The schematic protection model: its definition and analysis for acyclic attenuating schemes
Journal of the ACM (JACM)
Role-Based Access Control Models
Computer
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
A Linear Time Algorithm for Deciding Subject Security
Journal of the ACM (JACM)
On the decidability of accessibility problems (extended abstract)
STOC '00 Proceedings of the thirty-second annual ACM symposium on Theory of computing
A lattice model of secure information flow
Communications of the ACM
Protection in operating systems
Communications of the ACM
Practical safety in flexible access control models
ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Introduction to the Theory of Computation: Preliminary Edition
Introduction to the Theory of Computation: Preliminary Edition
Safety Analysis of the Dynamic-Typed Access Matrix Model
ESORICS '00 Proceedings of the 6th European Symposium on Research in Computer Security
Decidability of Safety in Graph-Based Models for Access Control
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
A logical specification for usage control
Proceedings of the ninth ACM symposium on Access control models and technologies
Security analysis in role-based access control
Proceedings of the ninth ACM symposium on Access control models and technologies
Remote Attestation of Attribute Updates and Information Flows in a UCON System
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Scalable remote attestation with privacy protection
INTRUST'09 Proceedings of the First international conference on Trusted Systems
Survey: Usage control in computer security: A survey
Computer Science Review
On the automated analysis of safety in usage control: a new decidability result
NSS'12 Proceedings of the 6th international conference on Network and System Security
Verification and enforcement of access control policies
Formal Methods in System Design
| Hi-index | 0.00 |
The usage control (UCON) model was introduced as a unified approach to capture a number of extensions for traditional access control models. While the policy specification flexibility and expressive power of this model have been studied in previous work, as a related and fundamental problem, the safety analysis of UCON has not been explored. This paper presents two fundamental safety results for UCONA, a sub-model of UCON only considering authorizations. In UCONA, an access control decision is based on the subject and/or the object attributes, which can be changed as the side-effects of using the access right, resulting in possible changes to future access control decisions. Hence the safety question in UCONA is all the more pressing since every access can potentially enable additional permissions due to the mutability of attributes in UCON. In this paper, first we show that the safety problem is in general undecidable. Then, we show that a restricted form of UCONA with finite attribute value domains and acyclic attribute creation relation has a decidable safety property. The decidable model maintains good expressive power as shown by specifying an RBAC system with a specific user-role assignment scheme and a DRM application with consumable rights.