Ulrich Schöpp
ABSTRACT
Modern system architectures require sophisticated access and usage control mechanisms. The need stems from demanding requirements for security, data sovereignty and privacy regulations, as well as the challenges presented by architectural approaches like zero trust networking. Usage control systems provide one approach to encapsulate and manage the complexities related to access and usage control. In order to trust a usage control system, it is essential to ensure that usage control policies express the intended properties and are enforced correctly. To achieve this, we need a precise specification of the intended behavior of a usage control system. For attribute-based access control, the XACML standard is a sufficient specification of the behavior of policies. Usage control models, such as UCON, extend access control with features for continuous authorization based on mutability of attribute values. This adds significant complexity to the problem of specifying the intended behavior. In this paper, we identify challenges with specifying a practical usage control system regarding continuous control, obligations, and concurrency aspects. We describe an approach to specifying the UCON+ model of Dimitrakos et al. and outline an implementation of the specification with Answer Set Programming.
- Dhouha Ayed, Marie-Noelle Lepareux, and Cyrille Martins. 2015. Analysis of XACML policies with ASP. In 2015 7th International Conference on New Technologies, Mobility and Security (NTMS). IEEE, 1--5.Google Scholar
Cross Ref
- John Backes, Pauline Bolignano, Byron Cook, Catherine Dodge, Andrew Gacek, Kasper Luckow, Neha Rungta, Oksana Tkachuk, and Carsten Varming. 2018. Semantic-based Automated Reasoning for AWS Access Policies using SMT. In 2018 Formal Methods in Computer Aided Design (FMCAD). IEEE, 1--9.Google Scholar
- Gabriele Baldi, Yair Diaz, Theo Dimitrakos, Fabio Martinelli, Christina Michailidou, Paolo Mori, Oleksii Osliak, and Andrea Saracino. 2020. Session-dependent Usage Control for Big Data. Journal of Internet Services and Information Security, Vol. 10, 3 (Aug. 2020), 76--92.Google Scholar
- Enrico Carniani, Davide D'Arenzo, Aliaksandr Lazouski, Fabio Martinelli, and Paolo Mori. 2016. Usage Control on Cloud systems. Future Generation Computer Systems, Vol. 63 (Oct. 2016), 37--55.Google ScholarDigital Library
- Haining Chen. 2017. Improving the Policy Specification for Practical Access Control Systems. Ph.,D. Dissertation. Purdue University.Google Scholar
- Maurizio Colombo, Aliaksandr Lazouski, Fabio Martinelli, and Paolo Mori. 2010. A Proposal on Enhancing XACML with Continuous Usage Control Features. In Grids, P2P and Services Computing. Springer, 133--146.Google Scholar
- Yuri Demchenko, Oscar Koeroo, Cees de Laat, and Hakon Sagehaug. 2008. Extending XACML Authorisation Model to Support Policy Obligations Handling in Distributed Application. In Middleware for Grid Computing (MGC '08). ACM, New York, NY, USA, 1--6.Google ScholarDigital Library
- Theo Dimitrakos, Tezcan Dilshener, Alexander Kravtsov, Antonio La Marra, Fabio Martinelli, Athanasios Rizos, Alessandro Rosetti, and Andrea Saracino. 2020. Trust Aware Continuous Authorization for Zero Trust in Consumer Internet of Things. In Trust, Security and Privacy in Computing and Communications (TrustCom). IEEE, 1801--1812.Google Scholar
- Donia El Kateb, Yehia ElRakaiby, Tejeddine Mouelhi, Iram Rubab, and Yves Le Traon. 2015. Towards a Full Support of Obligations in XACML. In Risks and Security of Internet and Systems. LNCS, Vol. 8924. Springer, 213--221.Google Scholar
- Danielle Ferguson, Yan Albright, Daniel Lomsak, Tyler Hanks, Kevin Orr, and Jay Ligatti. 2020. PoCo: A Language for Specifying Obligation-Based Policy Compositions. In Proceedings of the 2020 9th International Conference on Software and Computer Applications. ACM, 331--338.Google ScholarDigital Library
- Ali Hariri, Amjad Ibrahim, Bithin Alangot, Subhajit Bandopadhyay, Antonio La Marra, Alessandro Rosetti, Hussein Joumaa, and Theo Dimitrakos. 2023. UCON: Comprehensive Model, Architecture and Implementation for Usage Control and Continuous Authorization. In Collaborative Approaches for Cyber Security in Cyber-Physical Systems. Springer, 209--226.Google Scholar
- Ali Hariri, Amjad Ibrahim, Theo Dimitrakos, and Bruno Crispo. 2022. WiP: Metamodel for Continuous Authorisation and Usage Control. In Proceedings of the 27th ACM on Symposium on Access Control Models and Technologies. ACM, New York, NY, USA, 43--48.Google ScholarDigital Library
- Graham Hughes and Tevfik Bultan. 2008. Automated verification of access control policies using a SAT solver. International Journal on Software Tools for Technology Transfer, Vol. 10, 6 (Dec. 2008), 503--520.Google ScholarCross Ref
- Amjad Ibrahim and Theo Dimitrakos. 2023. Towards Collaborative Security Approaches Based on the European Digital Sovereignty Ecosystem. In Collaborative Approaches for Cyber Security in Cyber-Physical Systems. Springer, 123--144.Google Scholar
- Carroline Dewi Puspa Kencana Ramli, Hanne Riis Nielson, and Flemming Nielson. 2013. XACML 3.0 in Answer Set Programming. In Logic-Based Program Synthesis and Transformation,, Elvira Albert (Ed.). Springer, 89--105.Google Scholar
- Vladimir Kolovski. 2008. A Logic-Based Framework for Web Access Control Policies. PhD Thesis. University of Maryland.Google Scholar
- Aliaksandr Lazouski, Fabio Martinelli, and Paolo Mori. 2012. A Prototype for Enforcing Usage Control Policies Based on XACML. In Trust, Privacy and Security in Digital Business. LNCS, Vol. 7449. Springer, 79--92.Google Scholar
- Joohyung Lee, Yi Wang, and Yu Zhang. 2015. Automated Reasoning about XACML 3.0 Delegation Using Answer Set Programming. In Conference on Logic Programming, Technical Communications (ICLP 2015) (CEUR Workshop Proceedings, Vol. 1433). CEUR-WS.org, Aachen, 13.Google Scholar
- Ninghui Li, Haining Chen, and Elisa Bertino. 2012. On practical specification and enforcement of obligations. In Proceedings of Data and Application Security and Privacy - CODASKY '12. ACM Press, 71.Google ScholarDigital Library
- Vladimir Lifschitz. 2019. Answer Set Programming. Springer.Google Scholar
- Xie Lili and Zhai Zhigang. 2019. Formal Specification of Concurrent Enforcement UCON Model with CTL Logic. In Artificial Intelligence and Security. LNCS, Vol. 11633. Springer, 627--641.Google Scholar
- Johannes Lohmö ller, Jan Pennekamp, Roman Matzutt, and Klaus Wehrle. 2022. On the need for strong sovereignty in data ecosystems. In Proceedings of the First International Workshop on Data Ecosystems co-located with 48th International Conference on Very Large Databases (VLDB 2022), Sydney, Australia, September 5, 2022 (CEUR Workshop Proceedings, Vol. 3306), Cinzia Cappiello, Sandra Geisler, and Maria-Esther Vidal (Eds.). CEUR-WS.org, Aachen, 51--63.Google Scholar
- Fabio Martinelli, Paolo Mori, Andrea Saracino, and Francesco Di Cerbo. 2019. Obligation Management in Usage Control Systems. In Parallel, Distributed and Network-Based Processing (PDP). IEEE, 356--364.Google Scholar
- OASIS. 2014. XACML v3.0 Administration and Delegation Profile V.1.0.Google Scholar
- OASIS. 2015. Abbreviated Language for Authorization V.1.0 WD 01.Google Scholar
- OASIS. 2017. eXtensible Access Control Markup Language (XACML) V.3.0 Err.01.Google Scholar
- Jaehong Park and Ravi Sandhu. 2004. The UCON $_textrmABC $ usage control model. ACM Transactions on Information and System Security, Vol. 7, 1 (Feb. 2004), 128--174.Google ScholarDigital Library
- Julia Pohle. 2020. Digital sovereignty. A new key concept of digital policy in Germany and Europe. Technical Report. Konrad-Adenauer-Stiftung, Berlin.Google Scholar
- Carroline Dewi Puspa Kencana Ramli, Hanne Riis Nielson, and Flemming Nielson. 2014. The logic of XACML. Science of Computer Programming, Vol. 83 (2014), 80--105. Formal Aspects of Component Software (FACS 2011 selected & extended papers).Google ScholarDigital Library
- Mohsen Rezvani, David Rajaratnam, Aleksandar Ignjatovic, Maurice Pagnucco, and Sanjay Jha. 2018. Analyzing XACML policies using answer set programming. International Journal of Information Security, Vol. 18, 4 (2018), 465--479.Google ScholarDigital Library
- Andreas Schaad and Jonathan D. Moffett. 2002. A Lightweight Approach to Specification and Analysis of Role-Based Access Control Extensions. In Proceedings of the Seventh ACM Symposium on Access Control Models and Technologies (Monterey, California, USA) (SACMAT '02). ACM, New York, NY, USA, 13--22.Google Scholar
- Julian Schuette and Gerd Stefan Brost. 2018. LUCON: Data Flow Control for Message-Based IoT Systems. In Trust, Security And Privacy In Computing And Communications / Big Data Science And Engineering (TrustCom/BigDataSE). IEEE, New York, NY, USA, 289--299.Google Scholar
- Nan Zhang, Mark Ryan, and Dimitar P. Guelev. 2005 b. Evaluating Access Control Policies Through Model Checking. In Information Security. LNCS, Vol. 3650. Springer, 446--460.Google Scholar
- Xinwen Zhang, Francesco Parisi-Presicce, Ravi Sandhu, and Jaehong Park. 2005 a. Formal model and policy specification of usage control. ACM Transactions on Information and System Security, Vol. 8, 4 (Nov. 2005), 351--387.Google ScholarDigital Library
Index Terms
- Specifying a Usage Control System
Recommendations
The UCONABC usage control model
In this paper, we introduce the family of UCONABC models for usage control (UCON), which integrate Authorizations (A), oBligations (B), and Conditions (C). We call these core models because they address the essence of UCON, leaving administration, ...
Towards a times-based usage control model
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications securityModern information systems require temporal and privilege-consuming usage of digital objects. To meet these requirements, we present a new access control model-Times-based Usage Control (TUCON). TUCON extends traditional and temporal access control ...
Deriving implementation-level policies for usage control enforcement
CODASPY '12: Proceedings of the second ACM conference on Data and Application Security and PrivacyUsage control is concerned with how data is used after access to it has been granted. As such, it is particularly relevant to end users who own the data. System implementations of access and usage control enforcement mechanisms, however, do not always ...
Comments