is responsible for a conflict, then it is not the case that
all its instances are also responsible for the conflict.
We distinguish two ways in which a formula can be
attacked:
• Weakly attacked: if only some instances of this for-
mula are attacked.
• Strongly attacked: if all instances are attacked.
We propose to redefine the safely supported relation
for first-order knowledge bases. The idea is that
a conclusion can be inferred from an inconsistent
knowledge base if the latter contains an argument that
supports this conclusion such that there is no strongly
attacked formula in this argument.
The counterpart of the safely supported inference is
as follows:
Definition 5 A formula (φ(x),i) is weakly attacked
if, there exists an instance x
k
such that, there exists
an argument of rank j for ¬φ(x
k
) such that j<i.
A formula (φ(x),i) is strongly attacked if, ∀x, there
exists an argument of rank j for ¬φ(x) such that j<
i.
Definition 6 A formula ψ is said to be a strongly con-
sequence of Σ, denoted by Σ
S
ψ, iff there exists an
argument A for ψ such that φ ∈ A, φ is weakly at-
tacked.
A formula ψ is said to be a weakly consequence of Σ,
denoted by Σ
W
ψ, iff there exists an argument A
for ψ such that φ ∈ A, φ is strongly attacked.
Example 3 Let us consider example 2. The subbase
B is the only argument for Is-permitted(Mary, read,
rec-JO) of rank 4. However, B contains the formula
R
16
which is weakly attacked by the argument C of
rank 3, for instance (s = Bob, α = read and,
o = rec
−
JO). Hence, Is-permitted(Mary, read, rec-
JO) is not a strongly consequence of Σ, i.e.
Σ
S
Is
−
permitted(Mary, read, rec
−
JO).
B does not contain any strongly attacked formula,
thus Is-permitted(Mary, read, rec-JO) is a weakly
consequence of Σ, i.e.
Σ
W
Is
−
permitted(Mary, read, rec
−
JO).
5 CONCLUSION
This paper proposed to equip the flexible access con-
trol system OrBAC with a conflict resolution module.
Two approaches, based on the argumentation reason-
ing, have been proposed. The argued consequence is
very intuitive. Indeed, it retains all available informa-
tion and suggests to select one or several arguments
which support or reject a permission or a prohibition
of access. However, this method is not entirely sat-
isfactory. Indeed, it can lead to undesirable conclu-
sions. This limitation is explained by the fact that one
argument may for instance contain pieces of informa-
tion which are directly involved in the inconsistency
of the knowledge base. The safely supported conse-
quence only delivers safe conclusions. However, this
method is not appropriate when dealing with incon-
sistent first-order knowledge bases. We showed how
to rephrase the safely supported relation in the frame-
work of first-order logic.
ACKNOWLEDGMENTS
This work is supported by the national ACI project
DESIRS.
REFERENCES
Abou El Kalam, A., El Baida, R., Balbiani, P., Benfer-
hat, S., Cuppens, F., Deswarte, Y., Mi`ege, A., Saurel,
C., and Trouessin, G. (2003). Organization based ac-
cess control. In 4th IEEE International Workshop on
Policies for Distributed Systems and Networks (Pol-
icy’03), pages 120–131. IEEE Computer.
Benferhat, S., Dubois, D., and Prade, H. (1995). How to
infer from inconsistent beliefs without revising? In
IJCAI’95, pages 1449–1455, Montr´eal, Canada. Mor-
gan Kaufmann.
Benferhat, S., Dubois, D., and Prade, H. (1997). Non-
monotonic reasoning, conditional objects and possi-
bility theory. Artificial Intelligence Journal, 92:259–
276.
Besnard, P. and Hunter, A. (2001). A logic-based theory of
deductive arguments. Artificial Intelligence, 128:203–
235.
Brewka, G. (1989). Preferred Subtheories: an extended log-
ical framework for default reasoning. In International
Joint Conference on Artificial Intelligence (IJCAI’89),
pages 1043–1048. Morgan Kaufmann Publishers.
Dung, P. M. (1993). On the acceptability of arguments and
its fundamental role in non-monotonic reasoning and
logic programming. In 13th International Joint Con-
ference on Artificial Intelligence (IJCAI’93), pages
852–857. Morgan Kaufmann Publishers.
Georgiadis, C., Mavridis, I., Pangalos, G., and Thomas, R.
(2001). Flexible Team-Based Access Control Using
Contexts. In 6th ACM Symposium on Access Control
Models and Technologies (SACMAT’01), pages 21–
27. ACM Press.
Sandhu, R., Coyne, E., Feinstein, H., and Youman, C.
(1996). Role-Based Access Control Models. IEEE
Computer, 29(2):38–47.
Wilikens, W., Feriti, S., and Masera, M. (2002). A context-
related authorization access control method based on
RBAC : a case study from the healthcare domain. In
7th ACM Symposium on Access Control Models and
Technologies (SACMAT’02). ACM Press.
ICEIS 2006 - INFORMATION SYSTEMS ANALYSIS AND SPECIFICATION
354