*
Corresponding author: mkucherov@sfu-kras.ru
1 Introduction
By access control we understand methods or
mechanisms that decide whether requests to access some
resource should be granted or denied. For example,
operating systems need to control which users and
applications can read, write, or delete which files;
networks need to govern which packets can pass through
a physical or logical perimeter; and managers need to
control which employees can perform which workflows
within an organization.
We take responses of an access control system to be
the values ’T, F, Both, None’, according to Belnap logic.
The meaning of these values can be described as follows:
• An atomic sentence is stated to be true only (T),
• An atomic sentence is stated to be false only (F),
• An atomic sentence is stated to be both true and false,
for instance, by different sources, or in different points
of time (Both), and
• An atomic sentence status is unknown. That is, neither
true, nor false (None).
These values and their two orderings form a
distributive, interlaced bilattice [2, 3]. Thus, bilattice
FOUR2 has many convenient properties, for example: ∧
and ∨ distribute as in propositional logic, as do ⊗ and
⊕, and all these operators are also monotone to both the
information and logic orderings.
In this paper we extend use of multivalued logics for
dealing with incomplete and inconsistent information to
SIXTEEN3 [5, 10]. The five information levels, five
logical levels and five levels of falsity in trilattice of
sixteen truth values are arranged in three meet-
distributive lattices. One of the interesting observations
involves computation of ’an access is granted ∧ an
access is not rejectable’. The conclusion is based on the
rule that a conjunction is true if and only if both
conjuncts are true. Since there is no truth value such that
both an access is granted, and an access is not rejectable
has it, the result is the empty set.
Motivation. Imagine two access control policies, each
of which reports a Boolean representing whether an
access should be permitted or not. We can form four
possible sets by collecting the statements: {grant},
conflict − {grant, deny}, {deny}, and undefined {}. For
example, the set {grant, deny} arises when one policy
permits the access and the other denies it. The empty set
Trilattice-Based Access Control Models: How to Secure Current
Computer Network Mikhail
M. KUCHEROV*, NINA A. BOGULSKAYA
Siberian Federal University, School of Space and Information Technologies, 660074 26B
Kirenskogo Krasnoyarsk, RUSSIA
Abstract: Designing security, from the hardware level, is essential to ensure the integrity of the intelligent cyber-
physical infrastructure that is the Industrial Internet of Things (IIoT). If intelligent cyber-physical infrastructure
fails to do the right things because it is insecure and vulnerable, then there will be negative social consequences
[1]. Security is, in a sense, the access control to IIoT systems, which increasingly relies on the ability to compose
different policies. Therefore, the advantage in any framework for compiling policies is that it is intuitive, formal,
expressive, application-independent, as well as expandable to create domain-specific instances. Recently, such
a scheme was proposed based on Belnap logic FOUR2 [2]. Four values of the Belnap bilattice have been
interpreted as grant, deny, conflict, or unspecified with respect to access-control policy. Belnap's four-valued
logic has found a variety of applications in various fields, such as deductive database theory, distributed logic
programming, and other areas. However, it turns out that the truth order in FOUR2 is a truth-and-falsity order
at the same time [3]. The smallest lattice, where the orders of truth and falsity are independent of each other,
which is especially important for security policy, is that of Shramko-Wansing’s SIXTEEN3. This generalization
is well-motivated and leads from the bilattice FOUR2 with an information and a truth-and-falsity ordering to
another algebraic structure, namely the trilattice SIXTEEN3 with an information ordering together with a truth
ordering and a (distinct) falsity ordering. Based on SIXTEEN3 and new Boolean predicates to control access
[4], we define an expressive access-control policy language, having composition statements based on the
statements of Schramko-Wansing’s logic. Natural orderings on politics are obtained by independent lifting the
orders of truth and falsity of trilattice, which results in a query language in which conflict freedom analysis can
be developed. The reduction of formal verification of queries to that on predicates over access requests enables
to carry out policy analysis. We evaluate our approach through examples of control access model policy.
Keywords: access control, multivalued logic, computer network
Received: April 29, 2022. Revised: May 26, 2023. Accepted: June 25, 2023. Published: August 3, 2023.
WSEAS TRANSACTIONS on COMPUTERS
DOI: 10.37394/23205.2023.22.12
M. Kucherov, Nina A. Bogulskaya
E-ISSN: 2224-2872
98
Volume 22, 2023
{} arises when the access is outside the domain of both
policies. We can order these sets in two different ways.
If we order by the degree to which the access is
permitted, we have that {grant} is greatest and {deny} is
least. We can also order by the amount of information
we have obtained. In this ordering conflict is greatest and
undefined is least. We write ≤t for the truth ordering and
≤k for the knowledge (information) ordering.
But if we give formal definitions for the partial order
relations (≤k and ≤t), we get following [3]: The definition
of ≤k is very simple: for any x, y ∈ FOUR2, x ≤k y iff x ⊆
y. With the ≤t ratio, the situation is not so trivial. If we
define for each element of FOUR2 its "truth-containing
part" and "lie-containing part": xt := {z ∈ x | z = T}; xf
:= {z ∈ x | z = F}, then we can make sure that: x ≤t y iff xt
⊆ yt and yf ⊆ xf. This suggests that truth and lies in
Belnap's logic are not completely independent concepts:
Belnap's logic suggests that the very meaning of "lie" is
not only less true than the meaning of "truth," but also
the meaning of "neither truth, not a lie ".
Next consider the issue of access control policies
containing both “permit rules” and “deny rules”. A
permit rule returns true(+), if the access is granted, and
false(+), if the access is not granted (but not obligatorily
rejectable). Deny rules work symmetrically, i.e. return
true(−), if the access is denied, and false(−), if there is no
explicit denial (but is not granted). Much recent work on
access control has considered “permit rules”. However,
the logic of generalized truth values that comes with
trilattice SIXTEEN3 and the propositional language Ltf
allows to solve using “deny rules” many problems in the
most natural way. Moreover, if the three partial
orderings ≤t, ≤f, and ≤i are used to define orderings on
valuations, different kinds of non-monotonic inference
relations can be defined in terms of minimizing or
maximizing truth, falsity, or information.
Contributions. We consider equivalence between
different presentations of multivalued data, and obtain a
parametric expression for an access policy as a
combination of “permit rules” and “deny rules”. Since
the set SIXTEEN3 is the smallest multivalued lattice
having two independent orderings: in true and in falsity,
it is necessary to consider the presentation of access
models based on the SIXTEEN3. The role of falsity order
in consequence relations important for the control of
communication was determined distinctly, which
allowed to overcome shortcomings of the use of bilattice
FOUR2.
The rest of the paper is organized as follows. Related
work and statements from many-valued logic are
discussed in Section 2 and 3, respectively. The main
results of the paper are placed in Section 3– 8. The paper
ends with discussions in Section 9.
2 Related works
Already Aristotle was aware of the problem of future
contingencies. Łukasiewicz devised a three- valued
calculus whose third value,
1
2
, can be ’intermediate’ or
’neutral’ or ’indeterminate’ [6, 7].
Another three-valued logic, known as Kleene’s logic
is developed in [8] and has three truth values, truth,
unknown and false, where unknown indicates a state of
partial vagueness. These truth values represent the states
of a world that does not change.
The semantic characterization of a four-valued logic
for expressing practical deductive processes is presented
in [9]. In most information systems the management of
databases is not considered to include neither explicit nor
hidden inconsistencies. In real life situation information
often come from different contradicting sources. Thus,
different sources can provide inconsistent data while
deductive reasoning may result in hidden inconsistencies.
The idea in Belnap’s approach is to develop a logic that is
not dependable on inconsistencies.
Sixteen generalized truth values obtained as a power
set of the initial truth values of Belnap’s logic are
arranged in a trilattice [10].
Fuzzy logic is a form of multi-valued logic originally
studied by Łukasiewicz and Tarski [12] and later
popularized as logic of vagueness by Zadeh [13]. It is
based on replacing the standard set of Boolean truth
values with a different lattice, most often, like in the
present paper, the unit interval. Saying that a formula ϕ
has truth value r ∈ [0,1] then means that ϕ holds with
degree r, which would apply to typical vague
qualifications such as a given person being tall (in
contrast to assigning a probability p ∈ [0,1] to ϕ, which
would be read as saying that ϕ is either completely true
with probability p or completely false with probability 1
− p, as in ‘the die under the cup shows a 3 with
probability p’).
3 Meet-distributive lattices
Let P be a non-empty ordered set. If sup {x, y} and inf
{x, y} exist for all x, y ∈ P, then P is called a lattice [11].
A complete lattice is a partially ordered set in which all
subsets have both a supremum (join) and an infimum
(meet). A lattice L is meet-distributive if every coatomic
interval is Boolean. A billatice is a set equipped with two
partial orderings ≤t and ≤k.
The four truth values are arranged in a logical lattice
[2] on Figure 1. A logical conjunction and logical
disjunction are related to the meet operation and to the
join operation respectively.
Fig. 1. The Belnap bilattice: with synonyms for access
control decisions in parentheses.
WSEAS TRANSACTIONS on COMPUTERS
DOI: 10.37394/23205.2023.22.12
M. Kucherov, Nina A. Bogulskaya
E-ISSN: 2224-2872
99
Volume 22, 2023
Let us, for example, consider the following bounded
lattices: fuzzy data [14, 15, 16]: then C [0, 1] is the
infinite set of real numbers from 0 to 1. For any ground
atom r (d) ∈ H the p = I(r (d)) represents its plausibility.
The quantity p is determined as a closed subinterval
[17, 18, 19]: W = C [0, 1] is the set of all closed
subintervals. For any ground atom r (d) ∈ H the (L, U) =
Imv(r (d)) represents the lower and upper bounds for an
expert’s evaluation of r (d). The generalized truth-value
space has as a base a set I = (T, F, t, f) containing the
initial truth values: T − an access is granted,
( )
1,1 , 0,1
;
F − an access is denied,
( )
0,0 , 0,1
; t − an access is not
rejectable,
( )
0,1 , 0,0
, and f − an access is rejectable,
( )
0,1 , 1,1
. The power set P(I) gives sixteen values with
the presentation as closed subintervals in Table 1:
Table 1. Levels of trilattice SIXTEEN3.
Information
1
( )
0,1 , 0,1
2
( )
1,1 , 0,1
( )
0,0 , 0,1
( )
0,1 , 0,0
( )
0,1 , 1,1
3
( )
1,0 , 0,1
( )
1,1 , 0,0
( )
1,1 , 1,1
( )
0,0 , 0,0
( )
0,0 , 1,1
( )
0,1 , 1,0
4
( )
1,0 , 0,0
( )
1,0 , 1,1
( )
1,1 , 1,0
( )
0,0 , 1,0
5
( )
1,0 , 1,0
For example, {T, t} =
( )
1,1 , 0,1
i
( )
0,1 , 0,0
=
( )
1,1 , 0,0
.
The three partial orderings ≤i, ≤t, ≤f arrange elements
according to the possessed degree of information, truth
and falsity respectively. The ≤f is the falsity order:
‘falsity’ decreases if the access is granted. The sixteen
truth values are arranged in the falsity meet-distributive
lattice on Figure 2. The details relative to the three
partial orderings are shown in Appendix (Table 4).
Table 2. Policy language: the rp are access predicates,
and b {F, T}.
p::=([x,y],[z,v])
Policy
b if rp
Basic policy [2]
([1-y,1-x], [1-v,1-z])
Logical negation
([min {x, x1}, min {y, y1}],
[max {z, z1}, max {v, v1}])
Logical meet
([1-x,1-y], [1-z,1-v])
Falsity negation
([max {x, x1}, max {y, y1}],
[max {z, z1}, max {v, v1}])
Disjunction; p q
Fig. 2. Falsity meet-distributive lattice.
4 Policies
We take responses of an access control system to be the
values ([x,y],[z,v]) of the sixteen generalized truth values
space, which we write as SIXTEEN3. These values and
their three orderings form a distributive, interlaced
bilattice.
Consequence relations |=t and |=f are extensions of
implication to SIXTEEN3. For each logical order a
separate entailment relation between any sentences A, B
Ltf was defined in [20]:
A|=t B iff
( ) ( )
( )
16 16 16
t
v v A v B
, and
A|=f B iff
( ) ( )
( )
16 16 16
f
v v B v A
.
There it was proved that both of these restrictions
coincide in fact with Belnap’s four-valued logic.
Expression a b with a, b ∈ SIXTEEN3 yields b if a
is less or equal to T in the falsity ordering and yields T
otherwise. Table 2 gives the syntax of access control
policy language. Informally, an expression for every
access a:: = {(r(d), I(r(d))) | r(d) A, where A H} is
interpreted as a mapping from accesses to elements of
Ltf. If policy p produces result
on access a and policy q
produces result on a, then p ∧ q produces result ∧
on a. The other Belnap operators are similarly
interpreted on policies. The intuition behind these policy
operators is that:
• p denies an access iff p grants it (and vice versa)
• p ∧ q grants an access iff both p and q grant it, and
denies an access iff at least one of p and q denies it
• p ⊃ q grants an access iff p does not grant it or q does
grant it, and p ⊃ q denies an access if p grants it and q
denies it
• p ⊕ q grants (resp. denies) an access iff p or q grants
(resp. denies) it.
The only operator in the policy language not derived
from Belnap logic is the basic expression b if rp, where b
ranges over {F, T}, and rp is an access predicate.
Informally, the b if rp “rule” gives result b for an access
WSEAS TRANSACTIONS on COMPUTERS
DOI: 10.37394/23205.2023.22.12
M. Kucherov, Nina A. Bogulskaya
E-ISSN: 2224-2872
100
Volume 22, 2023
satisfying rp and gives result ⊥ otherwise. The idea is
that rp defines the domain of accesses covered by the
rule, so that ⊥ is produced on accesses outside of the
rule’s domain.
5 Queries
Properties about policies and their relationships can be
expressed as queries, propositional formulas in which
the atomic propositions concern the truth or falsity
ordering among policies. Table 3 gives the syntax for
queries.
Table 3. Query language: p and q range over policy
expressions.
,
::=
Query
p t q
Truth ordering
p f q
Falsity ordering
rpc (a,b) = ( a b)
Confidentiality
request
rpi (a,b) = (a b)
Integrity request
In [4], we defined expressions for basic policies in a
natural way, based on material implication, as a rigorous
expression of the information flow operator [21], as
logical formulas for some predicate query symbols:
− confidentiality request (Bell–LaPadula),
− integrity request (Biba),
where a − the class of confidentiality /integrity of
subject, and b – of object (a, b {0,1}).
6 Example for analysis
Access control refers to mechanism by which the access
of principals to resources is regulated, as can be seen in
the following example of the access referring to the
transport resources.
Generally, access control is implemented by an
authorization service, which includes an authorization
decision function (ADF) for deciding whether a user
request to access a resource should be permitted or not.
The output of ADF is usually determined by evaluating
the request with respect to authorization state (AS). The
authorization policy (AP), which is implemented by the
ADF, is to authorize a request if it is listed in the
authorization state [22].
A group of students of Institute of Space and
Information Technology in Krasnoyarsk is planning a
trip to see the Pillars Nature Sanctuary (Stolby).
Normally, it takes about one hour to get to the Right
Bank across the Yenisei River by car, but the students
know that no-one of locals needs to be told that
Kopylovski Bridge Expressway (KBE) is “the longest
parking lot”.
The students consult a traffic service, which
integrates information from several independent
information sources to provide traffic advisory along
various travel routes. They have a combination of
several sources. Let us assume that these sources are:
• weather forecast (rain, snow, fog);
• social activity;
• police activity;
• road reparation.
The service uses the following rules to generate
advisories:
If the weather is bad, and there is road reparation
along the route, the probability of a delay is 0.9.
If there is road reparation, and social activities along
the route, the likelihood of a delay is 0.8.
If there is road reparation, and police activities along
the route, the likelihood of a delay is 0.99.
These rules are expressed as levels of evaluation, as
[0.9, 1], [0.8, 1] and [0.99, 1]. The service generates
advisories expressed as the likelihood of delays along the
routes of interest (AS). Students do not want to miss the
excursion due to traffic, but they also have conference
deadlines and so do not want to leave too early.
