Logics for authorizations and security

Today's computer systems and applications are based on a globally internet worked infrastructure, connecting remote parties through large-scale networks such as the World Wide Web. The network-based nature of applications improves information availability, but at the same time, it increases system vulnerability; calling for powerful and reliable tools for specifying and enforcing security properties. The expressive power and the formal foundations of logical formalisms are appealing in this context. Logics of various kinds have already been investigated and are being proposed as suitable means for tackling many facets of security. In this chapter, we survey some of the major applications of logics to the specification, verification, and enforcement of security policies, with special attention to the security issues that arise in open and distributed systems. We shall point out some practical aspects that may increase the usability of logic-based techniques and some possible directions for further research.