ACM SIGAda Ada Letters
The Anatomy of the Grid: Enabling Scalable Virtual Organizations
Euro-Par '01 Proceedings of the 7th International Euro-Par Conference Manchester on Parallel Processing
Distributed credential chain discovery in trust management
Journal of Computer Security
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
A Community Authorization Service for Group Collaboration
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Certificate-based authorization policy in a PKI environment
ACM Transactions on Information and System Security (TISSEC)
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
Using trust and risk in role-based access control policies
Proceedings of the ninth ACM symposium on Access control models and technologies
Towards Continuous Usage Control on Grid Computational Services
ICAS-ICNS '05 Proceedings of the Joint International Conference on Autonomic and Autonomous Systems and International Conference on Networking and Services
Formal model and policy specification of usage control
ACM Transactions on Information and System Security (TISSEC)
Toward Information Sharing: Benefit And Risk Access Control (BARAC)
POLICY '06 Proceedings of the Seventh IEEE International Workshop on Policies for Distributed Systems and Networks
Enforcing Access Control Using Risk Assessment
ECUMN '07 Proceedings of the Fourth European Conference on Universal Multiservice Networks
Toward a Usage-Based Security Framework for Collaborative Computing Systems
ACM Transactions on Information and System Security (TISSEC)
Security Policy Pre-evaluation towards Risk Analysis
ISA '08 Proceedings of the 2008 International Conference on Information Security and Assurance (isa 2008)
Using Trust and Risk in Access Control for Grid Environment
SECTECH '08 Proceedings of the 2008 International Conference on Security Technology
Risk-based access control systems built on fuzzy inferences
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Extending the globus architecture with role-based trust management
EUROCAST'07 Proceedings of the 11th international conference on Computer aided systems theory
Fine grained access control with trust and reputation management for globus
OTM'07 Proceedings of the 2007 OTM confederated international conference on On the move to meaningful internet systems: CoopIS, DOA, ODBASE, GADA, and IS - Volume Part II
Risk-Based Usage Control for Service Oriented Architecture
PDP '10 Proceedings of the 2010 18th Euromicro Conference on Parallel, Distributed and Network-based Processing
On usage control for GRID systems
Future Generation Computer Systems
Risk-Aware Usage Decision Making in Highly Dynamic Systems
ICIMP '10 Proceedings of the 2010 Fifth International Conference on Internet Monitoring and Protection
Globus toolkit version 4: software for service-oriented systems
NPC'05 Proceedings of the 2005 IFIP international conference on Network and Parallel Computing
Survey: Usage control in computer security: A survey
Computer Science Review
Usage control enforcement - a survey
ARES'11 Proceedings of the IFIP WG 8.4/8.9 international cross domain conference on Availability, reliability and security for business, enterprise and health information systems
From qualitative to quantitative enforcement of security policy
MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
| Hi-index | 0.00 |
In this paper we describe our general framework for usage control (UCON) enforcement on GRID systems. It allows both GRID services level enforcement of UCON as well as fine-grained one at the level of local GRID node resources. In addition, next to the classical checks for usage control: checks of conditions, authorizations, and obligations, the framework also includes trust and risk management functionalities. Indeed, we show how trust and risk issues naturally arise when considering usage control in GRID systems and services and how our architecture is flexible enough to accommodate both notions in a pretty uniform way.