Reference from ESORICS proceedings

First European Symposium On Research In Computer Security (ESORICS 90)

An Epistemic and Deontic Logic for Reasoning about Computer Security

F. Cuppens

Keywords : security model, formal logic, modal logic

Abstract : We suggest in this paper a logical approach to security using several modal logics: - an epistemic logic to allow representation of user's knowledge. - a deontic logic to represent what each user is permitted to know. - a temporal logic to represent how knowledge and permission to know change over time. We use then these logics to define formally the security in a computer. This logical formalism provide equally a formal method to express several security policies, especially, multilevel and discretionary security policies. We can then bring out sufficient conditions for such security policies and, we can prove that these conditions really ensure the security. Finally, the approach we propose should enable to represent particular systems and to verify some implementation aspects.

(Pages 135-145)

Proceedings table of contents