A logic for reasoning about security

1 August 1992

journal article
Published by Association for Computing Machinery (ACM) in ACM Transactions on Computer Systems

Vol. 10 (3), 226-264
https://doi.org/10.1145/146937.146940

Abstract

A formal framework called Security Logic ( SL ) is developed for specifying and reasoning about security policies and for verifying that system designs adhere to such policies. Included in this modal logic framework are definitions of knowledge, permission, and obligation . Permission is used to specify secrecy policies and obligation to specify integrity policies. The combination of policies is addressed and examples based on policies from the current literature are given.

Keywords

This publication has 12 references indexed in Scilit:

A logic of knowledge and belief for reasoning about computer security
Published by Institute of Electrical and Electronics Engineers (IEEE) ,2003
Obligation as the basis of integrity specification
Published by Institute of Electrical and Electronics Engineers (IEEE) ,2003
Reasoning about knowledge in multilevel secure distributed systems
Published by Institute of Electrical and Electronics Engineers (IEEE) ,2003
The SeaView security model
IEEE Transactions on Software Engineering, 1990
A logic of authentication
ACM Transactions on Computer Systems, 1990
Stating security requirements with tolerable sets
ACM Transactions on Computer Systems, 1988
The development and proof of a formal specification for a multilevel secure system
ACM Transactions on Computer Systems, 1987
Formal Models for Computer Security
ACM Computing Surveys, 1981
The temporal semantics of concurrent programs
Theoretical Computer Science, 1981
A lattice model of secure information flow
Communications of the ACM, 1976

Cited by 64 articles