A Trustworthy Usage Control Enforcement Framework

Authors:
Ricardo Neisse;Alexander Pretschner;Valentina Di Giacomo
Affiliations:
Information Systems Quality ISQ, Fraunhofer IESE, Kaiserslautern, Germany;Department of Computer Science, TU München, Garching, Germany;Engineering Ingegneria Informatica, Rome, Italy
Venue:
International Journal of Mobile Computing and Multimedia Communications
Year:
2013

Citing 15
Cited 0

Temporal Logic with Forgettable Past

LICS '02 Proceedings of the 17th Annual IEEE Symposium on Logic in Computer Science
Real-time programming and asynchronous message passing

PODC '83 Proceedings of the second annual ACM symposium on Principles of distributed computing
The UCONABC usage control model

ACM Transactions on Information and System Security (TISSEC)
Efficient monitoring of safety properties

International Journal on Software Tools for Technology Transfer (STTT) - Special section on tools and algorithms for the construction and analysis of systems
Improving host security with system call policies

SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Mechanisms for usage control

Proceedings of the 2008 ACM symposium on Information, computer and communications security
A general obligation model and continuity: enhanced policy enforcement engine for usage control

Proceedings of the 13th ACM symposium on Access control models and technologies
Ponder2 - A Policy Environment for Autonomous Pervasive Systems

POLICY '08 Proceedings of the 2008 IEEE Workshop on Policies for Distributed Systems and Networks
The Power of Events: An Introduction to Complex Event Processing in Distributed Enterprise Systems

RuleML '08 Proceedings of the International Symposium on Rule Representation, Interchange and Reasoning on the Web
On Regular Temporal Logics with Past,

ICALP '09 Proceedings of the 36th Internatilonal Collogquium on Automata, Languages and Programming: Part II
Distributed data usage control for web applications: a social network implementation

Proceedings of the first ACM conference on Data and application security and privacy
Implementing Trust in Cloud Infrastructures

CCGRID '11 Proceedings of the 2011 11th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing
A Trustworthy Usage Control Enforcement Framework

ARES '11 Proceedings of the 2011 Sixth International Conference on Availability, Reliability and Security
An overview of the MOP runtime verification framework

International Journal on Software Tools for Technology Transfer (STTT) - Runtime Verification
A policy language for distributed usage control

ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Usage control policies specify restrictions on the handling of data after access has been granted. The authors present the design and implementation of a framework for enforcing usage control requirements and demonstrate its genericity by instantiating it to two different levels of abstraction, those of the operating system and an enterprise service bus. This framework consists of a policy language, an automatic conversion of policies into enforcement mechanisms, and technology implemented on the grounds of trusted computing technology that makes it possible to detect tampering with the infrastructure. The authors show how this framework can, among other things, be used to enforce separation-of-duty policies. The authors provide a performance analysis.