The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
Formal model and policy specification of usage control
ACM Transactions on Information and System Security (TISSEC)
A note on the formalisation of UCON
Proceedings of the 12th ACM symposium on Access control models and technologies
A general obligation model and continuity: enhanced policy enforcement engine for usage control
Proceedings of the 13th ACM symposium on Access control models and technologies
Usage Control Enforcement: Present and Future
IEEE Security and Privacy
Concurrent Enforcement of Usage Control Policies
POLICY '08 Proceedings of the 2008 IEEE Workshop on Policies for Distributed Systems and Networks
A policy language for distributed usage control
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Modeling TCG-Based secure systems with colored petri nets
INTRUST'10 Proceedings of the Second international conference on Trusted Systems
Automatic information flow analysis of business process models
BPM'12 Proceedings of the 10th international conference on Business Process Management
Hi-index | 0.01 |
Access control aims at restricting access to resources instantly. However, in collaborative computing environments with shared resources and distributed right management systems more advanced controlling mechanisms are required. For example, the control of the usage of a resource may need to be continuous, obligations is required, and concurrency is an important aspect when different users use a shared resource. To overcome these shortcomings of traditional access control, usage control has been proposed and investigated recently. In this paper we introduce a new usage control policy specification. Beyond existing approaches, the novelty of our policy is threefold: first, the ability to integrate the functional and security aspects of the system, thus lending support to control system behavior continuously. Second, post obligation is supported in a way that a violation of any rule during the current usage session, or after it ends, can affect the decisions of future usages. Finally, concurrency rules are embodied in the policy model, thus concurrent usages by different users to shared resources are controlled.