They decide that if the advisory says that the
likelihood of delays is between 0.2 and 0.4, then they
add one extra hour to the trip time. If the likelihood is
between 0.4 and 0.6, then they add two hours, and if the
likelihood is over 0.6 then they take a river-train (AP). In
Section 8, we will return to this example and show that
our approach improves the quality of the advisory and
could have helped the students avoid unnecessary
trouble.
7 Combining answers
We can learn levels for compound events, which include
basic objects, having the values for basic objects [5].
7.1 Case 1: Independence
Since in the model an event can be true, false, or
unknown, (i.e., we are modeling knowledge and
competency independently) we have:
Cl1 (A t B) = ([xx1, yy1], [1− (1− z)(1− z1), 1−
(1−v)(1−v1)]).
Cl1 (A t B) = ([1−(1− x)(1− x1), 1− (1−y)(1−y1)], [zz1,
vv1]). (3)
7.2 Case 2: Positive correlation
Two events A and B are positively correlated if they
overlap as much as possible. One can obtain that the
solution can be shown to be
Cl2 (AtB)=([min{x,x1}, min{y, y1}], [max{z,z1},
max{v,v1}]).
Cl2 (AtB) =([max{ x,x1}, max{ y, y1}], [min{ z,z1},
min{ v,v1}]) (4)
WSEAS TRANSACTIONS on COMPUTERS
DOI: 10.37394/23205.2023.22.12
M. Kucherov, Nina A. Bogulskaya
E-ISSN: 2224-2872
101
Volume 22, 2023
8 Example for analysis (continued)
Returning to the example in Section 7, suppose that our
information sources predict 50% chance of bad weather,
parades with 50% certainty, roadwork along the
Kopylovski Bridge with certainty 80%, and police
activity with the probability of 40%. This information is
expressed in this way:
− roadwork (RW): ([0.8, 0.8], [0.2, 0.2]);
− social_act (SA): ([0.5, 0.5], [0.5, 0.5]);
− bad_weather (BW): ([0.5, 0.5], [0.5, 0.5]);
− police_act (PA): ([0.4, 0.4], [0.6, 0.6]).
The traffic service fetches the above information
from four different information sources and integrates
them independently using these rules as in Eq. (3):
− delay, if there are roadworks and bad weather, for
example:
Cl1 (RW t BW) =([0.90.80.5,0.80.5], [0.6,0.64]).
Eventually, one can obtain
Cl1 (RW t BW) = ([0.36, 0.4], [0.6,0.64]) (5)
− delay, if there are roadworks and the marathon:
Cl1 (RW t SA) = ([0.32, 0.4], [0.6,0.68]) (6)
If there are road works and traffic accident:
Cl1 (RW t PA) = ([0.32,0.32], [0.68,0.68]) (7)
Using the second rule of Eq. (3) one can obtain from
Eqs. (5) and (6):
Cltot [(RW t BW) t (RW t SA)] = ([0.56,0.64],
[0.36, 0.44]). (8)
Adding Eq. (7) one has finally:
([0.7, 0.76], [0.24, 0.3]) (9)
When correlation is not considered, the evaluation of
delay (KBE) is [0.36, 1], which means that the available
information predicts traffic delay with certainty 0.36 and
smooth traffic with certainty [0, 0.64]. Considering the
possibilities of parades and accidents, it is reasonable to
up the expectation of delays.
In contrast, our method computes the confidence
level for traffic delays to be [0.7,0.76], which is
narrower then the certainty factor according Belief Logic
Programming theory [0.63,1] [23]. Thus, we see that the
theory can predict better expert’s evaluation of the
combined information.
9 Discussions
In fact, Belnap’s interpretation suits perfectly well when
applied to a single computer. In addition, it presupposes
that this computer receives information from classical
sources, i.e., from sources which can operate exclusively
with classical truth values (T, F). And it appears that
Belnap’s interpretation cannot adequately be applied
when we deal not just with one computer but with
several interconnected computers, i.e., a computer
network. Indeed, consider four Belnap computers (C1,
C2, C3, C4) connected to some central computer (С’1), a
server, to which they are supposed to supply information
(Figure 3). Incidentally, it is interesting to observe that if
we wish to extend our network and connect our server to
some “higher” computer (С’’1), then generalized truth
values of the third order (the set P (SIXTEEN3) comes
into question (and so on).
