Access Control, Security, and Trust A Logical Approach [Hardcover]

Developed from the authors courses at Syracuse University and the U.S. Air Force Research Laboratory, Access Control, Security, and Trust: A Logical Approachequips readers with an access control logic they can use to specify and verify their security designs. Throughout the text, the authors use a single access control logic based on a simple propositional modal logic.

The first part of the book presents the syntax and semantics of access control logic, basic access control concepts, and an introduction to confidentiality and integrity policies. The second section covers access control in networks, delegation, protocols, and the use of cryptography. In the third section, the authors focus on hardware and virtual machines. The final part discusses confidentiality, integrity, and role-based access control.

Taking a logical, rigorous approach to access control, this book shows how logic is a useful tool for analyzing security designs and spelling out the conditions upon which access control decisions depend. It is designed for computer engineers and computer scientists who are responsible for designing, implementing, and verifying secure computer and information systems.

Access Control, Security, Trust, and Logic
Deconstructing Access Control Decisions
A Logical Approach to Access Control

PRELIMINARIES
A Language for Access Control
Sets and Relations
Syntax
Semantics

Reasoning about Access Control
Logical Rules
Formal Proofs and Theorems
Soundness of Logical Rules

Basic Concepts
Reference Monitors
Access Control Mechanisms: Tickets and Lists
Authentication

Security Policies
ConfidelóZ