Optimistic security: a new access control paradigm
Proceedings of the 1999 workshop on New security paradigms
Towards usage control models: beyond traditional access control
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Digital rights management for content distribution
ACSW Frontiers '03 Proceedings of the Australasian information security workshop conference on ACSW frontiers 2003 - Volume 21
Attestation-based policy enforcement for remote access
Proceedings of the 11th ACM conference on Computer and communications security
Peer-to-peer access control architecture using trusted computing technology
Proceedings of the tenth ACM symposium on Access control models and technologies
Towards Continuous Usage Control on Grid Computational Services
ICAS-ICNS '05 Proceedings of the Joint International Conference on Autonomic and Autonomous Systems and International Conference on Networking and Services
Communications of the ACM - Privacy and security in highly dynamic systems
Improving host security with system call policies
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
A technical architecture for enforcing usage control requirements in service-oriented architectures
Proceedings of the 2007 ACM workshop on Secure web services
Communications of the ACM - Organic user interfaces
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Security Enforcement Model for Distributed Usage Control
SUTC '08 Proceedings of the 2008 IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (sutc 2008)
A general obligation model and continuity: enhanced policy enforcement engine for usage control
Proceedings of the 13th ACM symposium on Access control models and technologies
Usage Control Enforcement: Present and Future
IEEE Security and Privacy
Enforcing "sticky" security policies throughout a distributed application
Proceedings of the 2008 workshop on Middleware security
On Usage Control for GRID Services
CSO '09 Proceedings of the 2009 International Joint Conference on Computational Sciences and Optimization - Volume 01
Policy Evolution in Distributed Usage Control
Electronic Notes in Theoretical Computer Science (ENTCS)
State-Based Usage Control Enforcement with Data Flow Tracking using System Call Interposition
NSS '09 Proceedings of the 2009 Third International Conference on Network and System Security
On usage control for GRID systems
Future Generation Computer Systems
The case for ubiquitous transport-level encryption
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Distributed data usage control for web applications: a social network implementation
Proceedings of the first ACM conference on Data and application security and privacy
Data-centric multi-layer usage control enforcement: a social network example
Proceedings of the 16th ACM symposium on Access control models and technologies
Implementing Trust in Cloud Infrastructures
CCGRID '11 Proceedings of the 2011 11th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing
Deriving implementation-level policies for usage control enforcement
Proceedings of the second ACM conference on Data and Application Security and Privacy
Augmenting the web with accountability
Proceedings of the 21st international conference companion on World Wide Web
Representation-Independent data usage control
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
Towards a policy enforcement infrastructure for distributed usage control
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Flexible Data-Driven Security for Android
SERE '12 Proceedings of the 2012 IEEE Sixth International Conference on Software Security and Reliability
A policy language for distributed usage control
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
| Hi-index | 0.00 |
Distributed usage control is concerned with how data may or may not be used in distributed system environments after initial access has been granted. If data flows through a distributed system, there exist multiple copies of the data on different client machines. Usage constraints then have to be enforced for all these clients. We extend a generic model for intra-system data flow tracking---that has been designed and used to track the existence of copies of data on single clients---to the cross-system case. When transferring, i.e., copying, data from one machine to another, our model makes it possible to (1) transfer usage control policies along with the data to the end of local enforcement at the receiving end, and (2) to be aware of the existence of copies of the data in the distributed system. As one example, we concretize "transfer of data" to the Transmission Control Protocol (TCP). Based on this concretized model, we develop a distributed usage control enforcement infrastructure that generically and application-independently extends the scope of usage control enforcement to any system receiving usage-controlled data. We instantiate and implement our work for OpenBSD and evaluate its security and performance.