The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Ensuring integrity by adding obligations to privileges
ICSE '85 Proceedings of the 8th international conference on Software engineering
ICSE '81 Proceedings of the 5th international conference on Software engineering
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
Obligation Policies: An Enforcement Platform
POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
Policy Analysis for Administrative Role Based Access Control
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
On the modeling and analysis of obligations
Proceedings of the 13th ACM conference on Computer and communications security
POLICY '07 Proceedings of the Eighth IEEE International Workshop on Policies for Distributed Systems and Networks
Privacy-aware role based access control
Proceedings of the 12th ACM symposium on Access control models and technologies
A general obligation model and continuity: enhanced policy enforcement engine for usage control
Proceedings of the 13th ACM symposium on Access control models and technologies
An obligation model bridging access control policies and privacy policies
Proceedings of the 13th ACM symposium on Access control models and technologies
Toward practical authorization-dependent user obligation systems
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Failure Feedback for User Obligation Systems
SOCIALCOM '10 Proceedings of the 2010 IEEE Second International Conference on Social Computing
A data sharing agreement framework
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Obligation language and framework to enable privacy-aware SOA
DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
Obligations and their interaction with programs
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
A policy language for distributed usage control
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Formal enforcement and management of obligation policies
Data & Knowledge Engineering
Ensuring authorization privileges for cascading user obligations
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
The specification and compilation of obligation policies for program monitoring
Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security
Proceedings of the 18th ACM symposium on Access control models and technologies
Hi-index | 0.01 |
This paper is part of a project investigating authorization systems that assign obligations to users. We are particularly interested in obligations that require authorization to be performed and that, when performed, may modify the authorization state. In this context, a user may incur an obligation she is unauthorized to perform. Prior work has introduced a property of the authorization system state that ensures users will be authorized to fulfill their obligations. We call this property accountability because users that fail to perform authorized obligations are accountable for their non-performance. While a reference monitor can mitigate violations of accountability, it cannot prevent them entirely. This paper presents techniques to be used by obligation system managers to restore accountability. We introduce several notions of dependence among pending obligations that must be considered in this process. We also introduce a novel notion we call obligation pool slicing, owing to its similarity to program slicing. An obligation pool slice identifies a set of obligations that the administrator may need to consider when applying strategies proposed here for restoring accountability. The paper also presents the system architecture of an authorization system that incorporates obligations that can require and affect authorizations.