{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:29:26Z","timestamp":1750307366674,"version":"3.41.0"},"reference-count":58,"publisher":"Association for Computing Machinery (ACM)","issue":"3","license":[{"start":{"date-parts":[[2010,7,1]],"date-time":"2010-07-01T00:00:00Z","timestamp":1277942400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Inf. Syst. Secur."],"published-print":{"date-parts":[[2010,7]]},"abstract":"<jats:p>Administering and maintaining access control systems is a challenging task, especially in environments with complex and changing authorization requirements. A number of authorization logics have been proposed that aim at simplifying access control by factoring the authorization policy out of the hard-coded resource guard. However, many policies require the authorization state to be updated after a granted access request, for example, to reflect the fact that a user has activated or deactivated a role. Current authorization languages cannot express such state modifications; these still have to be hard-coded into the resource guard. We present a logic for specifying policies where access requests can have effects on the authorization state. The logic is semantically defined by a mapping to Transaction Logic. Using this approach, updates to the state are factored out of the resource guard, thus enhancing maintainability and facilitating more expressive policies that take the history of access requests into account. We also present a sound and complete proof system for reasoning about sequences of access requests. This gives rise to a goal-oriented algorithm for finding minimal sequences that lead to a specified target authorization state.<\/jats:p>","DOI":"10.1145\/1805974.1805976","type":"journal-article","created":{"date-parts":[[2010,8,2]],"date-time":"2010-08-02T13:15:22Z","timestamp":1280754922000},"page":"1-28","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":16,"title":["A logic for state-modifying authorization policies"],"prefix":"10.1145","volume":"13","author":[{"given":"Moritz Y.","family":"Becker","sequence":"first","affiliation":[{"name":"Microsoft Research, Cambridge UK"}]},{"given":"Sebastian","family":"Nanz","sequence":"additional","affiliation":[{"name":"Technical University of Denmark, Lyngby, Denmark"}]}],"member":"320","published-online":{"date-parts":[[2010,7,30]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/155183.155225"},{"key":"e_1_2_1_2_1","unstructured":"Abiteboul S. Hull R. and Vianu V. 1995. Foundations of Databases. Addison-Wesley Upper Saddle River NJ.   Abiteboul S. Hull R. and Vianu V. 1995. Foundations of Databases. Addison-Wesley Upper Saddle River NJ."},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/308386.308448"},{"volume-title":"Proceedings of the International Workshop on Policies for Distributed Systems and Networks. IEEE","author":"Bandara A. K.","key":"e_1_2_1_4_1"},{"volume-title":"Cassandra: Flexible trust management and its application to electronic health records. Tech. rep. UCAM-CL-TR-648, Computer Laboratory","year":"2005","author":"Becker M. Y.","key":"e_1_2_1_5_1"},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijmedinf.2006.09.008"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2007.18"},{"volume-title":"Proceedings of the 12th European Conference on Research in Computer Security. Springer","author":"Becker M. Y.","key":"e_1_2_1_8_1"},{"volume-title":"Proceedings of the 10th International Symposium on Practical Aspects of Declarative Languages. Springer","author":"Becker M. Y.","key":"e_1_2_1_9_1"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.5555\/1009380.1009672"},{"key":"e_1_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/293910.293151"},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/605434.605437"},{"volume-title":"Proceedings of the International Seminar on Logic Databases and the Meaning of Change, Transactions and Change in Logic Databases. MIT Press","author":"Bertino E.","key":"e_1_2_1_13_1"},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1017\/S1471068400001034"},{"volume-title":"Proceedings of the Symposium on Security and Privacy. IEEE","author":"Blaze M.","key":"e_1_2_1_15_1"},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/303976.304005"},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1016\/0304-3975(94)90190-2"},{"volume-title":"Proceedings of the International Seminar on Logic Databases and the Meaning of Change, Transactions and Change in Logic Databases. MIT Press","author":"Bonner A. J.","key":"e_1_2_1_18_1"},{"volume-title":"Proceedings of the Symposium on Security and Privacy. IEEE","author":"Brewer D. F. C.","key":"e_1_2_1_19_1"},{"key":"e_1_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1109\/69.43410"},{"volume-title":"Proceedings of the 9th European Symposium on Research Computer Security. Springer","author":"Chen S.","key":"e_1_2_1_21_1"},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/227595.227597"},{"key":"e_1_2_1_23_1","unstructured":"ContentGuard. 2001. eXtensible rights Markup Language (XrML) 2.0 specification part II: Core schema. ContentGuard. http:\/\/www.xrml.org.  ContentGuard. 2001. eXtensible rights Markup Language (XrML) 2.0 specification part II: Core schema. ContentGuard. http:\/\/www.xrml.org."