Challenging issues of UCON in modern computing environments

Authors:
Christos Grompanopoulos;Ioannis Mavridis
Affiliations:
University of Macedonia, Thessaloniki, Greece;University of Macedonia, Thessaloniki, Greece
Venue:
Proceedings of the Fifth Balkan Conference in Informatics
Year:
2012

Citing 13
Cited 0

Role-Based Access Control Models

Computer
Towards usage control models: beyond traditional access control

SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Access Control: Policies, Models, and Mechanisms

FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Protection

ACM SIGOPS Operating Systems Review
Models, Protocols, and Architectures for Secure Pervasive Computing: Challenges and Research Directions

PERCOMW '04 Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops
The UCONABC usage control model

ACM Transactions on Information and System Security (TISSEC)
A logical specification for usage control

Proceedings of the ninth ACM symposium on Access control models and technologies
Formal model and policy specification of usage control

ACM Transactions on Information and System Security (TISSEC)
Security and Privacy Challenges in Open and Dynamic Environments

Computer
A note on the formalisation of UCON

Proceedings of the 12th ACM symposium on Access control models and technologies
Toward a Usage-Based Security Framework for Collaborative Computing Systems

ACM Transactions on Information and System Security (TISSEC)
Towards Differentiated Utilization of Attribute Mutability for Access Control in Ubiquitous Computing

PCI '10 Proceedings of the 2010 14th Panhellenic Conference on Informatics
Survey: Usage control in computer security: A survey

Computer Science Review

Quantified Score

Hi-index	0.00

Visualization

Abstract

Usage CONtrol (UCON) is a next generation access control model enhanced with capabilities presented in trust and digital rights management. However, modern computing environments are usually introducing complex usage scenarios. Such a complexity results in involving a large number of entities and in utilizing multi party contextual information during the decision making process of a particular usage. Moreover, usage control is demanded to support novel access modes on single or composite resources, while taking into account new socio-technical abstractions and relations. In this paper, a number of challenging issues faced when UCON is applied in modern computing environments are highlighted through the utilization of representative usage scenarios. The results of this study are revealing various limitations in contextual information handling, lack to support complicated usage modes of subjects on objects, and weaknesses in utilizing information concerning previous or current usages of system resources.