Skip to main content
SpringerLink
Log in

A Datalog Semantics for Paralocks

  • Conference paper
Security and Trust Management (STM 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7783))

Included in the following conference series:

Abstract

Broberg and Sands (POPL’10) introduced a logic-based policy language, Paralocks, suitable for static information-flow control in programs. Although Paralocks comes with a precise information-flow semantics for programs, the logic-based semantics of policies, describing how policies are combined and compared, is less well developed. This makes the algorithms for policy comparison and computation ad-hoc, and their security guarantees less intuitive. In this paper we provide a new semantics for Paralocks policies based on Datalog. By doing so we are able to show that the ad-hoc semantics from earlier work coincides with the natural Datalog interpretation. Furthermore we show that by having a Datalog-inspired semantics, we can borrow language extensions and algorithms from Datalog for the benefit of Paralocks. We explore how these extensions and algorithms interact with the design and implementation of Paragon, a language combining Paralocks with Java.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bancilhon, F., Maier, D., Sagiv, Y., Ullman, J.D.: Magic sets and other strange ways to implement logic programs (extended abstract). In: Proceedings of the Fifth ACM SIGACT-SIGMOD Symposium on Principles of Database Systems, PODS 1986, pp. 1–15. ACM, New York (1986)

    Chapter  Google Scholar 

  2. Brewer, D.F.C., Nash, M.J.: The Chinese Wall Security Policy. In: Proceedings of the 1989 IEEE Symposium on Security and Privacy, pp. 206–214 (1989)

    Google Scholar 

  3. Broberg, N.: Practical, Flexible Programming with Information Flow Control. Ph.D. thesis, Chalmers, Göteborg University, Göteborg, Sweden (2011)

    Google Scholar 

  4. Broberg, N., Sands, D.: Paralocks – Role-Based Information Flow Control and Beyond. In: Proceedings of the 37th Annual ACM SIGACT-SIGPLAN Symposium on Principles of Programming Languages, POPL (2010)

    Google Scholar 

  5. Calvanese, D., De Giacomo, G., Lenzerini, M.: On the decidability of query containment under constraints. In: Proceedings of the Seventeenth ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems, PODS 1998, pp. 149–158. ACM, New York (1998)

    Chapter  Google Scholar 

  6. Ceri, S., Gottlob, G., Tanca, L.: What You Always Wanted to Know About Datalog (And Never Dared to Ask). IEEE Trans. on Knowl. and Data Eng. 1(1), 146–166 (1989)

    Article  Google Scholar 

  7. Chekuri, C., Rajaraman, A.: Conjunctive query containment revisited. Theoretical Computer Science 239(2), 211–229 (2000)

    Article  MathSciNet  MATH  Google Scholar 

  8. Dantsin, E., Eiter, T., Gottlob, G., Voronkov, A.: Complexity and expressive power of logic programming. ACM Computing Surveys 33, 374–425 (2001)

    Article  Google Scholar 

  9. Denning, D.E., Denning, P.J.: Certification of programs for secure information flow. Comm. of the ACM 20(7), 504–513 (1977)

    Article  MATH  Google Scholar 

  10. DeTreville, J.: Binder, a logic-based security language. In: IEEE Symposium on Security and Privacy, pp. 105–113 (2002)

    Google Scholar 

  11. Dougherty, D.J., Fisler, K., Krishnamurthi, S.: Specifying and Reasoning About Dynamic Access-Control Policies. In: Furbach, U., Shankar, N. (eds.) IJCAR 2006. LNCS (LNAI), vol. 4130, pp. 632–646. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  12. Farré, C., Teniente, E., Urpì, T.: Checking query containment with the CQC method. Data & Knowledge Engineering 53(2), 163–223 (2005)

    Article  Google Scholar 

  13. Klug, A.: On Conjunctive Queries Containing Inequalities. J. ACM 35(1), 146–160 (1988)

    Article  MathSciNet  MATH  Google Scholar 

  14. Li, N., Mitchell, J.C.: Datalog with Constraints: A Foundation for Trust Management Languages. In: Dahl, V. (ed.) PADL 2003. LNCS, vol. 2562, pp. 58–73. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  15. Li, N., Mitchell, J.C., Winsborough, W.H.: Design of a role-based trust-management framework. In: IEEE Symposium on Security and Privacy, pp. 114–130 (2002)

    Google Scholar 

  16. Sagiv, Y.: Optimizing Datalog Programs. In: Foundations of Deductive Databases and Logic Programming, pp. 659–698. Morgan Kaufmann (1988)

    Google Scholar 

  17. Shmueli, O.: Decidability and expressiveness aspects of logic queries. In: Proceedings of the Sixth ACM SIGACT-SIGMOD-SIGART Symposium on Principles of Database Systems, PODS 1987, pp. 237–249 (1987)

    Google Scholar 

  18. Ullman, J.: Information integration using logical views. In: Afrati, F.N., Kolaitis, P.G. (eds.) ICDT 1997. LNCS, vol. 1186, pp. 19–40. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  19. Ullman, J.D.: Principles of Database and Knowledge-Base Systems, Volume I. Computer Science Press (1988)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Chalmers University of Technology, Sweden

    Bart van Delft, Niklas Broberg & David Sands

Authors
  1. Bart van Delft
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Niklas Broberg
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. David Sands
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Informatics, University of Oslo, P.O.Box 1080, 0316, Blindern, Oslo, Norway

    Audun Jøsang

  2. Dipartimento di Informatica, Università degli Studi di Milano, Via Bramante, 65, 26013, Crema, CR, Italy

    Pierangela Samarati

  3. National Research Center(CNR), Institute of Informatics and Telematics(IIT), Via G. Moruzzi, 1, 56124, Pisa, Italy

    Marinella Petrocchi

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

van Delft, B., Broberg, N., Sands, D. (2013). A Datalog Semantics for Paralocks. In: Jøsang, A., Samarati, P., Petrocchi, M. (eds) Security and Trust Management. STM 2012. Lecture Notes in Computer Science, vol 7783. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-38004-4_20

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-38004-4_20

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-38003-7

  • Online ISBN: 978-3-642-38004-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation