Argumentation for access control

In this paper we are interested in argument based reasoning for access control, for example in the context of agents negotiating access to resources or web services in virtual organizations. We use a logical framework which contains agents with objectives concerning access to a resource or provision of a service, including security objectives. The access control mechanism is described by a set of policy rules, that specify that access to a resource or service requires a specific set of credentials. Our contribution is a formalization of the reasoning about access control using a planning theory formalized in Dung's abstract argumentation framework. We build on Amgoud's argumentation framework for plan arguments, which is based on an adaptation of Dung's notion of defence. Our formal argumentation framework allows arguments about the backward derivation of plans from objectives and policy rules (abduction), as well as arguments about the forward derivation of goals from general objectives. We show that reasoning about the feasibility of goals requires mixed goal-plan arguments, and we show how to formalize the plan arguments in Dung's framework without adapting the notion of defence.