Browse ORBi

- What it is and what it isn't
- Green Road / Gold Road?
- Ready to Publish. Now What?
- How can I support the OA movement?
- Where can I learn more?

ORBi

Results 1-9 of 9.
((uid:50001393))
Postulates for Revocation Schemes - Technical Report Cramer, Marcos ; Casini, Giovanni Report (2017) In access control frameworks with the possibility of delegating permissions and administrative rights, delegation chains can form. There are di erent ways to treat these delegation chains when revoking ... [more ▼] In access control frameworks with the possibility of delegating permissions and administrative rights, delegation chains can form. There are di erent ways to treat these delegation chains when revoking rights, which give rise to di erent revocation schemes. Hagstr om et al. [11] proposed a framework for classifying revocation schemes, in which the di erent revocation schemes are de ned graph-theoretically. At the outset, we identify multiple problems with Hagstr om et al.'s de nitions of the revocation schemes, which can pose security risks. This paper is centered around the question how one can systematically ensure that improved de nitions of the revocation schemes do not lead to similar problems. For this we propose to apply the axiomatic method originating in social choice theory to revocation schemes. Our use of the axiomatic method resembles its use in belief revision theory. This means that we de ne postulates that describe the desirable behaviour of revocation schemes, study which existing revocation frameworks satisfy which postulates, and show how all de ned postulates can be satis ed by de ning the revocation schemes in a novel way. [less ▲] Detailed reference viewed: 53 (9 UL)Kripke Semantics for BL0 and BL – Technical report Cramer, Marcos ; Report (2017) We describe Kripke semantics for the access control logics BL0 and BL, developed by Garg and Pfenning. Detailed reference viewed: 13 (2 UL)The Naproche system: Proof-checking mathematical texts in controlled natural language Cramer, Marcos in Sprache und Datenverarbeitung. International Journal for Language Data Processing (2016), 2014(1-2), 9-33 The Naproche system is a system for linguistically analysing and proof-checking mathematical texts written in a controlled natural language, i.e. a subset of the usual natural language of mathematical ... [more ▼] The Naproche system is a system for linguistically analysing and proof-checking mathematical texts written in a controlled natural language, i.e. a subset of the usual natural language of mathematical texts defined through a formal grammar. This paper gives an overview over the linguistic and logical techniques developed for the Naproche system. Special attention is given to the dynamic nature of quantification in natural language, to the phenomenon of implicit function introduction in mathematical texts, and to the usage of definitions for dynamically extending the language of a mathematical text. [less ▲] Detailed reference viewed: 42 (0 UL)Distributed Autoepistemic Logic and its Application to Access Control ; Cramer, Marcos ; et al in Proceedings of the Twenty-Fifth International Joint Conference on Artificial Intelligence (2016) In this paper we define and study an extension of autoepistemic logic (AEL) called distributed autoepistemic logic (dAEL) with multiple agents that have full introspection in their own knowledge as well ... [more ▼] In this paper we define and study an extension of autoepistemic logic (AEL) called distributed autoepistemic logic (dAEL) with multiple agents that have full introspection in their own knowledge as well as in that of others. This mutual full introspection between agents is motivated by an application of dAEL in access control. We define 2- and 3-valued semantic operators for dAEL. Using these operators, approximation fixpoint theory, an abstract algebraic framework that unifies different knowledge representation formalisms, immediately yields us a family of semantics for dAEL, each based on different intuitions that are well-studied in the context of AEL. The application in access control also motivates an extension of dAEL with inductive definitions (dAEL(ID)). We explain a use-case from access control to demonstrate how dAEL(ID) can be fruitfully applied to this domain and discuss how well-suited the different semantics are for the application in access control. [less ▲] Detailed reference viewed: 19 (0 UL)Resilient Delegation Revocation with Precedence for Predecessors is NP-Complete Cramer, Marcos ; ; et al in IEEE 29th Computer Security Foundations Symposium (2016) In ownership-based access control frameworks with the possibility of delegating permissions and administrative rights, chains of delegated accesses will form. There are different ways to treat these ... [more ▼] In ownership-based access control frameworks with the possibility of delegating permissions and administrative rights, chains of delegated accesses will form. There are different ways to treat these delegation chains when revoking rights, which give rise to different revocation schemes. One possibility studied in the literature is to revoke rights by issuing negative authorizations, meant to ensure that the revocation is resilient to a later reissuing of the rights, and to resolve conflicts between principals by giving precedence to predecessors, i.e.