DKAL: Distributed-Knowledge Authorization Language

8 years 8 months ago
DKAL: Distributed-Knowledge Authorization Language
DKAL is a new declarative authorization language for distributed systems. It is based on existential fixed-point logic and is considerably more expressive than existing authorization languages in the literature. Yet its query algorithm is within the same bounds of computational complexity as e.g. that of SecPAL. DKAL’s communication is targeted which is beneficial for confidentiality, security, and liability protection. DKAL enables flexible use of functions; in particular principals can quote (to other principals) whatever has been said to them. DKAL strengthens the trust delegation mechanism of SecPAL. A novel information order contributes to succinctness. DKAL introduces a semantic safety condition that guarantees the termination of the query algorithm.
Yuri Gurevich, Itay Neeman
Added 29 May 2010
Updated 29 May 2010
Type Conference
Year 2008
Where CSFW
Authors Yuri Gurevich, Itay Neeman
Comments (0)