Expressiveness of a Provenance-Enabled Authorization Logic
Abstract
In distributed environments, access control decisions depend on statements of multiple agents rather than only one central trusted party. However, existing policy languages put few emphasis on authorization provenances. The capability of managing these provenances is important and useful in various security areas such as computer auditing and authorization recycling. Based on our previously proposed logic, we present several case studies of this logic. By doing this, we show its expressiveness and usefulness in security arena.
Turn this paper into a lesson
ArcXiv compiles a structured reading guide from this paper's metadata: plain-English importance, contributions, prerequisite concepts, which sections to read first, flashcards, and a quiz. Grounded in the abstract, never invented.