Defeasible security policy composition for web services

Adam J. Lee; Jodie P. Boyer; Lars E. Olson; Carl A. Gunter

doi:10.1145/1180337.1180342

Defeasible security policy composition for web services

Adam J. Lee, Jodie P. Boyer, Lars E. Olson, Carl A. Gunter

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

The ability to automatically compose security policies created by multiple organizations is fundamental to the development of scalable security systems. The diversity of policies leads to conflicts and the need to resolve priorities between rules. In this paper we explore the concept of defeasible policy composition, wherein policies are represented in defeasible logic and composition is based on rules for non-monotonic inference. This enables policy writers to assert rules tentatively; when policies are composed the policy with the firmest position takes precedence. In addition, the structure of our policies allows for composition to occur using a single operator; this allows for entirely automated composition. We argue that this provides a practical system that can be understood by typical policy writers, analyzed rigorously by theoreticians, and efficiently automated by computers. We aim to partially validate these claims here with a formulation of defeasible policy composition for web services, an emerging foundation for B2B commerce on the World Wide Web.

Original language	English (US)
Title of host publication	Proceedings of the Fourth ACM Workshop on Formal Methods in Security Engineering, FMSE'06. A workshop held in conjuction with the 13th ACM Conference on Computer and Communications Security, CCS'06
Pages	45-54
Number of pages	10
DOIs	https://doi.org/10.1145/1180337.1180342
State	Published - 2006
Event	4th ACM Workshop on Formal Methods in Security Engineering, FMSE'06. A workshop held in conjuction with the 13th ACM Conference on Computer and Communications Security, CCS'06 - Alexandria, VA, United States Duration: Nov 3 2006 → Nov 3 2006

Publication series

Name	Proceedings of the Fourth ACM Workshop on Formal Methods in Security Engineering, FMSE'06. A workshop held in conjuction with the 13th ACM Conference on Computer and Communications Security, CCS'06

Other

Other	4th ACM Workshop on Formal Methods in Security Engineering, FMSE'06. A workshop held in conjuction with the 13th ACM Conference on Computer and Communications Security, CCS'06
Country/Territory	United States
City	Alexandria, VA
Period	11/3/06 → 11/3/06

Keywords

Defeasible logic
Security policy composition
Web services

ASJC Scopus subject areas

Computer Networks and Communications
Information Systems

Online availability

10.1145/1180337.1180342

Library availability

Discover UIUC Full Text

Cite this

Lee, A. J., Boyer, J. P., Olson, L. E., & Gunter, C. A. (2006). Defeasible security policy composition for web services. In Proceedings of the Fourth ACM Workshop on Formal Methods in Security Engineering, FMSE'06. A workshop held in conjuction with the 13th ACM Conference on Computer and Communications Security, CCS'06 (pp. 45-54). (Proceedings of the Fourth ACM Workshop on Formal Methods in Security Engineering, FMSE'06. A workshop held in conjuction with the 13th ACM Conference on Computer and Communications Security, CCS'06). https://doi.org/10.1145/1180337.1180342

Defeasible security policy composition for web services. / Lee, Adam J.; Boyer, Jodie P.; Olson, Lars E. et al.
Proceedings of the Fourth ACM Workshop on Formal Methods in Security Engineering, FMSE'06. A workshop held in conjuction with the 13th ACM Conference on Computer and Communications Security, CCS'06. 2006. p. 45-54 (Proceedings of the Fourth ACM Workshop on Formal Methods in Security Engineering, FMSE'06. A workshop held in conjuction with the 13th ACM Conference on Computer and Communications Security, CCS'06).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Lee, AJ, Boyer, JP, Olson, LE & Gunter, CA 2006, Defeasible security policy composition for web services. in Proceedings of the Fourth ACM Workshop on Formal Methods in Security Engineering, FMSE'06. A workshop held in conjuction with the 13th ACM Conference on Computer and Communications Security, CCS'06. Proceedings of the Fourth ACM Workshop on Formal Methods in Security Engineering, FMSE'06. A workshop held in conjuction with the 13th ACM Conference on Computer and Communications Security, CCS'06, pp. 45-54, 4th ACM Workshop on Formal Methods in Security Engineering, FMSE'06. A workshop held in conjuction with the 13th ACM Conference on Computer and Communications Security, CCS'06, Alexandria, VA, United States, 11/3/06. https://doi.org/10.1145/1180337.1180342

Lee AJ, Boyer JP, Olson LE, Gunter CA. Defeasible security policy composition for web services. In Proceedings of the Fourth ACM Workshop on Formal Methods in Security Engineering, FMSE'06. A workshop held in conjuction with the 13th ACM Conference on Computer and Communications Security, CCS'06. 2006. p. 45-54. (Proceedings of the Fourth ACM Workshop on Formal Methods in Security Engineering, FMSE'06. A workshop held in conjuction with the 13th ACM Conference on Computer and Communications Security, CCS'06). doi: 10.1145/1180337.1180342

Lee, Adam J. ; Boyer, Jodie P. ; Olson, Lars E. et al. / Defeasible security policy composition for web services. Proceedings of the Fourth ACM Workshop on Formal Methods in Security Engineering, FMSE'06. A workshop held in conjuction with the 13th ACM Conference on Computer and Communications Security, CCS'06. 2006. pp. 45-54 (Proceedings of the Fourth ACM Workshop on Formal Methods in Security Engineering, FMSE'06. A workshop held in conjuction with the 13th ACM Conference on Computer and Communications Security, CCS'06).

