{"title":"经过认证的核心政策语言","authors":"Bahman Sistany, A. Felty","doi":"10.1109/PST.2017.00054","DOIUrl":null,"url":null,"abstract":"We present the design and implementation of a Certified Core Policy Language (ACCPL) that can be used to express access-control policies. We define formal semantics for ACCPL and use the Coq Proof Assistant to state theorems about this semantics, to develop proofs for those theorems and to machine-check the proofs ensuring correctness guarantees are provided. The main design goal for ACCPL is the ability to reason about the policies written in ACCPL with respect to specific questions such as safety. In addition, ACCPL and the established proofs are integrated such that extensions to expressive power may be explored by also extending identifiable proof statements in the direction of the added expressivity. To this end, ACCPL is small (the syntax and the semantics of ACCPL only take a few pages to describe), although we believe ACCPL supports the core features of many access-control policy languages.","PeriodicalId":405887,"journal":{"name":"2017 15th Annual Conference on Privacy, Security and Trust (PST)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"A Certified Core Policy Language\",\"authors\":\"Bahman Sistany, A. Felty\",\"doi\":\"10.1109/PST.2017.00054\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We present the design and implementation of a Certified Core Policy Language (ACCPL) that can be used to express access-control policies. We define formal semantics for ACCPL and use the Coq Proof Assistant to state theorems about this semantics, to develop proofs for those theorems and to machine-check the proofs ensuring correctness guarantees are provided. The main design goal for ACCPL is the ability to reason about the policies written in ACCPL with respect to specific questions such as safety. In addition, ACCPL and the established proofs are integrated such that extensions to expressive power may be explored by also extending identifiable proof statements in the direction of the added expressivity. To this end, ACCPL is small (the syntax and the semantics of ACCPL only take a few pages to describe), although we believe ACCPL supports the core features of many access-control policy languages.\",\"PeriodicalId\":405887,\"journal\":{\"name\":\"2017 15th Annual Conference on Privacy, Security and Trust (PST)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 15th Annual Conference on Privacy, Security and Trust (PST)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/PST.2017.00054\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 15th Annual Conference on Privacy, Security and Trust (PST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PST.2017.00054","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
We present the design and implementation of a Certified Core Policy Language (ACCPL) that can be used to express access-control policies. We define formal semantics for ACCPL and use the Coq Proof Assistant to state theorems about this semantics, to develop proofs for those theorems and to machine-check the proofs ensuring correctness guarantees are provided. The main design goal for ACCPL is the ability to reason about the policies written in ACCPL with respect to specific questions such as safety. In addition, ACCPL and the established proofs are integrated such that extensions to expressive power may be explored by also extending identifiable proof statements in the direction of the added expressivity. To this end, ACCPL is small (the syntax and the semantics of ACCPL only take a few pages to describe), although we believe ACCPL supports the core features of many access-control policy languages.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
