A unified framework for enforcing multiple access control policies
SIGMOD '97 Proceedings of the 1997 ACM SIGMOD international conference on Management of data
CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Policy-directed certificate retrieval
Software—Practice & Experience
Towards usage control models: beyond traditional access control
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Certificate chain discovery in SPKI?SDSI
Journal of Computer Security
A logical framework for reasoning about access control models
ACM Transactions on Information and System Security (TISSEC)
Delegation logic: A logic-based approach to distributed authorization
ACM Transactions on Information and System Security (TISSEC)
XrML -- eXtensible rights Markup Language
Proceedings of the 2002 ACM workshop on XML security
Distributed credential chain discovery in trust management
Journal of Computer Security
LICS '03 Proceedings of the 18th Annual IEEE Symposium on Logic in Computer Science
Models and Languages for Digital Rights
HICSS '01 Proceedings of the 34th Annual Hawaii International Conference on System Sciences ( HICSS-34)-Volume 9 - Volume 9
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Originator Control in Usage Control
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Decentralized Trust Management
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Understanding Trust Management Systems
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
SD3: A Trust Management System with Certified Evaluation
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Cassandra: Flexible Trust Management, Applied to Electronic Health Records
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
An Audit Logic for Accountability
POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
A formal framework for reflective database access control policies
Proceedings of the 15th ACM conference on Computer and communications security
A Formal Privacy Management Framework
Formal Aspects in Security and Trust
Extending access control models with break-glass
Proceedings of the 14th ACM symposium on Access control models and technologies
A medical database case study for reflective database access control
Proceedings of the first ACM workshop on Security and privacy in medical and home-care systems
A formal implementation of value commitment
ESOP'08/ETAPS'08 Proceedings of the Theory and practice of software, 17th European conference on Programming languages and systems
An introduction to the role based trust management framework RT
Foundations of security analysis and design IV
POLIPO: policies & ontologies for interoperability, portability, and autonomy
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
Towards a theory of accountability and audit
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Reliable evidence: auditability by typing
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Process compliance analysis based on behavioural profiles
Information Systems
Usage control enforcement - a survey
ARES'11 Proceedings of the IFIP WG 8.4/8.9 international cross domain conference on Availability, reliability and security for business, enterprise and health information systems
| Hi-index | 0.00 |
While preventative policy enforcement mechanisms can provide theoretical guarantees that policy is correctly enforced, they have limitations in practice. They are inflexible when unanticipated circumstances arise, and most are either inflexible with respect to the policies they can enforce or incapable of continuing to enforce policies on data objects as they move from one system to another. In this paper we propose an approach to enforcing policies not by preventing unauthorized use, but rather by deterring it. We believe this approach is complementary to preventative policy enforcement. We call our approach APPLE for A-Posteriori PoLicy Enforcement. We introduce APPLE Core, a logical framework for using logs to verify that actions taken by the system were authorized. A trust management system is used to ensure that data objects are provided only to users operating on auditable systems who are subject to penalty should they be found in violation. This combination of audit and accountability provides a deterence that strongly encourages trustworthy behavior, thereby allowing a high level of assurance of end-to-end policy enforcement.