Towards usage control models: beyond traditional access control
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
A logical specification for usage control
Proceedings of the ninth ACM symposium on Access control models and technologies
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
| Hi-index | 0.00 |
In current trusted network connection (TNC) model, access decisions are generally made at the time of request but typically do not recognize ongoing controls for relative continuous access or for immediate revocation. We propose a new model named trusted network connection based on usage control (U-TNC), which combine TNC solutions with usage control (UCON) to achieve pre-authorization and ongoing-authorization network access control. Moreover, attribute mutability that deal with updates on related endpoint or resource/network attributes as a consequence of access have been presented. This property enable the system disconnect the endpoint whose attributes disagree with security policies in time, and is very important to invoke ongoing authorization. At the end, the paper shows how to use the model in E-commerce and gives a logic specification of the example.