Adapting the UCON_ABC Usage Control Policies on CORBASec Infrastructure

Authors:
Lau Cheuk Lung;Marcelo Shinji Higashiyama;Rafael R. Obelheiro;Joni da Silva Fraga
Affiliations:
Pontifical Catholic University of Parana, Brazil;Pontifical Catholic University of Parana, Brazil;Pontifical Catholic University of Parana, Brazil;Pontifical Catholic University of Parana, Brazil
Venue:
AINAW '07 Proceedings of the 21st International Conference on Advanced Information Networking and Applications Workshops - Volume 01
Year:
2007

Citing 0
Cited 1

Survey: Usage control in computer security: A survey

Computer Science Review

Quantified Score

Hi-index	0.00

Visualization

Abstract

The JaCoWeb-ABC infrastructure is an extension of the CORBASec specification that applies the UCON_ABC access control model to its security layer. JaCoWeb- ABC defines configurable access controls that deploy authorization, obligation and condition policies. These security policies can be defined in two different manners. The first one is totally transparent to applications, for cases where JaCoWeb-ABC has all the necessary information for the access decision process, and the second one works together with applications, in cases where security controls depend on external information that must be supplied by the application. Combining these two functionalities allows for a much more accurate and strict control over the actions of users within a system, making it possible to block access in case inappropriate behavior is identified.