BelLog

BelLog is a four-valued logic programming language for constructing policy languages with delegation and composition operators. BelLog is an extension of stratified Datalog, where the truth values come from Belnap’s four-valued logic.

Papers:

Title: DownloadDecentralized Composite Access Control (PDF, 656 KB) (POST'14)

Authors: Petar Tsankov, Srdjan Marinovic, Mohammad Torabi Dashti, and David Basin

Software:

Fail-Secure Access Control

Decentralized and distributed access control systems are subject to communication and component failures. These can affect access decisions in surprising and unintended ways, resulting in insecure systems. BelLog can be used to specify an access control policy together with the failure-handling implemented in the Policy Decision Point (PDP) used to evaluate the policy. The PDP's behavior can be analyzed with respect to fail-security requirements, i.e. the requirements that describe how failures should be handled, using BelLog's analysis framework.

Papers:

Title: DownloadFail-Secure Access Control (PDF, 781 KB) (CCS'14)

Authors: Petar Tsankov, Srdjan Marinovic, Mohammad Torabi Dashti, and David Basin

Software:

Github page: external pagehttp://github.com/ptsankov/bellog-analysis
Source code: Downloadbellog-analysis (BZ2, 16 KB)
DownloadREADME (MD, 2 KB)