A Notation for Policies Using Feature Structures

Fujita, Kunihiko; Tsukada, Yasuyuki

doi:10.1007/978-3-642-19348-4_11

Kunihiko Fujita²⁰ &
Yasuyuki Tsukada²⁰

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6514))

Included in the following conference series:

618 Accesses

Abstract

New security and privacy enhancing technologies are demanded in the new information and communication environments where a huge number of computers interact with each other in a distributed and ad hoc manner to access various resources. In this paper, we focus on access control because this is the underlying core technology to enforce security and privacy. Access control decides permit or deny according to access control policies. Since notations of policies are specialized in each system, it is difficult to ensure consistency of policies that are stated in different notations. In this paper, we propose a readable notation for policies by adopting the concept of feature structures, which has mainly been used for parsing in natural language processing. Our proposed notation is also logically well-founded, which guarantees strict access control decisions, and expressive in that it returns not only a binary value of permit or deny but also various result values through the application of partial order relations of the security risk level. We illustrate the effectiveness of our proposed method using examples from P3P.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Capretta, V., Stepien, B., Felty, A., Matwin, S.: Formal correctness of conflict detection for firewalls. In: Proceedings of the 2007 ACM Workshop on Formal Methods in Security Engineering, FMSE 2007, pp. 22–30. ACM, New York (2007)
Chapter Google Scholar
Cranor, L.: P3P: Making privacy policies more useful. IEEE Security & Privacy 1(6), 50–55 (2003)
Article Google Scholar
Denning, D.E.: A lattice model of secure information flow. ACM Commun. 19(5), 236–243 (1976)
Article MathSciNet MATH Google Scholar
Halpern, J.Y., Weissman, V.: Using first-order logic to reason about policies. ACM Trans. Inf. Syst. Secur. 11(4), 1–41 (2008)
Article Google Scholar
Karjoth, G., Schunter, M., Herreweghen, E.V., Waidner, M.: Amending P3P for clearer privacy promises. In: Proceedings of the 14th International Workshop on Database and Expert Systems Applications, DEXA 2003, pp. 445–449. IEEE Computer Society, Washington, DC (2003)
Google Scholar
Kasper, R.T., Rounds, W.C.: A logical semantics for feature structures. In: Proceedings of the 24th Annual Meeting on Association for Computational Linguistics, pp. 257–266. Association for Computational Linguistics, Morristown (1986)
Chapter Google Scholar
May, M.J., Gunter, C.A., Lee, I., Zdancewic, S.: Strong and weak policy relations. In: Proceedings of the 2009 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2009, pp. 33–36. IEEE Computer Society, Washington, DC (2009)
Chapter Google Scholar
Ni, Q., Trombetta, A., Bertino, E., Lobo, J.: Privacy-aware role based access control. In: Proceedings of the 12th ACM Symposium on Access Control Models and Technologies, SACMAT 2007, pp. 41–50. ACM, New York (2007)
Google Scholar
Organization for the Advancement of Structured Information Standards (OASIS): Extensible Access Control Markup Language (XACML), http://xml.coverpages.org/xacml.html
Sandhu, R.S.: Lattice-based access control models. Computer 26(11), 9–19 (1993)
Article Google Scholar
Walker, D.D., Mercer, E.G., Seamons, K.E.: Or best offer: A privacy policy negotiation protocol. In: Proceedings of the 2008 IEEE International Symposium on Policies for Distributed Systems and Networks, POLICY 2008, pp. 173–180. IEEE Computer Society, Washington, DC (2008)
Google Scholar
World Wide Web Consortium (W3C): P3P: The Platform for Privacy Preferences, http://www.w3.org/P3P/

Download references

Author information

Authors and Affiliations

NTT Communication Science Laboratories, NTT Corporation, 3-1, Morinosato Wakamiya, Atsugi-shi, Kanagawa, 243-0198, Japan
Kunihiko Fujita & Yasuyuki Tsukada

Authors

Kunihiko Fujita
View author publications
You can also search for this author in PubMed Google Scholar
Yasuyuki Tsukada
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

IT/TELECOM Bretagne, Campus de Rennes, 2 Rue de la Châtaigneraie, 35512, Cesson Sévigné, Cedex, France
Joaquin Garcia-Alfaro
IIIA-CSIC, Campus UAB, 08193, Bellaterra, Spain
Guillermo Navarro-Arribas
IT/TELECOM SudParis, 9 Rue Charles Fourier, 91011, Evry Cedex, France
Ana Cavalli
IT/TELECOM ParisTech, 46 Rue Barrault, 75634, Paris Cedex 13, France
Jean Leneutre

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Fujita, K., Tsukada, Y. (2011). A Notation for Policies Using Feature Structures. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cavalli, A., Leneutre, J. (eds) Data Privacy Management and Autonomous Spontaneous Security. DPM SETOP 2010 2010. Lecture Notes in Computer Science, vol 6514. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-19348-4_11

Download citation

DOI: https://doi.org/10.1007/978-3-642-19348-4_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-19347-7
Online ISBN: 978-3-642-19348-4
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics