skip to main content
10.1145/2295136.2295159acmconferencesArticle/Chapter ViewAbstractPublication PagessacmatConference Proceedingsconference-collections
demonstration

Towards a policy enforcement infrastructure for distributed usage control

Published: 20 June 2012 Publication History

Abstract

Distributed usage control is concerned with how data may or may not be used after initial access to it has been granted and is therefore particularly important in distributed system environments. We present an application- and application-protocol-independent infrastructure that allows for the enforcement of usage control policies in a distributed environment. We instantiate the infrastructure for transferring files using FTP and for a scenario where smart meters are connected to a Facebook application.

References

[1]
M. Harvan and A. Pretschner. State-Based Usage Control Enforcement with Data Flow Tracking using System Call Interposition. In Proc. 3rd International Conference on Network and System Security, pages 373--380, Oct. 2009.
[2]
P. Kumari, F. Kelbert, and A. Pretschner. Data Protection in Heterogeneous Distributed Systems: A Smart Meter Example. In Proc. Workshop on Dependable Software for Critical Infrastructures. GI Lecture Notes in Informatics, Oct. 2011.
[3]
P. Kumari and A. Pretschner. Deriving Implementation-level Policies for Usage Control Enforcement. In Proc. 2nd ACM Conference on Data and Application Security and Privacy, pages 83--94, Feb. 2012.
[4]
A. Pretschner, M. Hilty, and D. Basin. Distributed Usage Control. Communications of the ACM, pages 39--44, Sept. 2006.
[5]
A. Pretschner, M. Hilty, D. Basin, C. Schaefer, and T. Walter. Mechanisms for Usage Control. In Proc. 2008 ACM Symposium on Information, Computer and Communications Security, pages 240--244, Mar. 2008.
[6]
A. Pretschner, E. Lovat, and M. Büchler. Representation-Independent Data Usage Control. In Data Privacy Management and Autonomous Spontaneus Security, volume 7122 of Lecture Notes in Computer Science, pages 122--140, 2012.
[7]
N. Provos. Improving Host Security with System Call Policies. In Proc. 12th USENIX Security Symposium, June 2003.
[8]
R. Sandhu and J. Park. Usage Control: A Vision for Next Generation Access Control. In Computer Network Security, volume 2776 of Lecture Notes in Computer Science, pages 17--31. 2003.
[9]
D. Winer. XML-RPC, http://xmlrpc.scripting.com/, 1998.

Cited By

View all
  • (2021)Reasons and Strategies for Privacy Features in Tracking and Tracing Systems—A Systematic Literature ReviewSensors10.3390/s2113450121:13(4501)Online publication date: 30-Jun-2021
  • (2019)Usage control architecture options for data sovereignty in business ecosystemsJournal of Enterprise Information Management10.1108/JEIM-03-2018-005832:3(477-495)Online publication date: 4-Jun-2019
  • (2019)Designing a multi-sided data platform: findings from the International Data Spaces caseElectronic Markets10.1007/s12525-019-00362-xOnline publication date: 28-Aug-2019
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
SACMAT '12: Proceedings of the 17th ACM symposium on Access Control Models and Technologies
June 2012
242 pages
ISBN:9781450312950
DOI:10.1145/2295136
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 20 June 2012

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. distributed usage control
  2. policy enforcement
  3. security and privacy
  4. sticky policies

Qualifiers

  • Demonstration

Conference

SACMAT '12
Sponsor:

Acceptance Rates

SACMAT '12 Paper Acceptance Rate 19 of 73 submissions, 26%;
Overall Acceptance Rate 177 of 597 submissions, 30%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)2
  • Downloads (Last 6 weeks)0
Reflects downloads up to 16 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2021)Reasons and Strategies for Privacy Features in Tracking and Tracing Systems—A Systematic Literature ReviewSensors10.3390/s2113450121:13(4501)Online publication date: 30-Jun-2021
  • (2019)Usage control architecture options for data sovereignty in business ecosystemsJournal of Enterprise Information Management10.1108/JEIM-03-2018-005832:3(477-495)Online publication date: 4-Jun-2019
  • (2019)Designing a multi-sided data platform: findings from the International Data Spaces caseElectronic Markets10.1007/s12525-019-00362-xOnline publication date: 28-Aug-2019
  • (2016)A Critical Analysis of Privacy Design Strategies2016 IEEE Security and Privacy Workshops (SPW)10.1109/SPW.2016.23(33-40)Online publication date: May-2016
  • (2016)Forget About Being ForgottenData Protection on the Move10.1007/978-94-017-7376-8_10(249-275)Online publication date: 2016
  • (2016)A Fully Decentralized Data Usage Control Enforcement InfrastructureApplied Cryptography and Network Security10.1007/978-3-319-28166-7_20(409-430)Online publication date: 9-Jan-2016
  • (2015)Automated Translation of End User Policies for Usage Control EnforcementData and Applications Security and Privacy XXIX10.1007/978-3-319-20810-7_18(250-258)Online publication date: 23-Jun-2015
  • (2014)Decentralized Distributed Data Usage ControlProceedings of the 13th International Conference on Cryptology and Network Security - Volume 881310.1007/978-3-319-12280-9_23(353-369)Online publication date: 22-Oct-2014
  • (2013)Data usage control enforcement in distributed systemsProceedings of the third ACM conference on Data and application security and privacy10.1145/2435349.2435358(71-82)Online publication date: 18-Feb-2013
  • (2013)An Integrated Formal Approach to Usage ControlProceedings of the 2013 IEEE Security and Privacy Workshops10.1109/SPW.2013.23(8-12)Online publication date: 23-May-2013
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media