策略的自动分析:基于逻辑的方法","authors":"A. Armando, R. Carbone, Silvio Ranise","doi":"10.1109/ICSC.2011.74","DOIUrl":null,"url":null,"abstract":"As the number and sophistication of on-line applications increase, there is a growing concern on how access to sensitive resources (e.g., personal health records) is regulated. Since ontologies can support the definition of fine-grained policies as well as the combination of heterogeneous policies, semantic technologies are expected to play an important role in this context. But understanding the implications of the access control policies of the needed complexity goes beyond the ability of a security administrator. Automatic support to the analysis of access control policies is therefore needed. In this paper we present an automatic analysis technique for access control policies that reduces the reach ability problem for access control policies to satisfiability problems in a decidable fragment of first-order logic for which efficient solvers exist. We illustrate the application of our technique on an access control model inspired by a Personal Health Application of real-world complexity.","PeriodicalId":408382,"journal":{"name":"2011 IEEE Fifth International Conference on Semantic Computing","volume":"9 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-09-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Automated analysis of semantic-aware access control policies: a logic-based approach\",\"authors\":\"A. Armando, R. Carbone, Silvio Ranise\",\"doi\":\"10.1109/ICSC.2011.74\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"As the number and sophistication of on-line applications increase, there is a growing concern on how access to sensitive resources (e.g., personal health records) is regulated. Since ontologies can support the definition of fine-grained policies as well as the combination of heterogeneous policies, semantic technologies are expected to play an important role in this context. But understanding the implications of the access control policies of the needed complexity goes beyond the ability of a security administrator. Automatic support to the analysis of access control policies is therefore needed. In this paper we present an automatic analysis technique for access control policies that reduces the reach ability problem for access control policies to satisfiability problems in a decidable fragment of first-order logic for which efficient solvers exist. We illustrate the application of our technique on an access control model inspired by a Personal Health Application of real-world complexity.\",\"PeriodicalId\":408382,\"journal\":{\"name\":\"2011 IEEE Fifth International Conference on Semantic Computing\",\"volume\":\"9 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-09-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011 IEEE Fifth International Conference on Semantic Computing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICSC.2011.74\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 IEEE Fifth International Conference on Semantic Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICSC.2011.74","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Automated analysis of semantic-aware access control policies: a logic-based approach
As the number and sophistication of on-line applications increase, there is a growing concern on how access to sensitive resources (e.g., personal health records) is regulated. Since ontologies can support the definition of fine-grained policies as well as the combination of heterogeneous policies, semantic technologies are expected to play an important role in this context. But understanding the implications of the access control policies of the needed complexity goes beyond the ability of a security administrator. Automatic support to the analysis of access control policies is therefore needed. In this paper we present an automatic analysis technique for access control policies that reduces the reach ability problem for access control policies to satisfiability problems in a decidable fragment of first-order logic for which efficient solvers exist. We illustrate the application of our technique on an access control model inspired by a Personal Health Application of real-world complexity.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
