Abstract: Security language constructs may be translated into logic language constructs and vice versa. Logic resolution may be effected using, for example, the logic language constructs. In an example implementation, translation of a security language assertion into at least one logic language rule is described. In another example implementation, translation of a proof graph reflecting a logic language into a proof graph reflecting a security language is described. In yet another example implementation, evaluation of a logic language program using a deterministic algorithm is described.

Abstract: A security language expresses assertions and authorization queries in a manner that facilitates logic resolution. In an example implementation, assertion syntax and authorization query syntax are described. In another example implementation, checks on the safety of assertions and authorization queries are described. In yet another example implementation, semantics rules are described.

Abstract: Software tools assist an access-policy analyst or creator to debug and/or author access policies. An access request contains a query that evaluates to either true or false depending on whether access is to be allowed. Abduction may be used to generate assumptions that, if true, would cause the access request to be true. The tool may perform analysis on the generated assumptions, such as: comparing the assumptions with tokens to detect errors in the tokens or to suggest changes to the tokens that would cause the query to be satisfied, or comparing the assumptions to a meta-policy. The tool may allow an analysis, policy author, or other person to interactively walk through assumptions in order to see the implications of the access policy.

Abstract: Security language constructs may be translated into logic language constructs and vice versa. Logic resolution may be effected using, for example, the logic language constructs. In an example implementation, translation of a security language assertion into at least one logic language rule is described. In another example implementation, translation of a proof graph reflecting a logic language into a proof graph reflecting a security language is described. In yet another example implementation, evaluation of a logic language program using a deterministic algorithm is described.

Abstract: Security language constructs may be translated into logic language constructs and vise versa. Logic resolution may be effected using, for example, the logic language constructs. In an example implementation, translation of a security language assertion into at least one logic language rule is described. In another example implementation, translation of a proof graph reflecting a logic language into a proof graph reflecting a security language is described. In yet another example implementation, evaluation of a logic language program using a deterministic algorithm is described.

Abstract: Access to a resource may be controlled by a policy, such that a request to access the resource is either granted or denied based on what assertions have been made by various principals. To find the assertions that support a grant of access to the resource, a template may be created that defines the nature of assertions that would cause access to succeed. Assertions may be stored in the form of tokens. The template may be used to search an existing token store to find assertions that have been made, and/or to generate assertions that have not been found in the token store and that would satisfy the template. The assertions in the template may be created by performing an abductive reasoning process on an access query.

Abstract: In an example implementation, a bifurcated security scheme has a first level that does not allow usage of negations and a second level that does permit usage of negations. In another example implementation, an authorization query table maps respective resource-specific operations to respective associated authorization queries. In yet another example implementation, authorization queries are permitted to have negations, but individual assertions are not.

Abstract: Architecture that employs dynamic assertion providers in logic-based security policy languages. The dynamic assertion providers provide a mechanism by which data can be processed in an efficient, goal-directed manner. The application of dynamic assertion providers enables the inferencing over type hierarchies, including hierarchies of personally identifiable information and also for file systems which are hierarchal in nature. When searching for facts to bind against for a given subgoal, dynamic assertion providers are also queried. These objects follow an interface which can implement an arbitrary method to provide facts to the logic engine in a goal-directed, on-demand manner. Hierarchical types can be implemented using a hierarchy provider.

Abstract: The delegation of rights may be controlled in a number of manners. In an example implementation, a delegation authority assertion is formulated with a delegator principle, a delegatee principal, a verb phrase, a resource, and a delagation-directive verb. In another example implementation, a delegation mechanism involving an assertor, a first principal, and a second principal enables a delegation to be specifically controlled. In yet another example implementation, a chained delegation mechanism enables explicit control of a permitted transitive chaining depth.

Abstract: In an example implementation, a bifurcated security scheme has a first level that does not allow usage of negations and a second level that does permit usage of negations. In another example implementation, an authorization query table maps respective resource-specific operations to respective associated authorization queries. In yet another example implementation, authorization queries are permitted to have negations, but individual assertions are not.

Abstract: Security assertion revocation enables a revocation granularity in a security scheme down to the level of individual assertions. In an example implementation, a security token includes multiple respective assertions that are associated with multiple respective assertion identifiers. More specifically, each individual assertion is associated with at least one individual assertion identifier.

