Expressiveness of a Provenance-Enabled Authorization Logic Jinwei Hu, Huazhong University of Science and Technology, China

In distributed environments, access control decisions depend on statements of multiple agents rather thanonly one central trusted party. However, existing policy languages put few emphasis on authorizationprovenances. The capability of managing these provenances is important and useful in various securityareas such as computer auditing and authorization recycling. Based on our previously proposed logic, wepresent several case studies of this logic. By doing this, we show its expressiveness and usefulness insecurity arena.