Layered graph logic as an assertion language for access control policy models

We describe a uniform logical framework, based on a bunched logic that combines classical additives and very weak multiplicatives, for reasoning compositionally about access control policy models. We show how our approach takes account of the underlying system architecture, and so provides a way to identify and reason about how vulnerabilities may arise (and be removed) as a result of the architecture of the system. We consider, using frame rules, how local properties of access control policies are maintained as the system architecture evolves.

[1]  Peter Sommer,et al.  Fundamentals of computer security technology: Edward Amoroso Prentice Hall 0131089293 , 1994 .

[2]  Fausto Giunchiglia,et al.  Relation Based Access Control: Logic and Policies , 2010 .

[3]  Peter W. O'Hearn,et al.  BI as an assertion language for mutable data structures , 2001, POPL '01.

[4]  Peter W. O'Hearn,et al.  The Logic of Bunched Implications , 1999, Bulletin of Symbolic Logic.

[5]  Shelley Powers,et al.  Unix Power Tools, Third Edition , 2002 .

[6]  K. J. Bma Integrity considerations for secure computer systems , 1977 .

[7]  David J. Pym,et al.  A Logical and Computational Theory of Located Resource , 2009, J. Log. Comput..

[8]  Simon N. Foley,et al.  Modeling and detecting the cascade vulnerability problem using soft constraints , 2004, SAC '04.

[9]  B. Lampson,et al.  Authentication in distributed systems: theory and practice , 1991, TOCS.

[10]  Reinhard Diestel,et al.  Graph Theory , 1997 .

[11]  Béla Bollobás,et al.  Modern Graph Theory , 2002, Graduate Texts in Mathematics.

[12]  Yan Yang,et al.  An Algebra for Composing Access Control Policies in Grid , 2009, 2009 International Conference on Computational Intelligence and Security.

[13]  Martín Abadi,et al.  A calculus for access control in distributed systems , 1991, TOPL.

[14]  M. Eric Johnson,et al.  Embedding Information Security into the Organization , 2007, IEEE Security & Privacy.

[15]  Shelley Powers Unix power tools , 2003 .

[16]  Anuj Dawar,et al.  Expressiveness and complexity of graph logic , 2007, Inf. Comput..

[17]  David J. Pym,et al.  Algebra and logic for resource-based systems modelling , 2009, Math. Struct. Comput. Sci..

[18]  Kosta Dosen,et al.  Sequent-systems and groupoid models. I , 1988, Stud Logica.

[19]  Bradford G. Nickerson,et al.  The Cascade Vulnerability Problem , 1993, J. Comput. Secur..

[20]  Dieter Gollmann,et al.  Computer Security , 1979, Lecture Notes in Computer Science.

[21]  Michael Huth,et al.  Access control via belnap logic: Intuitive, expressive, and analyzable policy composition , 2011, TSEC.

[22]  David J. Pym,et al.  A Discipline of Mathematical Systems Modelling , 2012 .

[23]  Ravi S. Sandhu,et al.  Lattice-based access control models , 1993, Computer.

[24]  Matt Bishop,et al.  What Is Computer Security? , 2003, IEEE Secur. Priv..

[25]  Edward G. Amoroso,et al.  Fundamentals of computer security technology , 1994 .

[26]  Azaria Paz,et al.  A theory of decomposition into prime factors of layered interconnection networks , 2011, Discret. Appl. Math..

[27]  David J. Pym,et al.  A substructural logic for layered graphs , 2014, J. Log. Comput..

[28]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[29]  Robin Milner,et al.  Algebraic laws for nondeterminism and concurrency , 1985, JACM.

[30]  David D. Clark,et al.  A Comparison of Commercial and Military Computer Security Policies , 1987, 1987 IEEE Symposium on Security and Privacy.

[31]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[32]  Peter W. O'Hearn,et al.  Possible worlds and resources: the semantics of BI , 2004, Theor. Comput. Sci..

[33]  Susan Older,et al.  A Modal Logic for Role-Based Access Control , 2005, MMM-ACNS.

[34]  Herbert Schorr,et al.  Innovative applications of artificial intelligence 2 , 1989 .

[35]  Karl N. Levitt,et al.  Security Policy Specification Using a Graphical Approach , 1998, ArXiv.

[36]  John C. Reynolds,et al.  Separation logic: a logic for shared mutable data structures , 2002, Proceedings 17th Annual IEEE Symposium on Logic in Computer Science.

[37]  Sundar Vishwanathan,et al.  Competitive Algorithms for Layered Graph Traversal , 1998, SIAM J. Comput..

[38]  Martín Abadi,et al.  Logic in access control , 2003, 18th Annual IEEE Symposium of Logic in Computer Science, 2003. Proceedings..

[39]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[40]  Luigi V. Mancini,et al.  Graph-based specification of access control policies , 2005, J. Comput. Syst. Sci..

[41]  Clara Bertolissi,et al.  Rewrite Specifications of Access Control Policies in Distributed Environments , 2010, STM.

[42]  David J. Pym,et al.  Algebra and logic for access control , 2010, Formal Aspects of Computing.

[43]  Julian Williams,et al.  Compositional Security Modelling - Structure, Economics, and Behaviour , 2014, HCI.

[44]  Seog Park,et al.  S-COI : The Secure Conflicts of Interest Model for Multilevel Secure Database Systems , 2004, DASFAA.

[45]  Mihalis Yannakakis,et al.  Shortest Paths Without a Map , 1989, Theor. Comput. Sci..

[46]  Kosta Dosen Sequent-systems and groupoid models. II , 1989, Stud Logica.

[47]  David J. Pym,et al.  The semantics of BI and resource tableaux , 2005, Mathematical Structures in Computer Science.

[48]  Luca Cardelli,et al.  A Spatial Logic for Querying Graphs , 2002, ICALP.

[49]  Bernhard Beckert,et al.  Dynamic Logic , 2007, The KeY Approach.

[50]  Michael J. Nash,et al.  The Chinese Wall security policy , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[51]  Sabrina De Capitani di Vimercati,et al.  An algebra for composing access control policies , 2002, TSEC.

[52]  A. Korzybski A NON-ARISTOTELIAN SYSTEM AND ITS NECESSITY FOR RIGOUR IN MATHEMATICS AND PHYSICS , 2004 .