Usage control model specification in XACML policy language

Authors:
Um-e-Ghazia;Rahat Masood;Muhammad Awais Shibli;Muhammad Bilal
Affiliations:
National University of Science and Technology, Islamabad, Pakistan;National University of Science and Technology, Islamabad, Pakistan;National University of Science and Technology, Islamabad, Pakistan;National University of Science and Technology, Islamabad, Pakistan
Venue:
CISIM'12 Proceedings of the 11th IFIP TC 8 international conference on Computer Information Systems and Industrial Management
Year:
2012

Citing 11
Cited 0

Towards usage control models: beyond traditional access control

SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
The UCONABC usage control model

ACM Transactions on Information and System Security (TISSEC)
A logical specification for usage control

Proceedings of the ninth ACM symposium on Access control models and technologies
An extended RBAC profile of XACML

Proceedings of the 3rd ACM workshop on Secure web services
Formal model and analysis of usage control

Formal model and analysis of usage control
Toward a Usage-Based Security Framework for Collaborative Computing Systems

ACM Transactions on Information and System Security (TISSEC)
A general obligation model and continuity: enhanced policy enforcement engine for usage control

Proceedings of the 13th ACM symposium on Access control models and technologies
Secure Interoperation in Multidomain Environments Employing UCON Policies

ISC '09 Proceedings of the 12th International Conference on Information Security
Access Control of Cloud Service Based on UCON

CloudCom '09 Proceedings of the 1st International Conference on Cloud Computing
Review: A survey on security issues in service delivery models of cloud computing

Journal of Network and Computer Applications
Survey: Usage control in computer security: A survey

Computer Science Review

Quantified Score

Hi-index	0.00

Visualization

Abstract

Usage control model (UCON) is one of the emerging and comprehensive attribute based access control model that has the ability of monitoring the continuous updates in a system making it better than the other models of access control. UCON is suitable for the distributed environment of grid and cloud computing platforms however the proper formulation of this model does not exist in literature in any policy specification standard. It is for this reason that UCON is not widely adopted as an access control model by industry, though research community is now paying attention to make standard policy specification for this model. In this paper we are suggesting the interpretation of UCON model in extensible access control markup language (XACML) which is an OASIS standard of access control policies. We also highlight UCON model features by explaining its core processes and characteristics with respect to the case study of financial application.