DKAL 2 – A Simplified and Improved Authorization Language

  • Yuri Gurevich
  • Itay Neeman

MSR-TR-2009-11 |

Knowledge and information are central notions in DKAL, a logic based authorization language for decentralized systems, the most expressive among such languages in the literature. Pieces of information are called infons. Here we present DKAL 2, a surprisingly simpler version of the language that expresses new important scenarios (in addition to the old ones) and that is built around a natural logic of infons. Trust became definable and its properties, postulated earlier as DKAL house rules, are now proved. In fact, none of the house rules postulated earlier is now needed. We identify also a most practical fragment of DKAL where the query derivation problem is solved in linear time.