We present a logic for specifying policies where access requestsfl

can have effects on the authorization state. The logic is semanticallyfl

defined by a mapping to Transaction Logic. Using this approach,fl

updates to the state are factored out of the resource guard, thus enhancing maintainability and facilitating more expressive policies that take the history of access requests into account. We also present a sound and complete proof system for reasoning about sequences of access requests.fl

This gives rise to a goal-oriented algorithm for finding minimal sequencesfl

that lead to a specified target authorization state.

PDF file

In  12th European Symposium on Research in Computer Security (ESORICS), LNCS 4734

Details