Events - Colloquia & Seminars

CCIS Colloquium Spring 2005

Reasoning about Security Policies

Speaker: Vicky Weissman
Cornell University

Date: March 25, 2005
Talk: 11:00am, 366 WVH

Abstract

An authorization policy says that an action is permitted or forbidden if certain conditions hold. For example, in the James Bond movies, the British Secret Service (MI6) has the policy 'an agent may assassinate people (i.e., has a license to kill) if the agent's number begins with '00'. Our goal is to answer questions about what is and is not allowed by a set of policies.

For example, we might want to know if James Bond, who is Agent 007, may apply for a British passport, given the MI6's policy and the British government policies 'British subjects may not assassinate one another' and 'only British subjects may apply for British passports'.

In this talk, I show that the policies forbid James to apply for a passport. To handle a wide-range of policies and queries, I also present a fragment of first-order logic that Joe Halpern and I discovered; if the policies are written in the fragment, then we can answer queries in a provably correct way and in time that is quadratic in the size of the query. I finish the talk by discussing the impact our work has had on an industry-sponsored language called XrML.

Biography

Vicky Weissman is graduating this August from Cornell University. Her work has been strongly influenced by both the formal methods community that she now calls home and the engineering community where her professional activities began with a B.S. in Electrical Engineering and few years experience in industry as first a hardware and then a software engineer.

Vicky's advisor is Joe Halpern.