Open AccessA Formalization of Distributed Authorization with Delegation
Author(s) -
Shujing Wang,
Zhang Yan
Publication year - 2005
Publication title -
lecture notes in computer science
Language(s) - English
Resource type - Book series
SCImago Journal Rank - 0.249
H-Index - 400
eISSN - 1611-3349
pISSN - 0302-9743
ISBN - 3-540-26547-3
DOI - 10.1007/11506157_26
Subject(s) - delegation , computer science , authorization , semantics (computer science) , programming language , computer security , set (abstract data type) , political science , law
Trust management is a promising approach for the authorization in distributed environment. There are two key issues for a trust management system: how to design high-level policy language and how to solve the compliance-checking problem [3,4]. We adopt this approach to deal with distributed authorization with delegation. In this paper, we propose an authorization language${\cal AL}$, a human-understandable high level language to specify various authorization policies. We define the semantics of ${\cal AL}$ through Answer Set Programming. Language ${\cal AL}$ has rich expressive power which can not only specify delegation, threshold structures addressed in previous approaches, but also represent structured resources and privileges, positive and negative authorizations, separation of duty, incomplete information reasoning and partial authorization and delegation. We also demonstrate the application of language ${\cal AL}$ through an authorization scenario.
Accelerating Research
Robert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom
Address
John Eccles HouseRobert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom