{"updated":"2025-01-21T23:29:32.836010+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00070341","sets":["581:5994:6168"]},"path":["6168"],"owner":"11","recid":"70341","title":["論理プログラミングを基礎とした認可ポリシ記述言語"],"pubdate":{"attribute_name":"公開日","attribute_value":"2010-09-15"},"_buckets":{"deposit":"87d4f2c9-bb41-4865-9737-d5befade8ddd"},"_deposit":{"id":"70341","pid":{"type":"depid","value":"70341","revision_id":0},"owners":[11],"status":"published","created_by":11},"item_title":"論理プログラミングを基礎とした認可ポリシ記述言語","author_link":["0","0"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"論理プログラミングを基礎とした認可ポリシ記述言語"},{"subitem_title":"Policy Description Language for Authorization Using Logic-based Programming","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"特集：人と組織の社会貢献を支えるコンピュータセキュリティ技術","subitem_subject_scheme":"Other"}]},"item_type_id":"2","publish_date":"2010-09-15","item_2_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"情報セキュリティ大学院大学"},{"subitem_text_value":"情報セキュリティ大学院大学"},{"subitem_text_value":"情報セキュリティ大学院大学／株式会社情報技研"},{"subitem_text_value":"情報セキュリティ大学院大学"}]},"item_2_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Institute of Information Security","subitem_text_language":"en"},{"subitem_text_value":"Institute of Information Security","subitem_text_language":"en"},{"subitem_text_value":"Institute of Information Security / Advanced Institute of Information Technology","subitem_text_language":"en"},{"subitem_text_value":"Institute of Information Security","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/70341/files/IPSJ-JNL5109019.pdf"},"date":[{"dateType":"Available","dateValue":"2012-09-15"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-JNL5109019.pdf","filesize":[{"value":"214.5 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"8"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"8464e3c3-f315-49ab-9b49-6aa58eaa0ab0","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2010 by the Information Processing Society of Japan"}]},"item_2_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"橋本, 正樹"},{"creatorName":"金, 美羅"},{"creatorName":"辻, 秀典"},{"creatorName":"田中, 英彦"}],"nameIdentifiers":[{}]}]},"item_2_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Masaki, Hashimoto","creatorNameLang":"en"},{"creatorName":"Mira, Kim","creatorNameLang":"en"},{"creatorName":"Hidenori, Tsuji","creatorNameLang":"en"},{"creatorName":"Hidehiko, Tanaka","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_2_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AN00116647","subitem_source_identifier_type":"NCID"}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_6501","resourcetype":"journal article"}]},"item_2_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"1882-7764","subitem_source_identifier_type":"ISSN"}]},"item_2_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"近年の情報システムでは脆弱性を完全に排除するのが難しいため，多層防御によってセキュリティ・インシデントの発生に備える必要がある．多層防御を効果的に実現するためには，細粒度の強制アクセス制御を行うための膨大なアクセス制御規則をポリシとして記述する必要があるが，既存の記述方式は可読性や保守性に問題がある．本研究では，論理プログラムとしてアクセス制御規則を記述することで，属性の継承や頻出する認可手順のサブルーチン化をサポートするポリシ記述言語を提案し，この問題を解決する．本稿では，認可判定の妥当性と表現力を評価して，本言語の有用性を実証し，期待される効果を考察する．","subitem_description_type":"Other"}]},"item_2_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Recently, with the impossibility of eradicating the vulnerabilities of information systems, we must prepare for the occurrence of the security incident by the multi-layer defense called Defense-in-Depth strategy. In the multi-layer defense, it is important to authorize accesses in fine-grained granularity to compose each layer effectively and many access control models are proposed to follow them. However, policy description languages proposed so far cannot express the models appropriately in proper granularity. In this paper, we propose a policy description language which can designate many kinds of conditions for access control like dynamic status of application process as an element of decision data, and implement it in Datalog. Using the proposed language, we compose the policy of SELinux which is a major implementation achieving the multi-layer defense, and we confirm the advantages of the proposed language by evaluating the validity and the expressiveness.","subitem_description_type":"Other"}]},"item_2_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"1691","bibliographic_titles":[{"bibliographic_title":"情報処理学会論文誌"}],"bibliographicPageStart":"1682","bibliographicIssueDates":{"bibliographicIssueDate":"2010-09-15","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"9","bibliographicVolumeNumber":"51"}]},"relation_version_is_last":true,"weko_creator_id":"11"},"created":"2025-01-18T23:29:35.786818+00:00","id":70341,"links":{}}