As the number and sophistication of on-line applications increase, there is a growing concern on how access to sensitive resources (e.g., personal health records) is regulated. Since ontologies can support the definition of fine-grained policies as well as the combination of heterogeneous policies, semantic technologies are expected to play an important role in this context. But understanding the implications of the access control policies of the needed complexity goes beyond the ability of a security administrator. Automatic support to the analysis of access control policies is therefore needed. In this paper we present an automatic analysis technique for access control policies that reduces the reachability problem for access control policies to satisfiability problems in a decidable fragment of first-order logic for which efficient solvers exist. We illustrate the application of our technique on an access control model inspired by a Personal Health Application of real-world complexity. © 2011 IEEE.

Automated analysis of semantic-aware access control policies: A logic-based approach / Armando, A.; Carbone, R.; Ranise, S.. - (2011), pp. 356-363. (Intervento presentato al convegno 5th Annual IEEE International Conference on Semantic Computing, ICSC 2011 tenutosi a Palo Alto, CA, usa nel 2011) [10.1109/ICSC.2011.74].

Automated analysis of semantic-aware access control policies: A logic-based approach

Ranise S.
2011-01-01

Abstract

As the number and sophistication of on-line applications increase, there is a growing concern on how access to sensitive resources (e.g., personal health records) is regulated. Since ontologies can support the definition of fine-grained policies as well as the combination of heterogeneous policies, semantic technologies are expected to play an important role in this context. But understanding the implications of the access control policies of the needed complexity goes beyond the ability of a security administrator. Automatic support to the analysis of access control policies is therefore needed. In this paper we present an automatic analysis technique for access control policies that reduces the reachability problem for access control policies to satisfiability problems in a decidable fragment of first-order logic for which efficient solvers exist. We illustrate the application of our technique on an access control model inspired by a Personal Health Application of real-world complexity. © 2011 IEEE.
2011
Proceedings - 5th IEEE International Conference on Semantic Computing, ICSC 2011
10662 LOS VAQUEROS CIRCLE, PO BOX 3014, LOS ALAMITOS, CA 90720-1264 USA
IEEE COMPUTER SOC
978-1-4577-1648-5
Armando, A.; Carbone, R.; Ranise, S.
Automated analysis of semantic-aware access control policies: A logic-based approach / Armando, A.; Carbone, R.; Ranise, S.. - (2011), pp. 356-363. (Intervento presentato al convegno 5th Annual IEEE International Conference on Semantic Computing, ICSC 2011 tenutosi a Palo Alto, CA, usa nel 2011) [10.1109/ICSC.2011.74].
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/333162
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 1
  • ???jsp.display-item.citation.isi??? 1
social impact