On the modeling and analysis of obligations
Proceedings of the 13th ACM conference on Computer and communications security
Infrastructural Support for Enforcing and Managing Distributed Application-Level Policies
Electronic Notes in Theoretical Computer Science (ENTCS)
A general obligation model and continuity: enhanced policy enforcement engine for usage control
Proceedings of the 13th ACM symposium on Access control models and technologies
An obligation model bridging access control policies and privacy policies
Proceedings of the 13th ACM symposium on Access control models and technologies
Reaction Policy Model Based on Dynamic Organizations and Threat Context
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
An Extended Role-Based Access Control Model for Delegating Obligations
TrustBus '09 Proceedings of the 6th International Conference on Trust, Privacy and Security in Digital Business
An ontology-based approach to react to network attacks
International Journal of Information and Computer Security
Toward practical authorization-dependent user obligation systems
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Negotiating and delegating obligations
Proceedings of the International Conference on Management of Emergent Digital EcoSystems
On the management of user obligations
Proceedings of the 16th ACM symposium on Access control models and technologies
Formal enforcement and management of obligation policies
Data & Knowledge Engineering
Survey Paper: A survey on policy languages in network and security management
Computer Networks: The International Journal of Computer and Telecommunications Networking
On practical specification and enforcement of obligations
Proceedings of the second ACM conference on Data and Application Security and Privacy
A data sharing agreement framework
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Obligation language and framework to enable privacy-aware SOA
DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
Ensuring authorization privileges for cascading user obligations
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
Survey: Usage control in computer security: A survey
Computer Science Review
| Hi-index | 0.00 |
The use of policy-based mechanisms significantly reduces the complexity associated with applicational development and operation. In particular, history-based policies allow the system to base application access decisions on the evaluation of other actions executed in the past. Obligation-based policies enhance this concept with the possibility of enforcing that certain actions will be executed in the future. This is a necessary evolution because some semantics are either easier to express as obligations or cannot be specified using traditional authorization mechanisms. Currently, the absence of enforcement mechanisms for obligation-based policies imposes the implementation of ad-hoc functional constraints. This increases development time and introduces security vulnerabilities into the policy engine. We present a policy platform called Heimdall,1 which supports the definition and enforcement of obligation-based policies. A prototype implementation is described, together with an evaluation which denotes encouraging results.