Premium
A stratified first order logic approach for access control
Author(s) -
Benferhat Salem,
El Baida Rania
Publication year - 2004
Publication title -
international journal of intelligent systems
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 1.291
H-Index - 87
eISSN - 1098-111X
pISSN - 0884-8173
DOI - 10.1002/int.20026
Subject(s) - computer science , order (exchange) , access control , control (management) , theoretical computer science , computer security , artificial intelligence , business , finance
Modeling information security policies is an important problem in many domains. This is particularly true in the health care sector, where information systems often manage sensitive and critical data. This article proposes to use nonmonotonic reasoning systems to control access to sensitive data in accordance with a security policy. In the first part of the article, we propose an access control model that overcomes several limitations of existing systems. In particular, it allows us to deal with contexts and to represent the two main kinds of privileges: permissions and prohibitions. This model will then be formally encoded using stratified (or prioritized) first‐order knowledge bases. In the second part of the article, we discuss the problem of conflicts due to the joint handling of permissions and prohibitions. We show that approaches proposed for solving conflicts in propositional knowledge bases are not appropriate for handling inconsistent first‐order knowledge bases. © 2004 Wiley Periodicals, Inc. Int J Int Syst 19: 817–836, 2004.