Belief Semantics of Authorization Logic

Authorization logics have been used in the theory of computer security to reason about access control decisions. In this work, a formal belief semantics for authorization logics is given. The belief semantics is proved to subsume a standard Kripke semantics. The belief semantics yields a direct representation of principals' beliefs, without resorting to the technical machinery used in Kripke semantics. A proof system is given for the logic; that system is proved sound with respect to the belief and Kripke semantics. The soundness proof for the belief semantics, and for a variant of the Kripke semantics, is mechanized in Coq

Non Interference for Intuitionist Necessity

The necessity modality of intuitionist S4 is a comonad. In this paper, we study indexed necessity modalities that provide the logical foundation for a variety of applications; for example, to model possession of capabilities in policy languages for access control, and to track exceptions in type theories for exceptional computation. Noninterference properties of the intuitionist logic of indexed necessity modalities capture the limitations on the information flow between formulas that are under the scope of necessity modalities with different indices. The impact of noninterference is seen in the unprovability of certain formulas. Noninterference is necessary for several applications. In models of capabilities, noninterference facilitates distributed reasoning. In models of exceptions, noninterference is necessary to ensure that the exceptions are tracked conservatively. In this paper, we prove noninterference properties for indexed intuitionist necessity S4 modalities. To our knowledge, this is the first examination of noninterference results for the intuitionist S4 necessity modality (even without indexing)

Distributed Autoepistemic Logic and its Application to Access Control

In this paper we define and study an extension of autoepistemic logic (AEL) called distributed autoepistemic logic (dAEL) with multiple agents that have full introspection in their own knowledge as well as in that of others. This mutual full introspection between agents is motivated by an application of dAEL in access control. We define 2- and 3-valued semantic operators for dAEL. Using these operators, approximation fixpoint theory, an abstract algebraic framework that unifies different knowledge representation formalisms, immediately yields us a family of semantics for dAEL, each based on different intuitions that are well-studied in the context of AEL. The application in access control also motivates an extension of dAEL with inductive definitions (dAEL(ID)). We explain a use-case from access control to demonstrate how dAEL(ID) can be fruitfully applied to this domain and discuss how well-suited the different semantics are for the application in access control

Distributed Autoepistemic Logic and its Application to Access Control

Abstract In this paper we define and study an extension of autoepistemic logic (AEL) called distributed autoepistemic logic (dAEL) with multiple agents that have full introspection in their own knowledge as well as in that of others. This mutual full introspection between agents is motivated by an application of dAEL in access control. We define 2-and 3-valued semantic operators for dAEL. Using these operators, approximation fixpoint theory, an abstract algebraic framework that unifies different knowledge representation formalisms, immediately yields us a family of semantics for dAEL, each based on different intuitions that are wellstudied in the context of AEL. The application in access control also motivates an extension of dAEL with inductive definitions (dAEL(ID)). We explain a use-case from access control to demonstrate how dAEL(ID) can be fruitfully applied to this domain and discuss how well-suited the different semantics are for the application in access control