Evidential Authorization
نویسندگان
چکیده
Consider interaction of principals where each principal has its own policy and different principals may not trust each other. In one scenario the principals could be pharmaceutical companies, hospitals, biomedical labs and health related government institutions. In another scenario principals could be navy fleets of different and not necessarily friendly nations. In spite of the complexity of interaction, one may want to ensure that certain properties remain invariant. For example, in the navy scenario, each fleet should have enough information from other fleets to avoid unfortunate incidents. Furthermore, one want to use automated provers to prove invariance. A natural approach to this and many other important problems is to provide a high-level logic-based language for the principals to communicate. We do just that. Three years ago two of us presented the first incarnation of Distributed Knowledge Authorization Language (DKAL). Here we present a new and much different incarnation of DKAL that we call Evidential DKAL. Statements communicated in Evidential DKAL are supposed to be accompanied with sufficient justifications. In general, we construe the term “authorization” in the acronym “DKAL” rather liberally; DKAL is essentially a general policy language. There is a wide spectrum of potential applications of DKAL. One ambitious goal is to provide a framework for establishing and maintaining invariants.
منابع مشابه
Automated Synthesis of Privacy-Preserving Distributed Applications
We introduce a framework for the automated synthesis of security-sensitive distributed applications. The central idea is to provide the programmer with a high-level declarative language for specifying the system and the intended security properties, abstracting away from any cryptographic details. A compiler takes as input such high-level specifications and automatically produces the correspond...
متن کاملThe Digital Economy Act 2010: Is The DEA DOA?
The Digital Economy Act 2010 was hurried into existence in the dying days of the last Labour government, and contains powers designed to resist unauthorised file sharing that are due to be implemented by an Initial Obligations Code authored by Ofcom. Even before the Code has been published, there are several pre-existing key areas of the Act that contain significant evidential problems and pote...
متن کاملAuthorization models for secure information sharing: a survey and research agenda
This article presents a survey of authorization models and considers their 'fitness-for-purpose' in facilitating information sharing. Network-supported information sharing is an important technical capability that underpins collaboration in support of dynamic and unpredictable activities such as emergency response, national security, infrastructure protection, supply chain integration and emerg...
متن کاملAccess control in ultra-large-scale systems using a data-centric middleware
The primary characteristic of an Ultra-Large-Scale (ULS) system is ultra-large size on any related dimension. A ULS system is generally considered as a system-of-systems with heterogeneous nodes and autonomous domains. As the size of a system-of-systems grows, and interoperability demand between sub-systems is increased, achieving more scalable and dynamic access control system becomes an im...
متن کاملThe mechanism of Umayyad authorization in the beginning of Islam with emphasis on the role of the four geniuses
The transformation of the Islamic caliphate to the Umayyad dynasty took place in a short time after the death of Prophet Mohammad. This transformation became the source of many questions and reflections, especially since those who led such a change were Islam’s antagonists in the early years of prophecy and the rise of Islamic rule. Although, the role of the deep-rooted tradition of tribalism a...
متن کامل