Expressiveness of a Provenance-Enabled Authorization Logic
Jinwei Hu
TL;DR
This paper demonstrates the expressiveness and practical usefulness of a provenance-enabled authorization logic in distributed security environments through various case studies.
Contribution
It introduces and evaluates a logic that effectively manages authorization provenances, enhancing security decision processes in distributed systems.
Findings
The logic is expressive enough for complex security scenarios
Case studies show practical applicability in auditing and authorization recycling
The approach improves security management in distributed environments
Abstract
In distributed environments, access control decisions depend on statements of multiple agents rather than only one central trusted party. However, existing policy languages put few emphasis on authorization provenances. The capability of managing these provenances is important and useful in various security areas such as computer auditing and authorization recycling. Based on our previously proposed logic, we present several case studies of this logic. By doing this, we show its expressiveness and usefulness in security arena.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.