Security language expressions for logic resolution

US 8,938,783 B2
Filed: 09/11/2006
Issued: 01/20/2015
Est. Priority Date: 09/11/2006
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

determining, by one or more processors of a first computing device, whether an assertion context is safe or not safe by checking a syntax of one or more assertions of the assertion context, wherein the assertion context is safe when the syntax of each of the one or more assertions is safe and the assertion context is not safe when the syntax of at least one of the one or more assertions is not safe, wherein the syntax of the one or more assertions comprises a grammatically correct sentence comprising “

principal says claim,”

wherein the “

principal”

comprises a user of the first computing device who grants or restricts access to a resource stored in memory of the first computing device or a second computing device, and wherein the “

claim”

comprises a first fact comprising a statement about the principal;

determining, by the one or more processors, whether a syntax of an authorization query is safe or not safe, wherein the syntax of the authorization query comprises a grammatically correct logical expression comprising a second fact;

at least in part in response to determining that the assertion context is safe and at least in part in response to determining that the authorization query is safe;

translating, by the one or more processors, the safe assertion context and the safe authorization query into a logic language, andevaluating, by the one or more processors, the translated authorization query in conjunction with the translated assertion context to produce an authorization decision to grant or restrict access to the resource stored in the memory of the first computing device or the second computing device; and

in response to determining that the assertion context is not safe or in response to determining that the authorization query is not safe, refraining from evaluating the authorization query in conjunction with the assertion context to produce an authorization decision,wherein the determining whether the assertion context is safe or not safe guarantees that the evaluating the translated authorization query in conjunction with the translated assertion context terminates in all cases.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A security language expresses assertions and authorization queries in a manner that facilitates logic resolution. In an example implementation, assertion syntax and authorization query syntax are described. In another example implementation, checks on the safety of assertions and authorization queries are described. In yet another example implementation, semantics rules are described.

142 Citations

20 Claims

1. A method comprising:
- determining, by one or more processors of a first computing device, whether an assertion context is safe or not safe by checking a syntax of one or more assertions of the assertion context, wherein the assertion context is safe when the syntax of each of the one or more assertions is safe and the assertion context is not safe when the syntax of at least one of the one or more assertions is not safe, wherein the syntax of the one or more assertions comprises a grammatically correct sentence comprising “
  
  principal says claim,”
  
  wherein the “
  
  principal”
  
  comprises a user of the first computing device who grants or restricts access to a resource stored in memory of the first computing device or a second computing device, and wherein the “
  
  claim”
  
  comprises a first fact comprising a statement about the principal;
  
  determining, by the one or more processors, whether a syntax of an authorization query is safe or not safe, wherein the syntax of the authorization query comprises a grammatically correct logical expression comprising a second fact;
  
  at least in part in response to determining that the assertion context is safe and at least in part in response to determining that the authorization query is safe;
  
  translating, by the one or more processors, the safe assertion context and the safe authorization query into a logic language, andevaluating, by the one or more processors, the translated authorization query in conjunction with the translated assertion context to produce an authorization decision to grant or restrict access to the resource stored in the memory of the first computing device or the second computing device; and
  
  in response to determining that the assertion context is not safe or in response to determining that the authorization query is not safe, refraining from evaluating the authorization query in conjunction with the assertion context to produce an authorization decision,wherein the determining whether the assertion context is safe or not safe guarantees that the evaluating the translated authorization query in conjunction with the translated assertion context terminates in all cases.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method as recited in claim 1, wherein determining whether the assertion context is safe or not safe comprises applying an assertion-level syntactic check to each assertion of the assertion context;
    - and wherein determining whether the syntax of the authorization query is safe or not safe comprises applying a query-level syntactic check to the authorization query.
  - 3. The method as recited in claim 1, wherein determining whether the assertion context is safe or not safe comprises verifying that any initial variables of each assertion of the assertion context are safe or not safe by verifying that any initial variables are also present in a conditional fact of each respective assertion.
  - 4. The method as recited in claim 1, wherein determining whether the assertion context is safe or not safe comprises verifying that any constraint variables of each assertion of the assertion context are additionally otherwise present in each respective assertion.
  - 5. The method as recited in claim 1, wherein determining whether the assertion context is safe or not safe comprises verifying that any conditional facts of each assertion of the assertion context do not involve delegation.
  - 6. The method as recited in claim 1, wherein determining whether the syntax of the authorization query is safe or not safe comprises confirming that safety of the authorization query can be inferred by a finite number of applications of inference rules selected from a group of authorization query safety inference rules comprising:
    - a safe assertion inference rule, a safe conjunction inference rule, a safe disjunction inference rule, a safe negation inference rule, and a safe constraint inference rule.
  - 7. The method as recited in claim 1, wherein the grammatically correct sentence comprises an English-language sentence.

