Abstract
The ability to automatically compose security policies created by multiple organizations is fundamental to the development of scalable security systems. The diversity of policies leads to conflicts and the need to resolve priorities between rules. In this paper we explore the concept of defeasible policy composition, wherein policies are represented in defeasible logic and composition is based on rules for non-monotonic inference. This enables policy writers to assert rules tentatively; when policies are composed the policy with the firmest position takes precedence. In addition, the structure of our policies allows for composition to occur using a single operator; this allows for entirely automated composition. We argue that this provides a practical system that can be understood by typical policy writers, analyzed rigorously by theoreticians, and efficiently automated by computers. We aim to partially validate these claims here with a formulation of defeasible policy composition for web services, an emerging foundation for B2B commerce on the World Wide Web. Copyright 2006 ACM.
Author supplied keywords
Cite
CITATION STYLE
Lee, A. J., Boyer, J. P., Olson, L. E., & Gunter, C. A. (2006). Defeasible security policy composition for web services. Proceedings of the Fourth ACM Workshop on Formal Methods in Security Engineering, FMSE’06. A Workshop Held in Conjuction with the 13th ACM Conference on Computer and Communications Security, CCS’06, 45–54. https://doi.org/10.1145/1180337.1180342
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
