| Issue |
MATEC Web Conf.
Volume 210, 2018
22nd International Conference on Circuits, Systems, Communications and Computers (CSCC 2018)
|
|
|---|---|---|
| Article Number | 04053 | |
| Number of page(s) | 6 | |
| Section | Computers | |
| DOI | https://doi.org/10.1051/matecconf/201821004053 | |
| Published online | 05 October 2018 | |
Trilattice-Based Access Control Models: How to Secure Current Computer Network
Siberian Federal University, School of Space and Information Technologies, 660074 26B Kirenskogo Krasnoyarsk, Russia
* Corresponding author: mkucherov@sfu-kras.ru
Designing security, from the hardware level, is essential to ensure the integrity of the intelligent cyber-physical infrastructure that is the Industrial Internet of Things (IIoT). If intelligent cyber-physical infrastructure fails to do the right things because it is insecure and vulnerable, then there will be negative social consequences [1]. Security is, in a sense, the access control to IIoT systems, which increasingly relies on the ability to compose different policies. Therefore, the advantage in any framework for compiling policies is that it is intuitive, formal, expressive, application-independent, as well as expandable to create domain-specific instances. Recently, such a scheme was proposed based on Belnap logic FOUR2 [2]. Four values of the Belnap bilattice have been interpreted as grant, deny, conflict, or unspecified with respect to access-control policy. Belnap’s four-valued logic has found a variety of applications in various fields, such as deductive database theory, distributed logic programming, and other areas. However, it turns out that the truth order in FOUR2 is a truth-and-falsity order at the same time [3]. The smallest lattice, where the orders of truth and falsity are independent of each other, which is especially important for security policy, is that of Shramko-Wansing’s SIXTEEN3. This generalization is well-motivated and leads from the bilattice FOUR2 with an information and a truth-and-falsity ordering to another algebraic structure, namely the trilattice SIXTEEN3 with an information ordering together with a truth ordering and a (distinct) falsity ordering.Based onSIXTEEN3 and new Boolean predicates to control access [4], we define an expressive access-control policy language, having composition statements based on the statements of Schramko-Wansing’s logic. Natural orderings on politics are obtained by independent lifting the orders of truth and falsity of trilattice, which results in a query language in which conflict freedom analysis can be developed. The reduction of formal verification of queries to that on predicates over access requests enables to carry out policy analysis. We evaluate our approach through examples of control access model policy.
© The Authors, published by EDP Sciences, 2018
This is an Open Access article distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Current usage metrics show cumulative count of Article Views (full-text article views including HTML views, PDF and ePub downloads, according to the available data) and Abstracts Views on Vision4Press platform.
Data correspond to usage on the plateform after 2015. The current usage metrics is available 48-96 hours after online publication and is updated daily on week days.
Initial download of the metrics may take a while.