Enhancing optimistic access controls with usage control

Authors:
Keshnee Padayachee;J. H. P. Eloff
Affiliations:
University of South Africa, School of Computing, Pretoria;Department of Computer Science, University of Pretoria, Pretoria
Venue:
TrustBus'07 Proceedings of the 4th international conference on Trust, Privacy and Security in Digital Business
Year:
2007

Citing 13
Cited 1

Computer security basics

Computer security basics
Role-Based Access Control Models

Computer
Security in computing

Security in computing
An initial assessment of aspect-oriented programming

Proceedings of the 21st international conference on Software engineering
Optimistic security: a new access control paradigm

Proceedings of the 1999 workshop on New security paradigms
Getting started with ASPECTJ

Communications of the ACM
A new dimension in access control: studying maintenance engineering across organizational boundaries

CSCW '02 Proceedings of the 2002 ACM conference on Computer supported cooperative work
Information Flow Control in Object-Oriented Systems

IEEE Transactions on Knowledge and Data Engineering
Security Through Aspect-Oriented Programming

Proceedings of the IFIP TC11 WG11.4 First Annual Working Conference on Network Security: Advances in Network and Distributed Systems Security
Role Locks to Prevent Illegal Information Flow among Objects

AINA '04 Proceedings of the 18th International Conference on Advanced Information Networking and Applications - Volume 2
An architecture for privacy-sensitive ubiquitous computing

Proceedings of the 2nd international conference on Mobile systems, applications, and services
Fine-Granularity Access Control in 3-Tier Laboratory Information Systems

IDEAS '05 Proceedings of the 9th International Database Engineering & Application Symposium
Uniform Application-level Access Control Enforcement of Organizationwide Policies

ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference

Computer-supported access control

ACM Transactions on Computer-Human Interaction (TOCHI)

Quantified Score

Hi-index	0.00

Visualization

Abstract

With the advent of agile programming, lightweight software processes are being favoured over the highly formalised approaches of the past. Likewise, access control may benefit from a less prescriptive approach with an increasing reliance on users to behave ethically. These ideals correlate with optimistic access controls. However, ensuring that users behave in a trustworthy manner may require more than optimistic access controls. This paper investigates the possibility of enhancing optimistic access controls with usage control to ensure that users conduct themselves in a trustworthy manner. Usage control enables finer-grained control over the usage of digital objects than do traditional access control policies and models. Further to ease the development and maintenance of usage control measures, it is posited that it is completely separated from the application logic by using aspect-oriented programming.