Imperial College London
Portrait Picture

ProfessorMichaelHuth

Faculty of EngineeringDepartment of Computing

Head of the Department of Computing
 
 
 
//

Contact

 

m.huth Website

 
 
//

Location

 

Huxley 566Huxley BuildingSouth Kensington Campus

//

Summary

 

Publications

Citation

BibTex format

@article{Crampton:2012:10.1007/978-3-642-27937-9_11,
author = {Crampton, J and Huth, M},
doi = {10.1007/978-3-642-27937-9_11},
journal = {Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)},
pages = {155--170},
title = {A framework for the modular specification and orchestration of authorization policies},
url = {http://dx.doi.org/10.1007/978-3-642-27937-9_11},
volume = {7127 LNCS},
year = {2012}
}
Download

RIS format (EndNote, RefMan)

TY  - JOUR
AB  - Many frameworks for defining authorization policies fail to make a clear distinction between policy and state. We believe this distinction to be a fundamental requirement for the construction of scalable, distributed authorization services. In this paper, we introduce a formal framework for the definition of authorization policies, which we use to construct the policy authoring language APOL. This framework makes the required distinction between policy and state, and APOL permits the specification of complex policy orchestration patterns even in the presence of policy gaps and conflicts. A novel aspect of the language is the use of a switch operator for policy orchestration, which can encode the commonly used rule- and policy-combining algorithms of existing authorization languages. We define denotational and operational semantics for APOL and then extend our framework with statically typed methods for policy orchestration, develop tools for policy analysis, and show how that analysis can improve the precision of static typing rules. © 2012 Springer-Verlag.
AU  - Crampton,J
AU  - Huth,M
DO  - 10.1007/978-3-642-27937-9_11
EP  - 170
PY  - 2012///
SN  - 0302-9743
SP  - 155
TI  - A framework for the modular specification and orchestration of authorization policies
T2  - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
UR  - http://dx.doi.org/10.1007/978-3-642-27937-9_11
VL  - 7127 LNCS
ER  -
Download