\ principals that come earlier in the delegation chain. However, the effects of negative authorizations have been defined differently by different authors. Having identified three definitions of this effect from the literature, the first contribution of this paper is to point out that two of these three definitions pose a security threat. However, avoiding this security threat comes at a price: We prove that with the safe definition of the effect of negative authorizations, deciding whether a principal does have access to a resource is an NP-complete decision problem. We discuss two limitations that can be imposed on an access-control system in order to reduce the complexity of the problem back to a polynomial complexity: Limiting the length of delegation chains to an integer m reduces the runtime complexity of determining access to O(n^m), and requiring that principals form a hierarchy that graph-theoretically forms a rooted tree makes this decision problem solvable in quadratic runtime. Finally we discuss an approach that can mitigate the complexity problem in practice without fully getting rid of NP-completeness. [less ▲] Detailed reference viewed: 10 (0 UL)A logical approach to restricting access in online social networks Cramer, Marcos ; Pang, Jun ; Zhang, Yang in Proceedings of the 20th ACM Symposium on Access Control Models and Technologies (2015) Detailed reference viewed: 55 (7 UL)A Logic of Trust for Reasoning about Delegation and Revocation Cramer, Marcos ; Ambrossio, Diego Agustin ; in Proceedings of the 20th ACM Symposium on Access Control Models and Technologies (2015) Detailed reference viewed: 39 (6 UL)Modelling the usage of partial functions and undefined terms using presupposition theory Cramer, Marcos in Geschke, Stefan; Loewe, Benedikt; Schlicht, Philipp (Eds.) Infinity, Computability and Metamathematics – Festschrift celebrating the 60th birthdays of Peter Koepke and Philip Welch (2014) We describe how the linguistic theory of presuppositions can be used to analyse and model the usage of partial functions and undefined terms in mathematical texts. We compare our account to other accounts ... [more ▼] We describe how the linguistic theory of presuppositions can be used to analyse and model the usage of partial functions and undefined terms in mathematical texts. We compare our account to other accounts of partial functions and undefined terms, showing how our account models the actual usage of partial functions and undefined terms more faithfully than existing accounts. The model described in this paper has been developed for the Naproche system, a computer system for proof-checking mathematical texts written in controlled natural language, and has largely been implemented in this system. [less ▲] Detailed reference viewed: 44 (11 UL)Modelling implicit dynamic introduction of function symbols in mathematical texts Cramer, Marcos in de Paiva, Valeria; et al. (Eds.) Joint Proceedings of the Second Workshop on Natural Language and Computer Science (NLCS’14) & 1st International Workshop on Natural Language Services for Reasoners (NLSR 2014) Affliated to RTA-TLCA, VSL 2014 July 17-18, 2014 Vienna, Austria. (2014) The specialized language of mathematics has a number of linguistically and logically interesting features. One of them, which to our knowledge has not been systematically studied before, is the implicit ... [more ▼] The specialized language of mathematics has a number of linguistically and logically interesting features. One of them, which to our knowledge has not been systematically studied before, is the implicit dynamic introduction of function symbols, exemplified by constructs of the form "for every x there is an f(x) such that ...". We present an extension of Groenendijk and Stokhof's Dynamic Predicate Logic – Typed Higher-Order Dynamic Predicate Logic – which formally models this feature of the language of mathematics. Furthermore, we illustrate how the implicit dynamic introduction of function symbols is treated in the proof checking algorithm of the Naproche system. [less ▲] Detailed reference viewed: 36 (2 UL) |
||