ABSTRACT
The usage control model (UCON) has been proposed to augment traditional access control models by integrating authorizations, obligations, and conditions and providing the properties of decision continuity and attribute mutability. Several recent work have applied UCON to support security requirements in different computing environments such as resource sharing in collaborative computing systems and data control in remote platforms. In this paper we identify two individual but interrelated problems of the original UCON model and recent implementations: oversimplifying the concept of usage session of the model, and the lack of comprehensive ongoing enforcement mechanism of implementations. We extend the core UCON model with continuous usage sessions thus extensively augment the expressiveness of obligations in UCON, and then propose a general, continuity-enhanced and configurable usage control enforcement engine. Finally we explain how our approach can satisfy flexible security requirements with an implemented prototype for a healthcare information system.
- {ACF}ITU-T Rec X.812 (1995) | ISO/IEC 10181-3:1996. Security frameworks for open systems: Access control framework. Technical report, 1996.]]Google Scholar
- B. Agreiter, M. Alam, R. Breu, M. Hafner, A. Pretschner, J.-P. Seifert, and X. Zhang. A technical architecture for enforcing usage control requirements in service-oriented architectures. In Proc. ACM workshop on Secure web services, 2007.]] Google ScholarDigital Library
- M. Alam, M. Hafner, M. Memon, and P. Hung. Modeling and enforcing advanced access control policies in healthcare systems with sectet. Mothis, 2007.]]Google Scholar
- C. Bettini, S. Jajodia, X. SeanWang, and D. Wijesekera. Provisions and obligations in policy rule management. J. Network and System Mgmt., 2003.]] Google ScholarDigital Library
- C. Bettini, S. Jajodia, X. Sean Wang, and D. Wijesekera. Obligation monitoring in policy management. IEEE 3rd Intern. Workshop on Policies for Distributed Systems and Networks, 2002.]] Google ScholarDigital Library
- C. Bettini, S. Jajodia, X. Sean Wang, and D. Wijesekera. Provisions and obligations in policy management and security applications. In Proc. of the 28th VLDB Conference ,Hong Kong, China, 2002.]] Google ScholarDigital Library
- N. Damianou, N. Dulay, E. Lupu, and M. Sloman. The ponder policy specification language. Lecture Notes in Computer Science, 2001.]] Google ScholarDigital Library
- P. Gama and P. Ferreira. Obligation policies: An enforcement platform. In Sixth IEEE International Workshop on Policies for Distributed Systems and Networks, 2005.]] Google ScholarDigital Library
- P. Gama, C. Ribeiro, and P. Ferreira. A scalable history-based policy engine. In Seventh IEEE International Workshop on Policies for Distributed Systems and Networks, 2006.]] Google ScholarDigital Library
- M. Hafner, R. Mair, R. Breu, B. Agreiter, S. Unterthiner, and T. Schabetsberger. Health@net. Die verteilte elektronische gesundheitsakte- eine fallstudie in modell-getriebenem security engineering. IT-Sicherheitskongress des BSI, 2007.]]Google Scholar
- M. Hilty, D. Basin, and A. Pretschner. On obligations. In Proc. of European Symposium on Research in Computer Security, 2005.]] Google ScholarDigital Library
- M. Hilty, A. Pretschner, D. Basin, C. Schaefer, and T. Walter. A policy language for distributed usage control. In Proc. of the 12th European Symposium on Research in Computer Security, 2007.]] Google ScholarDigital Library
- Keith Irwin, Ting Yu, and William H. Winsborogh. On the modeling and analysis of obligations. In Proc. of ACM Conference on Computer and Communications Security, 2006.]] Google ScholarDigital Library
- J. Park and R. Sandhu. The ucon abc usage control model. ACM Transactions of Information and System Security, 7(1):128--174, 2004.]] Google ScholarDigital Library
- J. Park and R. Sandhu. Towards usage control models: Beyond traditional access control. In Proc. of ACM symposium on Access control models and technologies, 2002.]] Google ScholarDigital Library
