A temporal authorization model
CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security
An access control model supporting periodicity constraints and temporal reasoning
ACM Transactions on Database Systems (TODS)
An authorization mechanism for a relational database system
ACM Transactions on Database Systems (TODS)
XML document security based on provisional authorization
Proceedings of the 7th ACM conference on Computer and communications security
Maintaining knowledge about temporal intervals
Communications of the ACM
A lattice model of secure information flow
Communications of the ACM
Protecting web servers from distributed denial of service attacks
Proceedings of the 10th international conference on World Wide Web
TRBAC: A temporal role-based access control model
ACM Transactions on Information and System Security (TISSEC)
An authorization model for temporal and derived data: securing information portals
ACM Transactions on Information and System Security (TISSEC)
A Temporal Access Control Mechanism for Database Systems
IEEE Transactions on Knowledge and Data Engineering
Role Hierarchies and Constraints for Lattice-Based Access Controls
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
Access Control: The Neglected Frontier
ACISP '96 Proceedings of the First Australasian Conference on Information Security and Privacy
ACM SIGOPS Operating Systems Review
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
A logical specification for usage control
Proceedings of the ninth ACM symposium on Access control models and technologies
A compositional framework for access control policies enforcement
Proceedings of the 2003 ACM workshop on Formal methods in security engineering
A Generalized Temporal Role-Based Access Control Model
IEEE Transactions on Knowledge and Data Engineering
Formal model and policy specification of usage control
ACM Transactions on Information and System Security (TISSEC)
Protection: principles and practice
AFIPS '72 (Spring) Proceedings of the May 16-18, 1972, spring joint computer conference
Survey: Usage control in computer security: A survey
Computer Science Review
Implementing erasure policies using taint analysis
NordSec'10 Proceedings of the 15th Nordic conference on Information Security Technology for Applications
Hi-index | 0.00 |
Modern information systems require temporal and privilege-consuming usage of digital objects. To meet these requirements, we present a new access control model-Times-based Usage Control (TUCON). TUCON extends traditional and temporal access control models with times-based usage control by defining the maximum times that a privilege can be exercised. When the usage times of a privilege is consumed to zero or the time interval of the usage is expired, the privilege exercised on the object is automatically revoked by the system. Formal definitions of TUCON actions and rules are presented in this paper, and the implementation of TUCON is discussed.