Skip to main content
SpringerLink
Log in
Book cover

International Conference on Computer Aided Systems Theory

EUROCAST 2011: Computer Aided Systems Theory – EUROCAST 2011 pp 56–63Cite as

A Distributed Authorization System with Mobile Usage Control Policies

  • Conference paper

  • 1673 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 6927))

Abstract

Distributed systems, such as the Cloud, are widely used for solving large problems, because they provide big computational power at a low cost. From the security point of view, distributed systems pose new challenges, because the applications running on the components of the system could cooperate to access the system’s resources. Hence, the security support should consider all the accesses performed by the applications run by the same user on distinct nodes of a distributed system as the behaviour of that user. To address this problem, this paper proposes mobile usage control policies that, besides regulating the usage of the system resources, also define the exchange of some policy fragments among the nodes of the distributed system. In this way, the usage of resources performed on one node of the distributed system affects the right of accessing resources on other nodes of the system. A reference scenario where mobile usage control policies could be successfully adopted is the Cloud environment.

This work was supported by the FP7 projects Open Computing Infrastructures for Elastic Services (CONTRAIL) and Network of Excellence on Engineering Secure Future Internet Software Services and Systems (NESSOS).

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Mell, P., Grance, T.: The NIST Definition of Cloud Computing. Recommendation of the National Institute of Standards and Technology (NIST), U.S. Department of Commerce (January 2011)

    Google Scholar 

  2. Amazon Elastic Compute Clouds (EC2), http://aws.amazon.com/ec2/

  3. Amazon Simple Storage Service (S3), http://aws.amazon.com/s3/

  4. Google App Engine, http://code.google.com/appengine

  5. Google Apps, http://www.google.com/apps

  6. Sandhu, R., Park, J.: The UCONABC usage control model. ACM Transactions on Information and System Security (TISSEC) 7(1), 128–174 (2004)

    Article  Google Scholar 

  7. Zhang, X., Parisi-Presicce, F., Sandhu, R., Park, J.: Formal model and policy specification of usage control. ACM Transactions on Information and System Security (TISSEC) 8(4), 351–387 (2005)

    Article  Google Scholar 

  8. Martinelli, F., Mori, P., Vaccarelli, A.: Towards continuous usage control on Grid computational services. In: Proc. of International Conference on Autonomic and Autonomous Systems and International Conference on Networking and Services 2005, p. 82. IEEE Computer Society, Los Alamitos (2005)

    Google Scholar 

  9. Lazouski, A., Colombo, M., Martinelli, F., Mori, P.: Controlling the Usage of Grid Services. International Journal of Computational Science 4(3), 373–386 (2009); Special issue: Recent Advance in Computing Technologies. Global Information Publisher

    Google Scholar 

  10. Martinelli, F., Mori, P.: Usage control for Grid systems. Future Generation Computer Systems 26(7), 1032–1042 (2010)

    Article  Google Scholar 

  11. Zhang, X., Nakae, M., Covington, M.J., Sandhu, R.: Towards a usage-based security framework for collaborative computing systems. ACM Transactions on Information and System Security (TISSEC) 11(1), 1–36 (2008)

    Article  Google Scholar 

  12. Stihler, M., Santin, A.O., Calsavara, A., Marcon Jr., A.L.: Distributed Usage Control Architecture for Business Coalitions. In: Proceedings of the IEEE International Conference on Communications, ICC 2009 (2009)

    Google Scholar 

  13. Pretschner, A., Hilty, M., Schutz, F., Schaefer, C., Walter, T.: Usage Control Enforcement: Present and Future. IEEE Security & Privacy 6(4), 44–53 (2008)

    Article  Google Scholar 

  14. Pretschner, A., Schutz, F., Schaefer, C., Walter, T.: Policy Evolution in Distributed Usage Control. Electronic Notes on Theoretical Computer Science 244, 109–123 (2009)

    Article  Google Scholar 

  15. Blaze, M., Feigenbaum, J., Keromytis, A.D.: KeyNote: Trust Management for Public-Key Infrastructures. In: Christianson, B., Crispo, B., Harbison, W.S., Roe, M. (eds.) Security Protocols 1998. LNCS, vol. 1550, pp. 59–63. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  16. Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A.D.: The Role of Trust Management in Distributed Systems Security. In: Ryan, M. (ed.) Secure Internet Programming. LNCS, vol. 1603, pp. 185–210. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  17. Hoare, C.A.R.: Communicating sequential processes. Communications of the ACM 21(8), 666–677 (1978)

    Article  MATH  Google Scholar 

  18. Cloud Security Alliance. Security Guidance for Critical Areas of Focus in Cloud Computing V2.1 (2009)

    Google Scholar 

  19. Cloud Security Alliance. Top Threats to Cloud Computing (2009)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Istituto di Informatica e Telematica, Consiglio Nazionale delle Ricerche, Pisa, Italy

    Fabio Martinelli & Paolo Mori

Authors
  1. Fabio Martinelli
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Paolo Mori
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Instituto Universitario de Ciencias y Tecnologías Cibernéticas, Universidad de Las Palmas de Gran Canaria, Campus de Tafira, 35017, Las Palmas de Gran Canaria, Spain

    Roberto Moreno-Díaz  & Alexis Quesada-Arencibia  & 

  2. Institute of Systems Science, Johannes Kepler University Linz, Altenbergerstrasse 69, 4040, Linz, Austria

    Franz Pichler

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Martinelli, F., Mori, P. (2012). A Distributed Authorization System with Mobile Usage Control Policies. In: Moreno-Díaz, R., Pichler, F., Quesada-Arencibia, A. (eds) Computer Aided Systems Theory – EUROCAST 2011. EUROCAST 2011. Lecture Notes in Computer Science, vol 6927. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27549-4_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-27549-4_8

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-27548-7

  • Online ISBN: 978-3-642-27549-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation