Delegation logic: A logic-based approach to distributed authorization
We address the problem of authorization in large, open, distributed systems. Authorization decisions are needed in electronic commerce, mobile-code execution, remote resource sharing, content advising, and privacy protection, etc. We adopt the trust management approach, in which the “authorization”...
Saved in:
| Main Author: | |
|---|---|
| Format: | Dissertation |
| Language: | English |
| Published: |
ProQuest Dissertations & Theses
01.01.2000
|
| Subjects: | |
| ISBN: | 9780599916135, 0599916133 |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | We address the problem of authorization in large, open, distributed systems. Authorization decisions are needed in electronic commerce, mobile-code execution, remote resource sharing, content advising, and privacy protection, etc. We adopt the trust management approach, in which the “authorization” problem is viewed as a “proof-of-compliance” problem: whether a set of credentials prove that a request complies with a policy. We develop a logic-based language Delegation Logic (DL) to represent policies, credentials, and requests in distributed authorization. Delegation Logic extends logic programming (LP) languages with expressive delegation constructs that feature delegation depth and a wide variety of complex principals (including but not limited to k-out-of-n thresholds). D1LP, the monotonic version of DL, extends the LP language Datalog with delegation constructs. D2LP, the nonmonotonic version of DL, also features classical negation, negation-as-failure, and prioritized conflict handling. Our approach to defining and implementing DL is based on tractably compiling DL programs into ordinary logic programs (OLP's). This compilation approach enables DL to be implemented modularly on top of existing technologies for OLP, e.g., Prolog. As a trust-management language, Delegation Logic provides a concept of proof-of-compliance that is founded on well-understood principles of logic programming and knowledge representation. DL also provides a logical framework in which one can study delegation, negation of authority, conflicts between authorities, and their interplay. |
|---|---|
| Bibliography: | SourceType-Dissertations & Theses-1 ObjectType-Dissertation/Thesis-1 content type line 12 |
| ISBN: | 9780599916135 0599916133 |