Abstract
In this paper, the authors propose a formal logic technique to protect information systems. As the widespread use of computer systems grows, the security of the information stored in such systems has become more important. As a security mechanism, authorization or access control ensures that all accesses to the system resources occur exclusively according to the access polices and rules specified by the system security agent. Authorization specification has been widely studied and a variety of approaches have been investigated. The authors propose a formal language with modal logic to specify the system security policies. The authors also provide the reasoning in response to system access requests, especially in situations where the security agent’s knowledge base is incomplete. The semantics of this language is provided by translating it into epistemic logic program in which knowledge related modal operators are employed to represent agents’ knowledge in reasoning. The authors demonstrate how this approach handles the situation where the security agent’s knowledge on access decision is incomplete. The proposed mechanism effectively prevents unauthorized and malicious access to information systems.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