8. A first device comprising:
- one or more processors;
  
  assertions and authorization queries stored in memory;
  
  a safety checking module, stored in the memory and executable on the one or more processors, to (i) check that an assertion context is safe using an assertion syntactic check by checking a syntax of one or more assertions of the assertion context, wherein the syntax of the one or more assertions comprise a grammatically correct sentence comprising “
  
  principal says claim,”
  
  wherein the “
  
  principal”
  
  comprises a user of the first device who grants or restricts access to a resource of the first device or a second device, wherein the “
  
  claim”
  
  comprises a first fact comprising a statement about the principal, and wherein the assertion context is safe when the syntax of each of the one or more assertions of the assertion context is safe and not safe when the syntax of at least one of the one or more assertions of the assertion context is not safe, and (ii) check that an authorization query is safe using an authorization query syntactic check, wherein the syntax of the authorization query comprises a grammatically correct logic expression comprising a second fact; and
  
  an evaluation module, stored in the memory and executable on the one or more processors, to evaluate the authorization query against the assertion context to produce an authorization decision for granting or restricting access to the resource of the first device or the second device when the assertion context and the authorization query syntax are safe as determined by the safety checking module, wherein the evaluation module refrains from evaluating the authorization query against the assertion context responsive to determining by the safety checking module that at least one of the assertion context or the authorization query syntax is not safe.
- View Dependent Claims (9)
- - 9. The device as recited in claim 8, further comprising a language semantics module, stored in the memory and executable on the one or more processors, to implement three semantics rules comprising a conditional rule addressing assertions with conditional facts, a delegation rule addressing assertions indicating at least part of a right is being delegated;
    - and an alias rule addressing assertions indicating that one principal may act for another.

10. One or more computer-readable memory storing instructions that, when executed by a processor, enable actions for implementing a security scheme, the actions comprising:
- determining whether an assertion context of one or more assertions is safe or not safe, based at least on determining whether that all of the one or more assertions are safe;
  
  determining whether an authorization query is safe, based at least on checking a syntax of the authorization query;
  
  at least partly in response to determining that the assertion context is safe and determining that the authorization query is safe;
  
  translating the assertion context and the authorization query into a logic language, andevaluating the translated authorization query in conjunction with the translated assertion context to produce an authorization decision for access to a resource; and
  
  in response to determining that the assertion context is not safe or determining that the authorization query is not safe, refraining from evaluating the authorization query in conjunction with the assertion context to produce an authorization decision.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 11. The one or more computer-readable memory of claim 10, wherein each of the one or more assertions comprises a grammatically correct sentence of a form “
    - principal says claim,”
      
      wherein the “
      
      principal”
      
      comprises a user of a first computing device who grants or restricts access to the resource stored in a memory of the first computing device or a second computing device, and wherein the “
      
      claim”
      
      comprises a fact about the principal.
  - 12. The one or more computer-readable memory of claim 11, wherein the grammatically correct sentence comprises an English-language sentence.
  - 13. The one or more computer-readable memory of claim 10, wherein determining whether that the assertion context is safe or not safe includes applying an assertion-level syntactic check to each of the one or more assertions of the assertion context.
  - 14. The one or more computer-readable memory of claim 10, wherein determining whether the authorization query is safe includes applying a query-level syntactic check to the authorization query.
  - 15. The one or more computer-readable memory of claim 10, wherein determining whether the authorization query is safe includes recursively traversing one or more subqueries of the authorization query.
  - 16. The one or more computer-readable memory of claim 10, wherein determining whether the assertion context is safe or not safe comprises verifying whether any initial variables of each of the one or more assertions of the assertion context are safe by verifying that any initial variables are also present in a conditional fact of each respective assertion.
  - 17. The one or more computer-readable memory of claim 10, wherein determining whether the assertion context is safe or not safe comprises verifying that any constraint variables of each of the one or more assertions of the assertion context are otherwise present in each respective assertion.
  - 18. The one or more computer-readable memory of claim 10, wherein determining whether the assertion context is safe or not safe comprises verifying that any conditional facts of each of the one or more assertions of the assertion context do not involve delegation.
  - 19. The one or more computer-readable memory of claim 10, wherein the one or more assertions include at least one local assertion.
  - 20. The one or more computer-readable memory of claim 10, wherein the one or more assertions include at least one imported assertion.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Becker, Moritz Y., Dillaway, Blair B., Fournet, Cedric, Gordon, Andrew D.
Primary Examiner(s)
McNally, Michael S

Application Number

US11/530,564
Publication Number

US 20080066160A1
Time in Patent Office

3,053 Days
Field of Search

726/27, 726/28, 726/4
US Class Current

726/4
CPC Class Codes

G06F 21/12   Protecting executable software

G06F 21/30   Authentication, i.e. establ...

G06F 21/62   Protecting access to data v...

G06F 21/6218   to a system of files or obj...

G06F 8/315   Object-oriented languages

G06F 8/316   Aspect-oriented programming...

G06F 8/43   Checking; Contextual analysis

Security language expressions for logic resolution

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

142 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Security language expressions for logic resolution

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

142 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links