Fig. 3. Computer network.
Apparently, we should stop at the 16-digit logic, for
example, such as SIXTEEN3. If we look at the set
SIXTEEN3 and consider its algebraic structure, it turns
out that within the framework of this set it is possible to
make an effective distinction between the increase in the
truth of the facts and the decrease of their falsity, and
therefore one can determine the order in truth and the
falsity order as two different and mutually independent
orders [3]. Since the set SIXTEEN3 is the smallest
multivalued lattice having this property, it is necessary to
refer to the presentation of access models based on the
SIXTEEN3.
In conclusion, we extend a formal framework for
authorization policies based on trilattice SIXTEEN3; all
possible complex patterns for base policies are supported
in the presence of conflict or lack of information; and
authorization state and policy specifications are cleanly
separated. Policy composition is achieved through
combination modes (independence, positive correlation,
etc.), that is familiar in the theory of deductive databases.
They are formally analyzable and functionally complete
for policy coordination. The parameterized method not
only helps on analysis of policies, but these types and
their analysis can also certify in the future investigations
important run-time behavior of policy evaluation.
Appendix
A.1 The algebra of confidence levels
We shall establish the structure and properties of
trilattices here, which is used in previous sections.
Definition 1. Denote by C [0,1] the set of all closed
subintervals over [0,1]. Consider the set Cc =def C [0,1]
WSEAS TRANSACTIONS on COMPUTERS
DOI: 10.37394/23205.2023.22.12
M. Kucherov, Nina A. Bogulskaya
E-ISSN: 2224-2872
102
Volume 22, 2023
C [0,1]. We denote the elements of Cc as ([x, y][z, v]).
Define the following orders on this set. Let ([x, y][z, v]),
([x1, y1][z1, v1]) be any two elements of Cc.
([x, y][z, v]) t ([x1, y1][z1, v1]) iff x x1, y y1 and z1 z, v1 v
([x, y][z, v]) f ([x1, y1][z1, v1]) iff x x1, y y1 and z z1, v v1
([x, y][z, v]) i ([x1, y1][z1, v1]) iff x x1, y1 y and z z1, v1 v
Definition 2. Let Cc, t, f, i be as defined in Definition
1. Then the meet and join corresponding to the truth,
falsity and knowledge (information) orders are defined
as follows. The symbols and denote meet and join,
and the subscripts t, f, and i represent truth, falsity, and
information (knowledge), respectively.
1. ([x, y][z, v]) t ([x1, y1][z1, v1]) =
([min{x, x1}, min{y, y1}], [max{z, z1}, max{v, v1}])
2. ([x, y][z, v]) t ([x1, y1][z1, v1]) =
([max{x, x1}, max{y, y1}], [min{z, z1}, min{v, v1}])
3. ([x, y][z, v]) f ([x1, y1][z1, v1]) =
([min{x, x1}, min{y, y1}], [min{z, z1}, min{v, v1}])
4. ([x, y][z, v]) f ([x1, y1][z1, v1]) =
([max{x, x1}, max{y, y1}], [max{z, z1}, max{v, v1}])
5. ([x, y][z, v]) i ([x1, y1][z1, v1]) =
([min{x, x1}, max{y, y1}], [min{z, z1}, max{v, v1}])
6. ([x, y][z, v]) i ([x1, y1][z1, v1]) =
([max{x, x1}, min{y, y1}], [max{z, z1}, min{v, v1}])
The top and bottom elements with respect to the various orders
are as follows.
Table 4. Bounds relative to the three partial orderings.
Top value
Bottom value
Тt =
( )
1,1 , 0,0
⊥t =
( )
0,0 , 1,1
Тf =
( )
0,0 , 0,0
⊥f =
( )
1,1 , 1,1
Тi =
( )
1,0 , 1,0
⊥i =
( )
0,1 , 0,1
Тt corresponds to {T, t}, ⊥t corresponds to {F, f}.
