SASI enforcement of security policies: a retrospective
Proceedings of the 1999 workshop on New security paradigms
Possibilistic Definitions of Security - An Assembly Kit
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
A logical specification for usage control
Proceedings of the ninth ACM symposium on Access control models and technologies
Efficient monitoring of safety properties
International Journal on Software Tools for Technology Transfer (STTT) - Special section on tools and algorithms for the construction and analysis of systems
RIFLE: An Architectural Framework for User-Centric Information-Flow Security
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
Labels and event processes in the asbestos operating system
Proceedings of the twentieth ACM symposium on Operating systems principles
ATC'07 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Quantitative information flow as network flow capacity
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
Securing distributed systems with information flow control
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
Usage Control Enforcement: Present and Future
IEEE Security and Privacy
Ponder2 - A Policy Environment for Autonomous Pervasive Systems
POLICY '08 Proceedings of the 2008 IEEE Workshop on Policies for Distributed Systems and Networks
Enforcing DRM policies across applications
Proceedings of the 8th ACM workshop on Digital rights management
The Power of Events: An Introduction to Complex Event Processing in Distributed Enterprise Systems
RuleML '08 Proceedings of the International Symposium on Rule Representation, Interchange and Reasoning on the Web
Native Client: A Sandbox for Portable, Untrusted x86 Native Code
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
Security Monitor Inlining for Multithreaded Java
Genoa Proceedings of the 23rd European Conference on ECOOP 2009 --- Object-Oriented Programming
Electronic Notes in Theoretical Computer Science (ENTCS)
International Journal of Information Security
State-Based Usage Control Enforcement with Data Flow Tracking using System Call Interposition
NSS '09 Proceedings of the 2009 Third International Conference on Network and System Security
Garm: cross application data provenance and policy enforcement
HotSec'09 Proceedings of the 4th USENIX conference on Hot topics in security
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Enforcing UCON policies on the enterprise service bus
OTM'10 Proceedings of the 2010 international conference on On the move to meaningful internet systems: Part II
Distributed data usage control for web applications: a social network implementation
Proceedings of the first ACM conference on Data and application security and privacy
Data-centric multi-layer usage control enforcement: a social network example
Proceedings of the 16th ACM symposium on Access control models and technologies
Implementing Trust in Cloud Infrastructures
CCGRID '11 Proceedings of the 2011 11th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing
A policy language for distributed usage control
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Deriving implementation-level policies for usage control enforcement
Proceedings of the second ACM conference on Data and Application Security and Privacy
Towards a policy enforcement infrastructure for distributed usage control
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Data usage control enforcement in distributed systems
Proceedings of the third ACM conference on Data and application security and privacy
Model-Based usage control policy derivation
ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
On quantitative dynamic data flow tracking
Proceedings of the 4th ACM conference on Data and application security and privacy
| Hi-index | 0.00 |
Usage control is concerned with what happens to data after access has been granted. In the literature, usage control models have been defined on the grounds of events that, somehow, are related to data. In order to better cater to the dimension of data, we extend a usage control model by the explicit distinction between data and representation of data. A data flow model is used to track the flow of data in-between different representations. The usage control model is then extended so that usage control policies can address not just one single representation (e.g., delete file1.txt after thirty days) but rather all representations of the data (e.g., if file1.txt is a copy of file2.txt, also delete file2.txt). We present three proof-of-concept implementations of the model, at the operating system level, at the browser level, and at the X11 level, and also provide an ad-hoc implementation for multi-layer enforcement.