Title page for ETD etd-022112-163738

Document Type thesis

Author Name Giannakopoulos, Theophilos John

Email Address tgiannak at alum.wpi.edu

URN etd-022112-163738

Title Multi-Decision Policy and Policy Combinator Specifications

Degree MS

Department Computer Science

Advisors
Daniel Dougherty, Advisor
Joshua Guttman, Reader
Craig Wills, Department Head

Keywords
formal methods
access control
policy combinators
policies
specifications
Margrave

Date of Presentation/Defense 2012-02-27

Availability unrestricted

Abstract
Margrave is a specification language and analysis tool for access control policies with semantics based in order-sorted logic. The clear logical roots of Margrave's semantics makes policies specified in the Margrave language both machine analyzable and relatively easy for users to reason about. However, the decision conflict resolution declaration and policy set features of Margrave do not have semantics that are as cleanly rooted in order-sorted logic as Margrave policies and queries are. Additionally, the current semantics of decision conflict resolution declarations and of policy sets do not permit users to take full advantage of the multi-decision capabilities of Margrave policies.

The purposes of this thesis are (i) to provide a unified extension to the semantics for policies and policy combination, (ii) to cleanly support decision conflict resolution mechanisms in a general way within those semantics and (iii) to provide insight into the properties of policy combination and decision conflict resolution for multi-decision policies in general. These goals are achieved via the realization that policy combinators may be treated as policies operating within environments extended with the results of the policies to be combined, allowing policy combinators to be defined as if they were policies. The ability to treat policy combinators as policies means that users' current understanding of policies can be easily extended to policy combinators. Additionally, the tools that Margrave has for supporting policies can be leveraged as the Margrave language and analysis tool grow to provide fuller support for policy combination and rule conflict resolution declarations.

Files
tgiannak-ms-thesis.pdf

Browse by Author | Browse by Department | Search all available ETDs

Questions? Email etd-questions@wpi.edu
Maintained by webmaster@wpi.edu

Document Type	thesis
Author Name	Giannakopoulos, Theophilos John
Email Address	tgiannak at alum.wpi.edu
URN	etd-022112-163738
Title	Multi-Decision Policy and Policy Combinator Specifications
Degree	MS
Department	Computer Science
Advisors	Daniel Dougherty, Advisor Joshua Guttman, Reader Craig Wills, Department Head
Keywords	formal methods access control policy combinators policies specifications Margrave
Date of Presentation/Defense	2012-02-27
Availability	unrestricted
Abstract Margrave is a specification language and analysis tool for access control policies with semantics based in order-sorted logic. The clear logical roots of Margrave's semantics makes policies specified in the Margrave language both machine analyzable and relatively easy for users to reason about. However, the decision conflict resolution declaration and policy set features of Margrave do not have semantics that are as cleanly rooted in order-sorted logic as Margrave policies and queries are. Additionally, the current semantics of decision conflict resolution declarations and of policy sets do not permit users to take full advantage of the multi-decision capabilities of Margrave policies. The purposes of this thesis are (i) to provide a unified extension to the semantics for policies and policy combination, (ii) to cleanly support decision conflict resolution mechanisms in a general way within those semantics and (iii) to provide insight into the properties of policy combination and decision conflict resolution for multi-decision policies in general. These goals are achieved via the realization that policy combinators may be treated as policies operating within environments extended with the results of the policies to be combined, allowing policy combinators to be defined as if they were policies. The ability to treat policy combinators as policies means that users' current understanding of policies can be easily extended to policy combinators. Additionally, the tools that Margrave has for supporting policies can be leveraged as the Margrave language and analysis tool grow to provide fuller support for policy combination and rule conflict resolution declarations.
Files	tgiannak-ms-thesis.pdf