Communicating sequential processes
Communications of the ACM
The Ponder Policy Specification Language
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
Towards Continuous Usage Control on Grid Computational Services
ICAS-ICNS '05 Proceedings of the Joint International Conference on Autonomic and Autonomous Systems and International Conference on Networking and Services
Uniform Application-level Access Control Enforcement of Organizationwide Policies
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Formal model and policy specification of usage control
ACM Transactions on Information and System Security (TISSEC)
Extendable and Adaptive Message-Level Security Enforcement Framework
ICNS '06 Proceedings of the International conference on Networking and Services
Proceedings of the 2008 ACM symposium on Information, computer and communications security
A general obligation model and continuity: enhanced policy enforcement engine for usage control
Proceedings of the 13th ACM symposium on Access control models and technologies
Towards secure and trusted collaboration environment for European public sector
COLCOM '07 Proceedings of the 2007 International Conference on Collaborative Computing: Networking, Applications and Worksharing
A flexible architecture for enforcing and composing policies in a service-oriented environment
DAIS'07 Proceedings of the 7th IFIP WG 6.1 international conference on Distributed applications and interoperable systems
On usage control for GRID systems
Future Generation Computer Systems
Usage control enforcement - a survey
ARES'11 Proceedings of the IFIP WG 8.4/8.9 international cross domain conference on Availability, reliability and security for business, enterprise and health information systems
Representation-Independent data usage control
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
| Hi-index | 0.00 |
In enterprise applications, regulatory and business policies are shifting their semantic from access to usage control requirements. The aim of such policies is to constrain the usage of groups of resources based on complex conditions that require not only state-keeping but also automatic reaction to state changes. We argue that these policies instantiate usage control requirements that can be enforced at the infrastructure layer. Extending a policy language that we prove equivalent to an enhanced version of the UCON model, we build on an instrumented message bus to enact these policies.