The temporal logic of reactive and concurrent systems
The temporal logic of reactive and concurrent systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
A temporal authorization model
CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security
Role-Based Access Control Models
Computer
An access control model supporting periodicity constraints and temporal reasoning
ACM Transactions on Database Systems (TODS)
An authorization model for temporal data
Proceedings of the 7th ACM conference on Computer and communications security
A lattice model of secure information flow
Communications of the ACM
A logical framework for reasoning about access control models
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
Lattice-Based Access Control Models
Computer
A Temporal Access Control Mechanism for Database Systems
IEEE Transactions on Knowledge and Data Engineering
Dependencies and separation of duty constraints in GTRBAC
Proceedings of the eighth ACM symposium on Access control models and technologies
Separation of Duty in Role-based Environments
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Obligation Monitoring in Policy Management
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
Using interval logics for temporal analysis of security protocols
Proceedings of the 2003 ACM workshop on Formal methods in security engineering
A compositional framework for access control policies enforcement
Proceedings of the 2003 ACM workshop on Formal methods in security engineering
A Generalized Temporal Role-Based Access Control Model
IEEE Transactions on Knowledge and Data Engineering
Provisions and obligations in policy management and security applications
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Secure information sharing enabled by Trusted Computing and PEI models
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
A usage-based authorization framework for collaborative computing systems
Proceedings of the eleventh ACM symposium on Access control models and technologies
Security analysis in role-based access control
ACM Transactions on Information and System Security (TISSEC)
Towards a VMM-based usage control framework for OS kernel integrity protection
Proceedings of the 12th ACM symposium on Access control models and technologies
A note on the formalisation of UCON
Proceedings of the 12th ACM symposium on Access control models and technologies
Toward a Usage-Based Security Framework for Collaborative Computing Systems
ACM Transactions on Information and System Security (TISSEC)
A general obligation model and continuity: enhanced policy enforcement engine for usage control
Proceedings of the 13th ACM symposium on Access control models and technologies
Model-based behavioral attestation
Proceedings of the 13th ACM symposium on Access control models and technologies
ACM Transactions on Information and System Security (TISSEC)
Modeling and Enforcing Advanced Access Control Policies in Healthcare Systems with Sectet
Models in Software Engineering
Logic-based Conflict Detection for Distributed Policies
Fundamenta Informaticae - Fundamentals of Software Engineering 2007: Selected Contributions
CRBAC: Imposing multi-grained constraints on the RBAC model in the multi-application environment
Journal of Network and Computer Applications
Towards movement-aware access control
SPRINGL '08 Proceedings of the SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS
StPowla: SOA, Policies and Workflows
Service-Oriented Computing - ICSOC 2007 Workshops
Integrating usage control with SIP-based communications
Journal of Computer Systems, Networks, and Communications
Remote Attestation of Attribute Updates and Information Flows in a UCON System
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Secure Interoperation in Multidomain Environments Employing UCON Policies
ISC '09 Proceedings of the 12th International Conference on Information Security
Specification and Enforcement of Static Separation-of-Duty Policies in Usage Control
ISC '09 Proceedings of the 12th International Conference on Information Security
Towards a Usage Control Policy Specification with Petri Nets
OTM '09 Proceedings of the Confederated International Conferences, CoopIS, DOA, IS, and ODBASE 2009 on On the Move to Meaningful Internet Systems: Part II
Towards a times-based usage control model
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Logic-based detection of conflicts in APPEL policies
FSEN'07 Proceedings of the 2007 international conference on Fundamentals of software engineering
Formalization of CTL* in calculus of inductive constructions
ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues
Monitoring security policies with metric first-order temporal logic
Proceedings of the 15th ACM symposium on Access control models and technologies
On usage control for GRID systems
Future Generation Computer Systems
Journal of Theoretical and Applied Electronic Commerce Research
TrustBus'10 Proceedings of the 7th international conference on Trust, privacy and security in digital business
Enforcing UCON policies on the enterprise service bus
OTM'10 Proceedings of the 2010 international conference on On the move to meaningful internet systems: Part II
Applying a usage control model in an operating system kernel
Journal of Network and Computer Applications
Model-driven development of adaptable service-oriented business processes
Rigorous software engineering for service-oriented systems
Formal enforcement and management of obligation policies
Data & Knowledge Engineering
On practical specification and enforcement of obligations
Proceedings of the second ACM conference on Data and Application Security and Privacy
Policy monitoring in first-order temporal logic
CAV'10 Proceedings of the 22nd international conference on Computer Aided Verification
A contextual attribute-based access control model
OTM'06 Proceedings of the 2006 international conference on On the Move to Meaningful Internet Systems: AWeSOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO, MONET - Volume Part II
ASRBAC: a security administration model for mobile autonomic networks (MAutoNets)
DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
A distributed authorization system with mobile usage control policies
EUROCAST'11 Proceedings of the 13th international conference on Computer Aided Systems Theory - Volume Part I
Implementation of access control model for distributed information systems using usage control
SIIS'11 Proceedings of the 2011 international conference on Security and Intelligent Information Systems
Survey: Usage control in computer security: A survey
Computer Science Review
Logic-based Conflict Detection for Distributed Policies
Fundamenta Informaticae - Fundamentals of Software Engineering 2007: Selected Contributions
Challenging issues of UCON in modern computing environments
Proceedings of the Fifth Balkan Conference in Informatics
Role approach in access control development with the usage control concept
CISIM'12 Proceedings of the 11th IFIP TC 8 international conference on Computer Information Systems and Industrial Management
On the automated analysis of safety in usage control: a new decidability result
NSS'12 Proceedings of the 6th international conference on Network and System Security
An Integrated Approach for the Enforcement of Contextual Permissions and Pre-Obligations
International Journal of Mobile Computing and Multimedia Communications
Towards purpose enforcement model for privacy-aware usage control policy in distributed healthcare
International Journal of Security and Networks
Proceedings of the 8th International Conference on Ubiquitous Information Management and Communication
Verification and enforcement of access control policies
Formal Methods in System Design
Hi-index | 0.00 |
The recent usage control model (UCON) is a foundation for next-generation access control models with distinguishing properties of decision continuity and attribute mutability. A usage control decision is determined by combining authorizations, obligations, and conditions, presented as UCONABC core models by Park and Sandhu. Based on these core aspects, we develop a formal model and logical specification of UCON with an extension of Lamport's temporal logic of actions (TLA). The building blocks of this model include: (1) a set of sequences of system states based on the attributes of subjects, objects, and the system, (2) authorization predicates based on subject and object attributes, (3) usage control actions to update attributes and accessing status of a usage process, (4) obligation actions, and (5) condition predicates based on system attributes. A usage control policy is defined as a set of temporal logic formulas that are satisfied as the system state changes. A fixed set of scheme rules is defined to specify general UCON policies with the properties of soundness and completeness. We show the flexibility and expressive capability of this formal model by specifying the core models of UCON and some applications.