A temporal authorization model
CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security
Logic-Based Reasoning on Delegatable Authorizations
ISMIS '02 Proceedings of the 13th International Symposium on Foundations of Intelligent Systems
A Policy Language for a Pervasive Computing Environment
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Originator Control in Usage Control
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Provisions and Obligations in Policy Rule Management
Journal of Network and Systems Management
Delegation in Distributed Systems: Challenges and Open Issues
DEXA '03 Proceedings of the 14th International Workshop on Database and Expert Systems Applications
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
Communications of the ACM - Privacy and security in highly dynamic systems
Audit-based compliance control
International Journal of Information Security
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
A policy language for distributed usage control
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Context-aware privacy design pattern selection
TrustBus'10 Proceedings of the 7th international conference on Trust, privacy and security in digital business
Deriving implementation-level policies for usage control enforcement
Proceedings of the second ACM conference on Data and Application Security and Privacy
A distributed authorization system with mobile usage control policies
EUROCAST'11 Proceedings of the 13th international conference on Computer Aided Systems Theory - Volume Part I
Survey: Usage control in computer security: A survey
Computer Science Review
Data usage control enforcement in distributed systems
Proceedings of the third ACM conference on Data and application security and privacy
Model-Based usage control policy derivation
ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
Hi-index | 0.00 |
Usage control is a generalization of access control that also addresses how data is handled after it is released. Controlling the future usage of data includes controlling the future distribution of data. The evolution of policies upon re-distribution must hence be defined. Intuitively, clients should only strengthen policies associated with a data item when they re-distribute it. We provide a role-based re-distribution model for usage control that encompasses strengthening both rights and duties. By introducing orderings for events and parameter values we show how both rights and duties can be strengthened with the traditional abstraction of trace inclusion.