Link to the University of Pittsburgh Homepage
Link to the University Library System Homepage Link to the Contact Us Form

Defeasible security policy composition for web services

Lee, AJ and Boyer, JP and Olson, LE and Gunter, CA (2006) Defeasible security policy composition for web services. In: UNSPECIFIED UNSPECIFIED, 45 - 54. ISBN UNSPECIFIED

[img] Plain Text (licence)
Available under License : See the attached license file.

Download (1kB)


The ability to automatically compose security policies created by multiple organizations is fundamental to the development of scalable security systems. The diversity of policies leads to conflicts and the need to resolve priorities between rules. In this paper we explore the concept of defeasible policy composition, wherein policies are represented in defeasible logic and composition is based on rules for non-monotonic inference. This enables policy writers to assert rules tentatively; when policies are composed the policy with the firmest position takes precedence. In addition, the structure of our policies allows for composition to occur using a single operator; this allows for entirely automated composition. We argue that this provides a practical system that can be understood by typical policy writers, analyzed rigorously by theoreticians, and efficiently automated by computers. We aim to partially validate these claims here with a formulation of defeasible policy composition for web services, an emerging foundation for B2B commerce on the World Wide Web. Copyright 2006 ACM.


Social Networking:
Share |


Item Type: Book Section
Status: Published
CreatorsEmailPitt UsernameORCID
Lee, AJadamlee@pitt.eduADAMLEE
Boyer, JP
Olson, LE
Gunter, CA
Date: 1 December 2006
Date Type: Publication
Journal or Publication Title: Proceedings of the Fourth ACM Workshop on Formal Methods in Security Engineering, FMSE'06. A workshop held in conjuction with the 13th ACM Conference on Computer and Communications Security, CCS'06
Page Range: 45 - 54
DOI or Unique Handle: 10.1145/1180337.1180342
Schools and Programs: Dietrich School of Arts and Sciences > Computer Science
Refereed: Yes
Date Deposited: 28 Nov 2012 22:38
Last Modified: 02 Feb 2019 16:56


Monthly Views for the past 3 years

Plum Analytics

Actions (login required)

View Item View Item