Abstract
Usage Control (UCON) model has been considered as the next generation access control model, its distinguishing properties of attribute mutability and decision continuity were more suit for dynamic and open network environment. Just a single usage process was described in form of a state diagram in early formalization, it make it difficult to reason about the interactions of several concurrent usage control process. There were have many formal specifications of Usage Control model. But that formalization all are ambiguous about the interactions of several concurrent usage control process. In this paper we introduced the formal description of UCONABC model and presented an alternative formalization of UCON using extended Computation Tree Logic (CTL) as the underlying formalism. The branching-time character of CTL makes it more naturally on the specification of concurrent enforcement and makes specify the usage control security policy better.
This work is partially supported by the Special topics for Jiangsu Education Science 13th Five-Year plan 2016(X-a/2016/08).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Park, J., Sandhu, R.: The UCONABC Usage Control Model. ACM Trans. Inf. Syst. Secur. 7(1), 128–174 (2004)
Zhang, X.W., Park, J., Presicce, F.P., et al.: A logical specification for usage control. In: Proceedings of the 9th ACM Symposium on Access Control Models and Technologies, pp. 1–10. ACM, New York (2004)
Zhang, X.W., Presicces, F.P., Sandhu, R., et al.: Formal model and policy specification of usage control. ACM Trans. Inf. Syst. Secur. 8(4), 351–387 (2005)
Janicke, H., Cau, A., Zedan, H.: A note on the formalisation of UCON. In: Proceedings of the 12th ACM Symposium on Access Control Models and Technologies, pp. 163–168. ACM, New York (2007)
Janicke, H., Cau, A., Siewe, F., et al.: Concurrent enforcement of usage control policies. In: Proceedings of the 2008 IEEE Workshop on Policies for Distributed Systems and Networks, pp. 111–118. IEEE Computer Society, Washington (2008)
Hilty, M., Pretschner, A., Basin, D., Schaefer, C., Walter, T.: A policy language for distributed usage control. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 531–546. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74835-9_35
Teigão, R., Maziero, C., Santin, A.: A grammar for specifying usage control policies. In: 2007 IEEE International Conference on Communications, pp. 1379–1384. IEEE Computer Society, Washington (2007)
Martinelli, F., Mori, P.: A model for usage control in GRID systems. In: Proceedings of the 3rd International Conference on Security and Privacy in Communication Networks, pp. 169–175. IEEE, Washington (2007)
Katt, B., Zhang, X., Hafner, M.: Towards a usage control policy specification with Petri Nets. In: Meersman, R., Dillon, T., Herrero, P. (eds.) OTM 2009. LNCS, vol. 5871, pp. 905–912. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-05151-7_11
Basin, D., Klaedtke, F., Müller, S.: Monitoring security policies with metric first-order temporal logic. In: Proceedings of the 15th ACM Symposium on Access Control Models and Technologies, pp. 23–33. ACM, New York (2010)
Lazouski, A., Martinelli, F., Mori, P.: Usage control in computer security: a survey. Comput. Sci. Rev. 4(2), 81–99 (2010)
Grompanopoulos, C., Gouglidis, A., Mavridis, I.: A use-based approach for enhancing UCON. In: Security and Trust Management, pp. 81–96 (2013)
Gouglidis, A., Mavridis, I., Vincent, C.H.: Security policy verification for multi-domains in cloud systems. Int. J. Inf. Secur. 13(2), 97–111 (2014)
Zhou, C.H., Chen, W.H., Liu, Z.F.: Formal specification and security verification of usage control model based on PAT. Chin. J. Network Inf. Secur. (2016)
Gouglidis, A., Grompanopoulos, C., Mavridou, A.: Formal verification of usage control models: a case study of UseCON Using TLA+. http://cn.arxiv.org/pdf/1806.09848v1. Accessed 2 Aug 2018
Meijuan, W., Jian, W., Lihong, G., et al.: Inverted XML access control model based on ontology semantic dependency. CMC: Comput. Mater. Continua 55(3), 465–482 (2018)
Huth, M., Ryan, M.: Logic in Computer Science: Modelling and Reasoning about Systems, 2nd edn. Cambridge University Press, Cambridge (2004)
Suzhen, W., Lu, Z., Yanpiao, Z., et al.: Natural language semantic construction based on cloud database. CMC: Comput. Mater. Continua 57(3), 603–619 (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Lili, X., Zhigang, Z. (2019). Formal Specification of Concurrent Enforcement UCON Model with CTL Logic. In: Sun, X., Pan, Z., Bertino, E. (eds) Artificial Intelligence and Security. ICAIS 2019. Lecture Notes in Computer Science(), vol 11633. Springer, Cham. https://doi.org/10.1007/978-3-030-24265-7_54
Download citation
DOI: https://doi.org/10.1007/978-3-030-24265-7_54
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-24264-0
Online ISBN: 978-3-030-24265-7
eBook Packages: Computer ScienceComputer Science (R0)