ABSTRACT
Usage control is concerned with how data is used after access to it has been granted. As such, it is particularly relevant to end users who own the data. System implementations of access and usage control enforcement mechanisms, however, do not always adequately reflect end user requirements. This is due to several reasons, one of which is the problem of mapping concepts in the end user's domain to technical events and artifacts. For instance, semantics of basic operators such as "copy" or "delete", which are fundamental for specifying privacy policies, tend to vary according to context. For this reason they can be mapped to different sets of system events. The behaviour users expect from the system, therefore, may differ from the actual behaviour. In this paper we present a translation of specification-level usage control policies into implementation-level policies which takes into account the precise semantics of domain-specific abstractions. A tool for automating the translation has also been implemented.
- M. Harvan and A. Pretschner. State-based Usage Control Enforcement with Data Flow Tracking using System Call Interposition. In Proc. 3rd Intl. Conf. on Network and System Security, pages 373--380, 2009. Google ScholarDigital Library
- A. Pretschner, M. Buechler, M. Harvan, C. Schaefer, and T. Walter. Usage control enforcement with data flow tracking for x11. In Proc. 5th Intl. Workshop on Security and Trust Management, pages 124--137, 2009.Google Scholar
- L. Desmet, W. Joosen, F. Massacci, K. Naliuka, P. Philippaerts, F. Piessens, and D. Vanoverberghe. The S3MS.NET Run Time Monitor: Tool Demonstration. ENTCS, 253(5):153--159, 2009. Google ScholarDigital Library
- P. Kumari, A. Pretschner, J. Peschla, and J. Kuhn. Distributed data usage control for web applications: a social network implementation. In Proc. 1st ACM Conf. on Data and application security and privacy, pages 85--96, 2011. Google ScholarDigital Library
- D. Povey. Optimistic security: a new access control paradigm. In Proc. 1999 workshop on New security paradigms, NSPW '99, pages 40--45. ACM, 2000. Google ScholarDigital Library
- A. Pretschner, E. Lovat, and M. Buechler. Representation-independent data usage control. In Proc. 6th Intl. Workshop on Data Privacy Management, 2011. Google ScholarDigital Library
- M. Hilty, A. Pretschner, D. Basin, C. Schaefer, and T. Walter. A policy language for distributed usage control. In Proc. ESORICS, pages 531--546, 2008. Google ScholarDigital Library
- A. Pretschner, M. Hilty, D. Basin, C. Schaefer, and T. Walter. Mechanisms for Usage Control. In Proc. ACM Symp. on Information, Computer & Communication Security, pages 240--245, 2008. Google ScholarDigital Library
- E. Lovat and A. Pretschner. Data-centric multi-layer usage control enforcement: A social network example. In Proc. ACM Symp. on Access Control Models and Technologies, 2011. Google ScholarDigital Library
- J. Beatty and J. Hulgan. Experiences with a requirements object model. Lecture Notes in Comput. Sci., pages 104--117. Springer Berlin / Heidelberg, 2009. Google ScholarDigital Library
- M.E.C. Hull, K. Jackson, and J. Dick. Requirements Engineering, 2nd Ed. Springer, 2005. Google ScholarDigital Library
- G. Kotonya and I. Sommerville. Requirements engineering: processes and techniques. Worldwide series in computer science. 1998. Google ScholarDigital Library
- I. Bray. An Introduction to Requirements Engineering. Addison Wesley, aug 2002.Google Scholar
- M. Jackson. Software requirements & specifications: a lexicon of practice, principles and prejudices. ACM Press/Addison-Wesley, New York, USA, 1995. Google ScholarDigital Library
- C.A. Gunter, E.L. Gunter, M. Jackson, and P. Zave. A reference model for requirements and specifications - extended abstract. In Proc. 4th Intl. Conf. on Requirements Engineering, 2000, 2000. Google ScholarDigital Library
- K.L. Heninger. Specifying software requirements for complex systems: New techniques and their application. IEEE Trans. on Software Engg., SE-6(1):2 -- 13, jan. 1980. Google ScholarDigital Library
- B.H.C. Cheng and J.M. Atlee. Research directions in requirements engineering. Future of Software Engineering, pages 285--303, 2007. Google ScholarDigital Library
- J. McDermott and C. Fox. Using abuse case models for security requirements analysis. ACSAC '99, 1999. Google ScholarDigital Library
- Bruce Schneier. Attack trees, 1999.Google Scholar
- G. Sindre and A.L. Opdahl. Eliciting security requirements by misuse cases. In Proc. 37th Intl Conf. on Technology of Object-Oriented Languages and Systems, pages 120--131, 2000.Google ScholarCross Ref
- W. E. Vesely, F. F. Goldberg, N. H. Roberts, and D. F. Haasl. Fault Tree Handbook. U.S. Nuclear Regulatory Commission, 1981.Google Scholar
- G. Elahi. Security requirements engineering: State of the art and practice and challenges, 2008.Google Scholar
- J. Wilander and J. Gustavsson. Security requirements - a field study of current practice. In E-Proc. Symposium on Requirements Engineering for Information Security, 2005.Google Scholar
- Q. He and A.I. Antón. Requirements-based access control analysis and policy specification. Information & Software Technology, 51:993--1009, June 2009. Google ScholarDigital Library
- G. Neumann and M. Strembeck. A scenario-driven role engineering process for functional rbac roles. In Proc. 7th ACM symp. on Access control models and technologies, SACMAT '02, pages 33--42, 2002. Google ScholarDigital Library
- R. Iannella (ed.). Open Digital Rights Language v1.1, 2008. http://odrl.net/1.1/ODRL-11.pdf.Google Scholar
- Multimedia framework (MPEG-21) -- Part 5: Rights Expression Language, 2004. ISO/IEC standard 21000--5:2004.Google Scholar
- N. Damianou, N. Dulay, E. Lupu, and M. Sloman. The Ponder Policy Specification Language. In Proc. Workshop on Policies for Distributed Systems and Networks, pages 18--39, 1995. Google ScholarDigital Library
- G. Yee and L. Korba. Semiautomatic derivation and use of personal privacy policies in e-business. IJEBR, 1(1):54--69, 2005.Google ScholarCross Ref
- J. Young. Commitment analysis to operationalize software requirements from privacy policies. Requirements Engineering, 16:33--46, 2011. Google ScholarDigital Library
- L. Su, D. Chadwick, A. Basden, and J. Cunningham. Automated decomposition of access control policies. In Proc. 6th IEEE Intl. Workshop on Policies for Distributed Systems and Networks, pages 6--8, 2005. Google ScholarDigital Library
- A.K. Bandara, E.C. Lupu, J. Moffett, and A. Russo. A goal-based approach to policy refinement. In Proc. 5th IEEE Workshop on Policies for Distributed Systems and Networks, pages 229--239, 2004. Google ScholarDigital Library
- A. Guerrero, V.A. Villagrá, J.E. López de Vergara, A. Sánchez-Macián, and J. Berrocal. Ontology-based policy refinement using swrl rules for management information definitions in owl. In DSOM, pages 227--232, 2006. Google ScholarDigital Library
- Y.B. Udupi, A. Sahai, and S. Singhal. A classification-based approach to policy refinement. In Proc. 10th IFIP/IEEE Intl Symp. on Integrated Network Management, 2007.Google ScholarCross Ref
- T. Lodderstedt, D. Basin, and J. Doser. Secureuml: A uml-based modeling language for model-driven security. In UML, pages 426--441, 2002. Google ScholarDigital Library
- B. Aziz, A.E. Arenas, and M. Wilson. Model-based refinement of security policies in collaborative virtual organisations. ESSoS, pages 1--14, 2011. Google ScholarDigital Library
- A. Pretschner, M. Hilty, and D. Basin. Distributed usage control. Commun. ACM, 49(9):39--44, 2006. Google ScholarDigital Library
- J. Park and R. Sandhu. The UCON ABC usage control model. ACM Trans. on Information and System Security, 7(1):128--174, 2004. Google ScholarDigital Library
- X. Zhang, J. Park, F. Parisi-Presicce, and R. Sandhu. A logical specification for usage control. In Proc. SACMAT, pages 1--10, 2004. Google ScholarDigital Library
- C. O'Rourke, N. Fishman, and W. Selkow. Enterprise architecture using the Zachman Framework. Course Technology, 2003.Google Scholar
- The Open Group. TOGAF Version 9. The Open Group Architecture Framework. 2009.Google Scholar
- J. A. Zachman. A framework for information systems architecture. IBM Syst. J., 26:276--292, September 1987. Google ScholarDigital Library
- O. Kupferman and M.Y. Vardi. Model checking of safety properties. Formal Methods in System Design, 19(3):291--314, 2001. Google ScholarDigital Library
- P. Kumari. Requirements analysis for privacy in social networks. In Proc. 8th Intl. Workshop for Technical, Economic and Legal Aspects of Business Models for Virtual Goods, 2010.Google Scholar
- A. Pretschner, F. Schütz, C. Schaefer, and T. Walter. Policy evolution in distributed usage control. Electr. Notes Theor. Comput. Sci., 244:109--123, 2009. Google ScholarDigital Library
Index Terms
- Deriving implementation-level policies for usage control enforcement
Recommendations
Data usage control enforcement in distributed systems
CODASPY '13: Proceedings of the third ACM conference on Data and application security and privacyDistributed usage control is concerned with how data may or may not be used in distributed system environments after initial access has been granted. If data flows through a distributed system, there exist multiple copies of the data on different client ...
Data-centric multi-layer usage control enforcement: a social network example
SACMAT '11: Proceedings of the 16th ACM symposium on Access control models and technologiesUsage control is concerned with how data is used after access to it has been granted. Data may exist in multiple representations which potentially reside at different layers of abstraction, including operating system, window manager, application level, ...
The UCONABC usage control model
In this paper, we introduce the family of UCONABC models for usage control (UCON), which integrate Authorizations (A), oBligations (B), and Conditions (C). We call these core models because they address the essence of UCON, leaving administration, ...
Comments