- J. Park, X. Zhang, and R. S. Sandhu. Attribute mutability in usage control. In Proc. of the Annual IFIP WG 11.3 Working Conference on Data and Applications Security,, 2004.]]Google ScholarCross Ref
- A. Pretschner, M. Hilty, and D. Basin. Distributed usage control. Communication of the ACM , 49(9):39--44, 2006.]] Google ScholarDigital Library
- A. Pretschner, M. Hilty, F. Casati, and F. Massacci. Usage control in service-oriented architecture. In Proc. of the 4th Intl. Conf. on Trust, Privacy & Security in Digital Business, 2007.]] Google ScholarDigital Library
- C. Ribeiro, A. Zuquete, P. Ferreira, and P. Guede. Spl: An access control language for security policies with complex constraints. In Proc. of the Network and Distributed System Security Symposium, 2001.]]Google Scholar
- R. Sailer, T. Jaeger, X. Zhang, and L. van Doorn. Attestation based policy enforcement for remote access. ACM Conference on Computer and Communications Security, 2004.]] Google ScholarDigital Library
- R. Sailer, X. Zhang, T. Jaeger, and L. van Doorn. Design and implementation of tcg based integrity measurement systems. In Proc. of the 13th conference on USENIX Security, 2004.]] Google ScholarDigital Library
- R. Sandhu and J. Park. Usage control: A vision for the next generation access control. Inter. Workshop on Mathematical Methods,Models and Architectures for Computer Networks Security, 2003.]]Google ScholarCross Ref
- R. Sandhu, K. Ranganathan, and X. Zhang. Secure information sharing enabled by trusted computing and pei models. In Proc. of ACM Symposium on Information, computer and communications security, 2006.]] Google ScholarDigital Library
- R. Sandhu and X. Zhang. Peer-to-peer access control architecture using trusted computing technology. In Proc. of ACM symposium on Access control models and technologies, 2005.]] Google ScholarDigital Library
- S. Unterthiner, M. Hafner, R.Breu, and T. Schabetsberger. Endpoint security in elga architekturen. eHealth-Medical Informatics meets eHealth. Vienna, 2007.]]Google Scholar
- G. Vogt. Multiple authoriztion- a model and architecture for increased, practical security. In Proc. of IFIP/IEEE Symposium on Integrated Network Management, 2003.]]Google Scholar
- G. Yee, L. Korba, and R. Song. Ensuring privacy for e-health services. In Proc. of The First International Conference on Availability, Reliability and Security, 2006.]] Google ScholarDigital Library
- X. Zhang, M. Nakae, M. J. Convington, and R. Sandhu. A usage-based authorization framework for collaborative computing systems. In Proc. of ACM Symposium on Access Control Models and Technologies, 2006.]] Google ScholarDigital Library
- X. Zhang, F. Parisi-Presicce, R. Sandhu, and J. Park. Formal model and policy specification of usage control. ACM Transactions on Information and System Security, 8(4):351--387, 2005.]] Google ScholarDigital Library
Index Terms
- A general obligation model and continuity: enhanced policy enforcement engine for usage control
Recommendations
An obligation model bridging access control policies and privacy policies
SACMAT '08: Proceedings of the 13th ACM symposium on Access control models and technologiesIn this paper, we present a novel obligation model for the Core Privacy-aware Role Based Access Control (P-RBAC), and discuss some design issues in detail. Pre-obligations, post-obligations, conditional obligations, and repeating obligations are ...
The specification and compilation of obligation policies for program monitoring
ASIACCS '12: Proceedings of the 7th ACM Symposium on Information, Computer and Communications SecurityAn extensible software system must protect its resources from being abused by untrusted software extensions. The access control policies of such systems are traditionally enforced by reference monitors. Recent study of access control policies advocates ...
Revocation of obligation and authorisation policy objects
DBSec'05: Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications SecurityIn [Schaad and Moffett, 2002] we have presented our initial investigations into the delegation of obligations and the concept of review as one kind of organisational principle to control such delegation activities. This initial work led us to a more ...
Comments