Abstract: Architecture that employs dynamic assertion providers in logic-based security policy languages. The dynamic assertion providers provide a mechanism by which data can be processed in an efficient, goal-directed manner. The application of dynamic assertion providers enables the inferencing over type hierarchies, including hierarchies of personally identifiable information and also for file systems which are hierarchal in nature. When searching for facts to bind against for a given subgoal, dynamic assertion providers are also queried. These objects follow an interface which can implement an arbitrary method to provide facts to the logic engine in a goal-directed, on-demand manner. Hierarchical types can be implemented using a hierarchy provider.

Abstract: A logic language model for handling of personal data by specifying users' preferences on how their personal data should be treated by data-collecting services and the services' policies on how they will treat collected data is provided. Preferences and policies are specified in terms of granted rights and required obligations, expressed as declarative assertions and queries. Query evaluation is formalized by a proof system for verifying whether a policy satisfies a preference is defined.

Abstract: In an example implementation, a bifurcated security scheme has a first level that does not allow usage of negations and a second level that does permit usage of negations. In another example implementation, an authorization query table maps respective resource-specific operations to respective associated authorization queries. In yet another example implementation, authorization queries are permitted to have negations, but individual assertions are not.

Abstract: Logical abduction is used to derive the premises that support an access query. In a logic-based access-control system, a query, as to one or more principals' right to access one or more resources, is a statement that can be either true or false. The statement evaluates to true if the principal is allowed to access the resource under the existing set of assertions. Assertions that, if made, would cause the statement to be true can be abduced from the query and from the policy against which the truth of the query is to be judged. The abduced assertions can be used to assist in making the appropriate assertions to cause the query to evaluate to true so that access to the resource can be granted.

Abstract: Credentials may be gathered to support an access request. In one example, a template describes the credentials to be gathered. A set of credential providers may be consulted, in a particular sequence, to provide the credentials. Credentials may contain variables, and each credential provider may impose its own constraints on the values to be assigned to the variables. Instantiation of the variables may be deferred to a downstream credential provider, thereby allowing each credential provider to specify its constraints on the variables before specific values for the variables are chosen. In one example, an instantiation fact (or “inst fact”) is used to represent the deferred instantiation. A provider may use an inst fact to make its credentials conditional on the instantiation of the variables that the credential contains, where some downstream provider may attempt to instantiate the variables to specific values.

Abstract: Whether user-side privacy preferences and service-side privacy policies are matched is determined utilizing an extended security policy assertion language. Both privacy policies, i.e. how data recipients promise to treat data, and privacy preferences, i.e. how data providers expect their data to be treated, are expressed with the same language. Decisions are made through evaluation of queries based on preference and policy assertions.

Abstract: Software tools assist an access-policy analyst or creator to debug and/or author access policies. An access request contains a query that evaluates to either true or false depending on whether access is to be allowed. Abduction may be used to generate assumptions that, if true, would cause the access request to be true. The tool may perform analysis on the generated assumptions, such as: comparing the assumptions with tokens to detect errors in the tokens or to suggest changes to the tokens that would cause the query to be satisfied, or comparing the assumptions to a meta-policy. The tool may allow an analysis, policy author, or other person to interactively walk through assumptions in order to see the implications of the access policy.

Abstract: Logical abduction is used to derive the premises that support an access query. In a logic-based access-control system, a query, as to one or more principals' right to access one or more resources, is a statement that can be either true or false. The statement evaluates to true if the principal is allowed to access the resource under the existing set of assertions. Assertions that, if made, would cause the statement to be true can be abduced from the query and from the policy against which the truth of the query is to be judged. The abduced assertions can be used to assist in making the appropriate assertions to cause the query to evaluate to true so that access to the resource can be granted.

Abstract: Access to a resource may be controlled by a policy, such that a request to access the resource is either granted or denied based on what assertions have been made by various principals. To find the assertions that support a grant of access to the resource, a template may be created that defines the nature of assertions that would cause access to succeed. Assertions may be stored in the form of tokens. The template may be used to search an existing token store to find assertions that have been made, and/or to generate assertions that have not been found in the token store and that would satisfy the template. The assertions in the template may be created by performing an abductive reasoning process on an access query.