Skip to main content
SpringerLink
Log in
Book cover

E-Commerce Security and Privacy pp 133–159Cite as

Provisional Authorizations

  • Chapter

Part of the book series: Advances in Information Security ((ADIS,volume 2))

Abstract

Past generations of access control systems, when faced with an access request, have issued a “yes” (resp. “no”) answer to the access request resulting in access being granted (resp. denied). In this chapter, we ar­gue that for the world’s rapidly proliferating business to business (B2B) applications and auctions, “yes/no” responses are just not enough. We propose the notion of a “provisional authorization” which intuitively says “You may perform the desired access provided you cause condition C to be satisfied.” For instance, a user accessing an online brokerage may receive some information if he fills out his name/address, but not otherwise. While a variety of such provisional authorization mecha­nisms exist on the web, they are all hardcoded on an application by application basis. We show that given (almost) any logic L, we may define a provisional authorization specification language pASLL. pASLL is based on the declarative, polynomially evaluable authorization spec­ification language ASL proposed by Jajodia et al [JSS97]. We define programs in pASLL, and specify how given any access request, we must find a “weakest” precondition under which the access can be granted (in the worst case, if this weakest precondition is “false” this amounts to a denial). We develop a model theoretic semantics for pASLL and show how it can be applied to online sealed-bid auction servers and online contracting.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD   109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. K. Arisha, T. Eiter, S. Kraus, F. Ozcan, R. Ross, and V. S. Subrahmanian. IMPACT: Interactive Maryland Platform for Agents Collaborating Together. IEEE Intelligent Systems, pages 64–72, March 1999.

    Google Scholar 

  2. M. Blaze, J. Feigenbaum, J. Ioannidis, and A. Keromytis. The KeyNote trust management system (version 2). Technical report, In­ternet RFC,http://www.cis.upenn.edu/angelos/Papers/rfcnnnn.txt

  3. M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized trust management. In Proc. IEEE Symp. on Security and Privacy, pages 164–173, May 1996.

    Google Scholar 

  4. D. F. C. Brewer and M. J. Nash. The Chinese wall security pol­icy. In Proc. Symp. on Security and Privacy, pages 215–228, Oakland, CA, May 1989.

    Google Scholar 

  5. Silvana Castano, Mariagrazia Fugini, Giancarlo Martella, and Pierangela Samarati. Database Security. Addison-Wesley, Read­ing, MA, 1994.

    Google Scholar 

  6. Dorothy E. Denning. Cryptography and Data Security. Addison-Wesley, Reading, MA, 1983.

    Google Scholar 

  7. M. K. Franklin and M. K. Reiter. The design and implementa­tion of a secure auction service. IEEE Trans. on Software Engineering,22(5):302–312, May 1996.

    Article  Google Scholar 

  8. Sushil Jajodia, Pierangela Samarati, and V. S. Subrahmanian. A logical language for expressing authorizations. In Proc. IEEE Symp. on Security and Privacy, pages 31–42, Oakland, CA, May 1997.

    Google Scholar 

  9. [] Sushil Jajodia, Pierangela Samarati, V. S. Subrahmanian, and Elisa Bertino. A unified framework for enforcing multiple access con­trol policies. In Proc. ACM SIGMOD Int’l. Conf. on Management of Data, pages 474–485, Tucson, AZ, May 1997.

    Google Scholar 

  10. [] Manoj Kumar and Stuart I. Feldman. Internet auctions. In Third USENIX Workshop on Electronic Commerce, 1998.

    Google Scholar 

  11. Charlie Kaufman, Radia Perlman, and Make Speciner. Network Security: Private Communication in a Public World. Prentice—Hall, Englewood Cliffs, NJ, 1995.

    Google Scholar 

  12. Michiharu Kudo. Secure electronic sealed-bid auction protocol with public key cryptography. IEICE Transactions on Fundamentals of Electronics,Communications and Computer Sciences, E81-A(1), January 1998.

    Google Scholar 

  13. J. W. Lloyd. Foundations of Logic Programming. Springer, 1987.

    Google Scholar 

  14. Paul Milgrom. Auctions and bidding: A primer. Journal of Economic Perspectives, 3(3):3–22, Summer 1989.

    Google Scholar 

  15. R.P McAfee and John McMillan. Auctions and bidding. Jour­nal of Economic Literature, 25(2):699–738, June 1987.

    Google Scholar 

  16. T. Przymusinski. On the declarative semantics of deductive databases and logic programs In J. Minker, editor, Foundations of deductive databases,pages 193–216. Morgan Kaufmann, San Mateo, 1988.

    Google Scholar 

  17. [] J. Shoenfield. Mathematical Logic. Addison Wesly, 1967.

    Google Scholar 

  18. J. G. Stener, B. C. Neuman, and J. I. Schiller. Kerberos: An authentication service for open network systems. In Proc. USENIX Conf., February 1988.

    Google Scholar 

  19. David Vickrey. Counter speculation, auctions, and competitive sealed tenders. Journal of Finance, pages 9–37, March 1961.

    Google Scholar 

  20. Thomas Y. C. Woo and Simon S. Lam. Authorizations in dis­tributed systems: A new approach. Journal of Computer Security, 2(2,3):107–136, 1993.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Center for Secure Information Systems, George Mason University, Fairfax, VA, 22030-4444

    Sushil Jajodia

  2. Tokyo Research Laboratory, IBM Japan Ltd, 1623-14, Shimotsuruma, Yamato-shi, 242-8502, Japan

    Michiharu Kudo

  3. Institute for Advanced Computer Studies Institute for Systems Research and Department of Computer Science, University of Maryland, College Park, Maryland, 20742

    V. S. Subrahmanian

Authors
  1. Sushil Jajodia
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Michiharu Kudo
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. V. S. Subrahmanian
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Cigital, Inc., USA

    Anup K. Ghosh

Rights and permissions

Reprints and permissions

Copyright information

© 2001 Springer Science+Business Media New York

About this chapter

Cite this chapter

Jajodia, S., Kudo, M., Subrahmanian, V.S. (2001). Provisional Authorizations. In: Ghosh, A.K. (eds) E-Commerce Security and Privacy. Advances in Information Security, vol 2. Springer, Boston, MA. https://doi.org/10.1007/978-1-4615-1467-1_8

Download citation

  • DOI: https://doi.org/10.1007/978-1-4615-1467-1_8

  • Publisher Name: Springer, Boston, MA

  • Print ISBN: 978-1-4613-5568-7

  • Online ISBN: 978-1-4615-1467-1

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation