DEAL: A Distributed Authorization Language for Ambient Intelligence

Authorization is an open problem in Ambient Intelligence environments. The difficulty of implementing authorization policies lies in the open and dynamic nature of such environments. The information is distributed among various heterogeneous devices that collect, process, change, and share it. Previous work presented a fully distributed approach for reasoning with conflicts in ambient intelligence systems. This paper extends previous results to address authorization issues in distributed environments. First, the authors present the formal high-level authorization language DEAL to specify access control policies in open and dynamic distributed systems. DEAL has rich expressive power by supporting negative authorization, rule priorities, hierarchical category authorization, and nonmonotonic reasoning. The authors then define the language semantics through Defeasible Logic. Finally, they demonstrate the capabilities of DEAL in a use case Ambient Intelligence scenario regarding a hospital facility.

[1]  Dov M. Gabbay,et al.  Handbook of Logic in Artificial Intelligence and Logic Programming: Volume 3: Nonmonotonic Reasoning and Uncertain Reasoning , 1994 .

[2]  Michael J. Maher A Model-Theoretic Semantics for Defeasible Logic , 2002, Paraconsistent Computational Logic.

[3]  Gregory D. Abowd,et al.  Towards a Better Understanding of Context and Context-Awareness , 1999, HUC.

[4]  Jadwiga Indulska,et al.  Modelling and using imperfect context information , 2004, IEEE Annual Conference on Pervasive Computing and Communications Workshops, 2004. Proceedings of the Second.

[5]  Sushil Jajodia,et al.  A logical language for expressing authorizations , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[6]  Yan Zhang,et al.  A Formalization of Distributed Authorization with Delegation , 2005, ACISP.

[7]  Joan Feigenbaum,et al.  Delegation logic: A logic-based approach to distributed authorization , 2003, TSEC.

[8]  Dov M. Gabbay,et al.  Handbook of logic in artificial intelligence and logic programming (vol. 1) , 1993 .

[9]  Gian Luca Foresti,et al.  Ambient Intelligence: A New Multidisciplinary Paradigm , 2005 .

[10]  Peng Liu,et al.  A formal language for access control policies in distributed environment , 2005, The 2005 IEEE/WIC/ACM International Conference on Web Intelligence (WI'05).

[11]  Joan Feigenbaum,et al.  Decentralized trust management , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[12]  Michael J. Maher,et al.  Defeasible Logic versus Logic Programming without Negation as Failure , 2000, J. Log. Program..

[13]  Donald Nute,et al.  Defeasible Logic , 1994, INAP.

[14]  Sushil Jajodia,et al.  Flexible support for multiple access control policies , 2001, TODS.

[15]  Michael J. Maher,et al.  Argumentation Semantics for Defeasible Logic , 2004, J. Log. Comput..

[16]  Grigoris Antoniou,et al.  Partial Preferences and Ambiguity Resolution in Contextual Defeasible Logic , 2011, LPNMR.

[17]  Yan Zhang,et al.  Handling distributed authorization with delegation through answer set programming , 2006, International Journal of Information Security.

[18]  Elisa Bertino,et al.  A logical framework for reasoning on data access control policies , 1999, Proceedings of the 12th IEEE Computer Security Foundations Workshop.

[19]  Butler W. Lampson,et al.  Simple Public Key Certificate , 1998 .

[20]  Joan Feigenbaum,et al.  Compliance Checking in the PolicyMaker Trust Management System , 1998, Financial Cryptography.

[21]  Joan Feigenbaum,et al.  A Nonmonotonic Delegation Logic with Prioritized Conflict Handling , 2000 .

[22]  Grigoris Antoniou,et al.  Defeasible Contextual Reasoning with Arguments in Ambient Intelligence , 2010, IEEE Transactions on Knowledge and Data Engineering.

[23]  Joan Feigenbaum,et al.  REFEREE: Trust Management for Web Applications , 1997, Comput. Networks.

[24]  Elisa Bertino,et al.  A unified framework for enforcing multiple access control policies , 1997, SIGMOD '97.

[25]  Ninghui Li,et al.  Design of a role-based trust-management framework , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[26]  Grigoris Antoniou,et al.  Strategies for contextual reasoning with conflicts in ambient intelligence , 2010, Knowledge and Information Systems.

[27]  Fausto Giunchiglia,et al.  Multilanguage hierarchical logics (or: how we can do without modal logics) , 1994, CNKBS.

[28]  Jean-Emile Elien,et al.  Certificate discovery using SPKI/SDSI 2.0 certificates , 1998 .

[29]  Michael J. Maher,et al.  Representation results for defeasible logic , 2000, TOCL.

[30]  Kristian Tørning,et al.  A Review of Four Persuasive Design Models , 2013, Int. J. Concept. Struct. Smart Appl..

[31]  George D. Magoulas Investigations into Living Systems, Artificial Life, and Real-World Solutions , 2013 .

[32]  Joan Feigenbaum,et al.  The Role of Trust Management in Distributed Systems Security , 2001, Secure Internet Programming.

[33]  Joan Feigenbaum,et al.  The KeyNote Trust-Management System Version 2 , 1999, RFC.

[34]  Emile H. L. Aarts,et al.  Ambient intelligence: a multimedia perspective , 2004, IEEE MultiMedia.

[35]  J. Feigenbaum,et al.  The KeyNote trust management system version2, IETF RFC 2704 , 1999 .

[36]  Ronald L. Rivest,et al.  Certificate Chain Discovery in SPKI/SDSI , 2002, J. Comput. Secur..