Security language expressions for logic resolution

摘要

A security language expresses assertions and authorization queries in a manner that facilitates logic resolution. In an example implementation, assertion syntax and authorization query syntax are described. In another example implementation, checks on the safety of assertions and authorization queries are described. In yet another example implementation, semantics rules are described.

主权项

1. A method comprising:
determining, by one or more processors of a first computing device, whether an assertion context is safe or not safe by checking a syntax of one or more assertions of the assertion context, wherein the assertion context is safe when the syntax of each of the one or more assertions is safe and the assertion context is not safe when the syntax of at least one of the one or more assertions is not safe, wherein the syntax of the one or more assertions comprises a grammatically correct sentence comprising “principal says claim,” wherein the “principal” comprises a user of the first computing device who grants or restricts access to a resource stored in memory of the first computing device or a second computing device, and wherein the “claim” comprises a first fact comprising a statement about the principal; determining, by the one or more processors, whether a syntax of an authorization query is safe or not safe, wherein the syntax of the authorization query comprises a grammatically correct logical expression comprising a second fact; at least in part in response to determining that the assertion context is safe and at least in part in response to determining that the authorization query is safe:
translating, by the one or more processors, the safe assertion context and the safe authorization query into a logic language, andevaluating, by the one or more processors, the translated authorization query in conjunction with the translated assertion context to produce an authorization decision to grant or restrict access to the resource stored in the memory of the first computing device or the second computing device; and in response to determining that the assertion context is not safe or in response to determining that the authorization query is not safe, refraining from evaluating the authorization query in conjunction with the assertion context to produce an authorization decision, wherein the determining whether the assertion context is safe or not safe guarantees that the evaluating the translated authorization query in conjunction with the translated assertion context terminates in all cases.