},{"volume-title":"Proceedings of the International Workshop on Policies for Distributed Systems and Networks. Springer","author":"Damianou N.","key":"e_1_2_1_24_1"},{"key":"e_1_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.5555\/829514.830540"},{"volume-title":"Proceedings of the Symposium on Logic Programming. Springer","year":"1987","author":"Dietrich S. W.","key":"e_1_2_1_26_1"},{"key":"e_1_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1007\/11814771_51"},{"volume-title":"Proceedings of the 15th NIST-NCSC National Computer Security Conference. ACM","author":"Ferraiolo D.","key":"e_1_2_1_28_1"},{"key":"e_1_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/1062455.1062502"},{"volume-title":"Proceedings of the Computer Security Foundations Workshop. IEEE","author":"Halpern J. Y.","key":"e_1_2_1_30_1"},{"key":"e_1_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/360303.360333"},{"key":"e_1_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1069774.1069790"},{"volume-title":"Proceedings of the Computer Security Foundations Workshop. IEEE","author":"Jha S.","key":"e_1_2_1_33_1"},{"key":"e_1_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.5555\/882495.884431"},{"key":"e_1_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1093\/logcom\/2.6.719"},{"key":"e_1_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/111197.111208"},{"key":"e_1_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1007\/BF03037383"},{"key":"e_1_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/138873.138874"},{"volume-title":"Proceedings of the Symposium on Security and Privacy. IEEE","author":"Li N.","key":"e_1_2_1_39_1"},{"volume-title":"Proceedings of the International Symposium on Practical Aspects of Declarative Languages. Springer","author":"Li N.","key":"e_1_2_1_40_1"},{"volume-title":"Proceedings of the Symposium on Security and Privacy. IEEE","author":"Li N.","key":"e_1_2_1_41_1"},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/1066100.1066103"},{"key":"e_1_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/990036.990058"},{"key":"e_1_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1023\/A:1021806000372"},{"volume-title":"Proceedings of the Workshop on Foundations of Deductive Databases and Logic Programming","author":"Manchanda S.","key":"e_1_2_1_45_1"},{"key":"e_1_2_1_46_1","unstructured":"Naqvi S. and Tsur S. 1989. A Language for Data and Knowledge Bases. Computer Science Press Rockville MD.   Naqvi S. and Tsur S. 1989. A Language for Data and Knowledge Bases. Computer Science Press Rockville MD."},{"key":"e_1_2_1_47_1","unstructured":"National Health Service UK. 2003. Integrated Care Records Service: Output-based specification version 2. http:\/\/www.dh.gov.uk\/en\/Publicationsandstatistics\/Publications\/PublicationsPolicyAndGuidance\/DH_4118312.  National Health Service UK. 2003. Integrated Care Records Service: Output-based specification version 2. http:\/\/www.dh.gov.uk\/en\/Publicationsandstatistics\/Publications\/PublicationsPolicyAndGuidance\/DH_4118312."},{"key":"e_1_2_1_48_1","unstructured":"OASIS. 2005. eXtensible Access Control Markup Language (XACML) Version 2.0 core specification. http:\/\/www.oasis-open.org\/committees\/tc_home.php?wg_abbrev=xacml.  OASIS. 2005. eXtensible Access Control Markup Language (XACML) Version 2.0 core specification. http:\/\/www.oasis-open.org\/committees\/tc_home.php?wg_abbrev=xacml."},{"key":"e_1_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/EEE.2005.121"},{"volume-title":"Proceedings of the International Conference on Foundations of Software Science and Computation Structures. Springer","author":"Pucella R.","key":"e_1_2_1_50_1"},{"volume-title":"Proceedings of the 18th International Conference on Logic Programming (ICLP). Springer","author":"Russo A.","key":"e_1_2_1_51_1"},{"key":"e_1_2_1_52_1","doi-asserted-by":"publisher","DOI":"10.1145\/266741.266752"},{"key":"e_1_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSFW.2006.22"},{"volume-title":"Proceedings of the International Joint Conference on Artificial Intelligence","year":"1989","author":"Shanahan M.","key":"e_1_2_1_54_1"},{"volume-title":"Proceedings of the Computer Security Foundations Workshop. IEEE","author":"Simon R. T.","key":"e_1_2_1_55_1"},{"volume-title":"Proceedings of the 3rd International Conference on Logic Programming. MIT Press","author":"Tamaki H.","key":"e_1_2_1_56_1"},{"key":"e_1_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1023\/A:1009799613661"},{"key":"e_1_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1145\/1029133.1029140"}],"container-title":["ACM Transactions on Information and System Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1805974.1805976","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1805974.1805976","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T11:22:42Z","timestamp":1750245762000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1805974.1805976"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010,7]]},"references-count":58,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2010,7]]}},"alternative-id":["10.1145\/1805974.1805976"],"URL":"https:\/\/doi.org\/10.1145\/1805974.1805976","relation":{},"ISSN":["1094-9224","1557-7406"],"issn-type":[{"type":"print","value":"1094-9224"},{"type":"electronic","value":"1557-7406"}],"subject":[],"published":{"date-parts":[[2010,7]]},"assertion":[{"value":"2008-06-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2009-07-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2010-07-30","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}