Enforcing DRM policies across applications
Proceedings of the 8th ACM workshop on Digital rights management
Applying a usage control model in an operating system kernel
Journal of Network and Computer Applications
Usage control enforcement - a survey
ARES'11 Proceedings of the IFIP WG 8.4/8.9 international cross domain conference on Availability, reliability and security for business, enterprise and health information systems
Survey: Usage control in computer security: A survey
Computer Science Review
FAST'11 Proceedings of the 8th international conference on Formal Aspects of Security and Trust
Dynamic anomaly detection for more trustworthy outsourced computation
ISC'12 Proceedings of the 15th international conference on Information Security
Data usage control enforcement in distributed systems
Proceedings of the third ACM conference on Data and application security and privacy
Verification and enforcement of access control policies
Formal Methods in System Design
Hi-index | 0.00 |
Recently proposed usage control concept and models extend traditional access control models with features for contemporary distributed computing systems, including continuous access control in dynamic computing environments where subject attributes and system states can be changed. Particularly, this is very useful in specifying security requirements to control the usage of an object after it is released into a distributed environment, which is regarded as one of the fundamental security issues in many distributed systems. However, the enabling technology for usage control is a challenging problem and the space has not been fully explored yet. In this paper we identify the general requirements of a trusted usage control enforcement in heterogeneous computing environments, and then propose a general platform architecture and enforcement mechanism by following these requirements. According to our usage control requirements, we augment the traditional SELinux MAC enforcement mechanism by considering subject/object integrity and environmental information. The result shows that our framework is effective in practice and can be seen as a general solution for usage control in distributed and pervasive computing environments with widely deployed trusted computing technologies on various computing devices.