Abstract
Currently, the rapid development of information technology requires also the additional features for access control domain. The information is more and more distributed through the networks or federation of numerous information systems located in different places in a country or on the globe. In order to meet the requirements and problems of modern access control, a new implementation of access control model, called implementation of Role-based Usage Control (iRBUC) model is proposed. Proposed iRBUC assures the usage control in accessing data, which is very important especially in distributed information systems, and assures the organization of access control strategies well-described in RBAC (Role-Based Access Control) model or its extensions.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Castaro, S., Fugini, M., Martella, G., Samarati, P.: Database Security. Addison-Wesley (1994)
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-Based Access Control Models. IEEE Computer 29(2), 38–47 (1996)
Sandhu, R.S., Samarati, P.: Access Control: Principles and Practice. IEEE Communication 32(9), 40–48 (1994)
Ferraiolo, D., Sandhu, R.S., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST Role-Based Access control. ACM TISSEC (2001)
Booch, G., Rumbaugh, J., Jacobson, I.: The Unified Modeling Language User Guide. Addison Wesley (1998)
Ahn, G.-J.: The RCL 2000 Language for Specifying Role-Based Authorization Constraints. ACM Transactions on Information and Systems Security (1999)
Ahn, G.-J., Sandhu, R.S.: Role-based Authorization Constraints Specification. ACM Transactions on Information and Systems Security (2000)
Poniszewska-Maranda, A., Goncalves, G., Hemery, F.: Representation of extended RBAC model using UML language. In: Vojtáš, P., Bieliková, M., Charron-Bost, B., Sýkora, O. (eds.) SOFSEM 2005. LNCS, vol. 3381, pp. 413–417. Springer, Heidelberg (2005)
Goncalves, G., Poniszewska-Maranda, A.: Role engineering: from design to evaluation of security schemas. Journal of Systems and Software 81(8), 1306–1326 (2008)
Poniszewska-Maranda, A.: Access Control Models in Heterogeneous Information Systems: from Conception to Exploitation. In: Proc. of IEEE International Multiconference on Computer Science and Information Technology, Wisla, Poland (2008)
Lampson, B.W.: Protection. ACM Operating Systems Review 8(1), 18–24 (1974)
Dows, D., Rub, J., Kung, K., Jordan, C.: Issues in discretionary access control. In: IEEE Symposium on Research in Security and Privacy, pp. 208–218 (1985)
Bell, D., Lapadulla, L.: Secure computer systems: Unified exposition and multics interpretation, Mitre Corporation (1975)
Bertino, E., Bettini, C., Samarati, P.: A Temporal Access Control Mechanism for Database Systems. IEEE TKDE 8(1) (1996)
Bertino, E., Bonatti, P., Ferrari, E.: A Temporal Role-based Access Control Model. ACM TISSEC 4(3), 191–233 (2001)
Gal, A., Atluri, V.: An Authorization Model for Temporal Data. ACM Transaction on Information and System Security 5(1) (2002)
James, B., Joshi, E., Bertino, U., Latif, A., Ghafoo, A.: A Generalized Temporal Role-Based Access Control Model. IEEE Transitions on Knowledge and Data Engineering 17(1), 4–23 (2005)
Park, J., Sandhu, R.: The UCON ABC Usage Control Model. ACM Transactions on Information and System Security 7 (2004)
Park, J., Zhang, X., Sandhu, R.: Attribute Mutability in Usage Control. In: 18th IFIP WG 11.3 Working Conference on Data and Applications Security (2004)
Lazouski, A., Martinelli, F., Mori, P.: Usage control in computer security: A survey. Computer Science Review 4(2), 81–99 (2010)
Pretschner, A., Hilty, M., Basin, D.: Distributed usage control. Communications of the ACM 49(9) (2006)
Zhang, X., Parisi-Presicce, F., Sandhu, R., Park, J.: Formal Model and Policy Specification of Usage Control. ACM TISSEC 8(4), 351–387 (2005)
Jiang, Z., Hu, S., Gan, S., Shu, Y.: Research on an UCON model supporting distributed management. In: Proc. of ICIA 2008, pp. 1520–1524 (2008)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Poniszewska-Maranda, A. (2012). Implementation of Access Control Model for Distributed Information Systems Using Usage Control. In: Bouvry, P., Kłopotek, M.A., Leprévost, F., Marciniak, M., Mykowiecka, A., Rybiński, H. (eds) Security and Intelligent Information Systems. SIIS 2011. Lecture Notes in Computer Science, vol 7053. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25261-7_5
Download citation
DOI: https://doi.org/10.1007/978-3-642-25261-7_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-25260-0
Online ISBN: 978-3-642-25261-7
eBook Packages: Computer ScienceComputer Science (R0)