Тf corresponds to {F, t}, ⊥f corresponds to {T, f}.
Тi corresponds to {TF, tf}, ⊥i corresponds to { }.
References
[1]. S. Older, Shiu-Kai Chin, IEEE Security & Privacy, 10(6),
74 (2012)
[2]. G. Bruns, M. Huth, 2008 21st IEEE Computer Security
Foundations Symposium(CSF), 163 (2008)
[3]. Y. Shramko, H. Wansing, JPL, 34, 121 (2005)
[4]. M.M. Kucherov, N.A. Bogulskaya, ACM International
Conference on Cryptography, Security and Privacy
(ICCSP ’17), 131 (2017)
[5]. L. V. S. Lakshmanan, N. Shiri, IEEE Trans. on
Knowledge and Data Engineering, 13(4), 554 (2001)
[6]. J. Łukasiewicz, On Three-Valued Logic. Ruch
Filozoficzny, 5, 170 (1920), English translation in
Borkowski, L. (ed.) 1970. Jan Łukasiewicz, Selected
Works (Amsterdam: North Holland,1920)
[7]. K.M. Sim, Artificial Intelligence Review, 15(3), 219
(2001)
[8]. S. Kleene, Introduction to Metamathematics (D. Van
Nostrand Co., Inc., New York, N. Y. 1952)
[9]. N.J. Belnap, In Contemporary Aspects of Philosophy
(Proceedings of the Oxford International Symposia,
Oxford, GB, 30, 1975)
[10]. Y. Shramko, J. M. Dunn and T. Takenaka, JLC, 11(6),
761 (2001)
[11]. G.Grätzer, Lattice Theory: Foundation (Springer Science
& Business Media, Berlin/Heidelberg, Germany, 1998)
[12]. J. Łukasiewicz and A. Tarski, Comptes rendus des séances
de la Société des Sciences et des Lettres de Varsovie,
Classe III, 23, 1 (1930)
[13]. L. Zadeh, Inf. Control, 8, 338 (1965)
[14]. P.Hájek, Metamathematics of fuzzy logic (Trends in
Logic, 4, Kluwer Academic Publishers, Dodrecht, 1998)
[15]. M.Zemankova and A.Kandel, Information Sciences, 37,
107 (1985)
[16]. D.Dubois and H.Prade, In Possibility Theory: An
Approach to Computerized Processing of Uncertainty
(New York and London: Plenum Press, 6, 217, 1989)
[17]. M.Kifer and A.Li, 2nd Intl. Conference on Database
Theory, Bruges, Belgium: Spinger Verlag, LNCS 326,
102 (1988)
[18]. R.T.Ng and V.S.Subrahmanian, Information and
Computation, 101(2), 150 (1992)
[19]. V.S.Lakshmanan, N.Leone, R.Ross, and V.S. Subrahman-
ian, ACM Trans. Database Systems, 419 (1997)
[20]. S.P. Odintsov, H.Wansing, Stud Logica, 103, 91 (2015)
[21]. D. E. Denning, CACM, 19(5), 236 (1976)
[22]. J. Crampton, M. Huth, NordSec'10 Proceedings of the
15th Nordic conference on Information Security
Technology for Applications, 155 (2010)
[23]. H. Wan, M. Kifer, LPNMR 2009, 316 (2010)
WSEAS TRANSACTIONS on COMPUTERS
DOI: 10.37394/23205.2023.22.12
M. Kucherov, Nina A. Bogulskaya
E-ISSN: 2224-2872
103
Volume 22, 2023
Contribution of Individual Authors to the
Creation of a Scientific Article (Ghostwriting
Policy)
The authors equally contributed in the present
research, at all stages from the formulation of the
problem to the final findings and solution.
Sources of Funding for Research Presented in a
Scientific Article or Scientific Article Itself
No funding was received for conducting this study.
Conflict of Interest
The authors have no conflicts of interest to declare
that are relevant to the content of this article.
Creative Commons Attribution License 4.0
(Attribution 4.0 International, CC BY 4.0)
This article is published under the terms of the
Creative Commons Attribution License 4.0
https://creativecommons.org/licenses/by/4.0/deed.en
_US
