Piero A. Bonatti, Daniel Olmedilla, Joachim Peer:
Piero A. Bonatti (editor):
Advanced Policy Queries.

Complete Text [
.pdf, 292KB]
In: (I2-D4)

We argue that policy-aware systems can be ective only if: (i) common users|with no training in computer science or logic|become aware of the policy applied by their system; (ii) common users can personalize those policies; (iii) secure systems guide the user in getting the required permissions (cooperative enforcement). Towards this end, we introduce a mechanism for answering why, why-not, how-to, and what-if queries. Our framework is lightweight and scalable because it does not require any major ert when the general framework is instantiated in a specific application domain, and most of the computational ert can be delegated to the clients. Some novel aspects in our approach: First, we adopt a tabled explanation structure, that simultaneously shows local and global (intra-proof and inter-proof) information, thereby facilitating navigation. Second, we introduce generic heuristics for removing irrelevant parts of the derivations. Third, our heuristics do not require the complex machinery needed by second-generation explanation systems, but have a comparable quality.



	url = {}