Title :
A Logic for Multi-domain Authorization Considering Administrators
Author :
Iranmanesh, Zeinab ; Amini, Morteza ; Jalili, Rasool
Author_Institution :
Dept. of Comput. Eng., Sharif Univ. of Technol., Tehran
Abstract :
In multi-domain environments, authorization policies for each administrative domain are determined by either one administrator or through cooperation of multiple administrators. Proposed logic-based models for multi-domain environments´ authorization neither consider an administrator as the legislator of a policy in policies´ representation nor specify the domain of a policy explicitly. Considering legislators in policy specification provides the possibility of presenting composite administration and utilizing administrators´ characteristics in policy analysis such as conflict resolution. In this paper, we propose the syntax, proof theory, and semantics of a logic in which administrators are considered in authorization policies´ specification, composite administration is presented, and each authorization policy is explicitly associated with some administrative domains. We also claim that the logic is sound. The presented logic is based on modal logic and utilizes two calculi named the calculus of administrators and the calculus of administrative domains. A case study of the logic usage is presented.
Keywords :
administrative data processing; authorisation; semantic networks; theorem proving; administrative domains; authorization policies; composite administration; logic usage; logic-based models; multidomain authorization logic; multidomain environment authorization; proof theory; Access control; Authorization; Calculus; Computer networks; Computer security; Conferences; Distributed computing; Interference; Logic; Robust control;
Conference_Titel :
Policies for Distributed Systems and Networks, 2008. POLICY 2008. IEEE Workshop on
Conference_Location :
Palisades, NY
Print_ISBN :
978-0-7695-3133-5
DOI :
10.1109/POLICY.2008.23