@inproceedings{54d7708e604945d78fbf7f9067e75254,

title = "Defeasible security policy composition for web services",

abstract = "The ability to automatically compose security policies created by multiple organizations is fundamental to the development of scalable security systems. The diversity of policies leads to conflicts and the need to resolve priorities between rules. In this paper we explore the concept of defeasible policy composition, wherein policies are represented in defeasible logic and composition is based on rules for non-monotonic inference. This enables policy writers to assert rules tentatively; when policies are composed the policy with the firmest position takes precedence. In addition, the structure of our policies allows for composition to occur using a single operator; this allows for entirely automated composition. We argue that this provides a practical system that can be understood by typical policy writers, analyzed rigorously by theoreticians, and efficiently automated by computers. We aim to partially validate these claims here with a formulation of defeasible policy composition for web services, an emerging foundation for B2B commerce on the World Wide Web.",

keywords = "Defeasible logic, Security policy composition, Web services",

author = "Lee, {Adam J.} and Boyer, {Jodie P.} and Olson, {Lars E.} and Gunter, {Carl A.}",

year = "2006",

doi = "10.1145/1180337.1180342",

language = "English (US)",

isbn = "1595935509",

series = "Proceedings of the Fourth ACM Workshop on Formal Methods in Security Engineering, FMSE'06. A workshop held in conjuction with the 13th ACM Conference on Computer and Communications Security, CCS'06",

pages = "45--54",

booktitle = "Proceedings of the Fourth ACM Workshop on Formal Methods in Security Engineering, FMSE'06. A workshop held in conjuction with the 13th ACM Conference on Computer and Communications Security, CCS'06",

note = "4th ACM Workshop on Formal Methods in Security Engineering, FMSE'06. A workshop held in conjuction with the 13th ACM Conference on Computer and Communications Security, CCS'06 ; Conference date: 03-11-2006 Through 03-11-2006",

}

TY - GEN

T1 - Defeasible security policy composition for web services

AU - Lee, Adam J.

AU - Boyer, Jodie P.

AU - Olson, Lars E.

AU - Gunter, Carl A.

PY - 2006

Y1 - 2006

N2 - The ability to automatically compose security policies created by multiple organizations is fundamental to the development of scalable security systems. The diversity of policies leads to conflicts and the need to resolve priorities between rules. In this paper we explore the concept of defeasible policy composition, wherein policies are represented in defeasible logic and composition is based on rules for non-monotonic inference. This enables policy writers to assert rules tentatively; when policies are composed the policy with the firmest position takes precedence. In addition, the structure of our policies allows for composition to occur using a single operator; this allows for entirely automated composition. We argue that this provides a practical system that can be understood by typical policy writers, analyzed rigorously by theoreticians, and efficiently automated by computers. We aim to partially validate these claims here with a formulation of defeasible policy composition for web services, an emerging foundation for B2B commerce on the World Wide Web.

AB - The ability to automatically compose security policies created by multiple organizations is fundamental to the development of scalable security systems. The diversity of policies leads to conflicts and the need to resolve priorities between rules. In this paper we explore the concept of defeasible policy composition, wherein policies are represented in defeasible logic and composition is based on rules for non-monotonic inference. This enables policy writers to assert rules tentatively; when policies are composed the policy with the firmest position takes precedence. In addition, the structure of our policies allows for composition to occur using a single operator; this allows for entirely automated composition. We argue that this provides a practical system that can be understood by typical policy writers, analyzed rigorously by theoreticians, and efficiently automated by computers. We aim to partially validate these claims here with a formulation of defeasible policy composition for web services, an emerging foundation for B2B commerce on the World Wide Web.

KW - Defeasible logic

KW - Security policy composition

KW - Web services

UR - http://www.scopus.com/inward/record.url?scp=34547271784&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=34547271784&partnerID=8YFLogxK

U2 - 10.1145/1180337.1180342

DO - 10.1145/1180337.1180342

M3 - Conference contribution

AN - SCOPUS:34547271784

SN - 1595935509

SN - 9781595935502

T3 - Proceedings of the Fourth ACM Workshop on Formal Methods in Security Engineering, FMSE'06. A workshop held in conjuction with the 13th ACM Conference on Computer and Communications Security, CCS'06

SP - 45

EP - 54

BT - Proceedings of the Fourth ACM Workshop on Formal Methods in Security Engineering, FMSE'06. A workshop held in conjuction with the 13th ACM Conference on Computer and Communications Security, CCS'06

T2 - 4th ACM Workshop on Formal Methods in Security Engineering, FMSE'06. A workshop held in conjuction with the 13th ACM Conference on Computer and Communications Security, CCS'06

Y2 - 3 November 2006 through 3 November 2006

ER -

Defeasible security policy composition for web services

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this