A modal logic for authorization specification and reasoning

摘要

Authorization policies provide access control to the system resource. This paper proposes a formal modal logic approach for the specification and reasoning about authorizations. Especially we investigate and handle the situation where the security agent's knowledge is not specific and the decisions for accessing the system resource are to be made based on the agent's knowledge. We introduce modal logic to specify and reason about security policies, then translate the domain into an epistemic logic program. We also present a case study to demonstrate the proposed approach. This approach has an expressive power to describe a variety of complex security scenarios.