research-article

Data Usage Control for Distributed Systems

Authors:
Florian Kelbert

Imperial College London, London, United Kingdom

Imperial College London, London, United Kingdom
View Profile

,
Alexander Pretschner

Technical University of Munich, Boltzmannstrasse, Germany

Technical University of Munich, Boltzmannstrasse, Germany
View Profile

Authors Info & Claims

ACM Transactions on Privacy and Security Volume 21 Issue 3Article No.: 12pp 1–32https://doi.org/10.1145/3183342

Published:16 April 2018Publication History

ACM Transactions on Privacy and Security

Abstract

Data usage control enables data owners to enforce policies over how their data may be used after they have been released and accessed. We address distributed aspects of this problem, which arise if the protected data reside within multiple systems. We contribute by formalizing, implementing, and evaluating a fully decentralized system that (i) generically and transparently tracks protected data across systems, (ii) propagates data usage policies along, and (iii) efficiently and preventively enforces policies in a decentralized manner. The evaluation shows that (i) dataflow tracking and policy propagation achieve a throughput of 21--54% of native execution and (ii) decentralized policy enforcement outperforms a centralized approach in many situations.

References

Berthold Agreiter, Muhammad Alam, Ruth Breu, Michael Hafner, Alexander Pretschner, Jean-Pierre Seifert, and Xinwen Zhang. 2007. A technical architecture for enforcing usage control requirements in service-oriented architectures. In Proceedings of the Workshop on Secure Web Services. ACM, 18--25. Google ScholarDigital Library
Ali Alzahrani, Helge Janicke, and Sarshad Abubaker. 2010. Decentralized XACML overlay network. In Proceedings of the IEEE 10th International Conference on Computer and Information Technology. 1032--1037. Google ScholarDigital Library
David Basin, Germano Caronni, Sarah Ereth, Matúš Harvan, Felix Klaedtke, and Heiko Mantel. 2014. Scalable offline monitoring. In Runtime Verification. LNCS, Vol. 8734. Springer, 31--47.Google Scholar
David Basin, Matúš Harvan, Felix Klaedtke, and Eugen Zălinescu. 2013. Monitoring data usage in distributed systems. IEEE Trans. Softw. Eng. 39, 10 (2013), 1403--1426. Google ScholarDigital Library
David Basin, Felix Klaedtke, Samuel Müller, and Eugen Zălinescu. 2015. Monitoring metric first-order temporal properties. J. ACM 62, 2, Article 15 (2015), 15:1--15:45 pages. Google ScholarDigital Library
Andreas Bauer and Yliès Falcone. 2012. Decentralised LTL monitoring. In Proceedings of the Conference on Formal Methods (FM’12). LNCS, Vol. 7436. Springer, 85--100.Google ScholarCross Ref
David W. Chadwick, Linying Su, and Romain Laborde. 2008. Coordinating access control in grid services. Concurr. Comput.: Pract. Exp. 20, 9 (2008), 1071--1094. Google ScholarDigital Library
Yu-Yuan Chen, Pramod A. Jamkhedkar, and Ruby B. Lee. 2012. A software-hardware architecture for self-protecting data. In Proceedings of the Conference on Computer and Communications Security. ACM, 14--27. Google ScholarDigital Library
Isao Echizen, Takayuki Yamada, and Seiichi Gohshi. 2015. IR Hiding: Use of Specular Reflection for Short-Wavelength-Pass-Filter Detection to Prevent Re-recording of Screen Images. Springer, 38--54.Google Scholar
Denis Feth and Alexander Pretschner. 2012. Flexible data-driven security for android. In Proceedings of the 6th International Conference on Software Security and Reliability. 41--50. Google ScholarDigital Library
Richard Gay, Heiko Mantel, and Barbara Sprick. 2012. Service automata. In Formal Aspects of Security and Trust. LNCS, Vol. 7140. Springer, 148--163. Google ScholarDigital Library
Matús Harvan and Alexander Pretschner. 2009. State-based usage control enforcement with data flow tracking using system call interposition. In Proceedings of the 3rd International Conference on Network and System Security. 373--380. Google ScholarDigital Library
Boniface Hicks, Sandra Rueda, Dave King, Thomas Moyer, Joshua Schiffman, Yogesh Sreenivasan, Patrick McDaniel, and Trent Jaeger. 2010. An architecture for enforcing end-to-end access control over web applications. In Proceedings of the 15th ACM Symposium on Access Control Models and Technologies. ACM, 163--172. Google ScholarDigital Library
Manuel Hilty, David Basin, and Alexander Pretschner. 2005. On obligations. In Proceedings of the European Symposium on Research in Computer Security (ESORICS’05). LNCS, Vol. 3679. Springer, 98--117. Google ScholarDigital Library
Manuel Hilty, Alexander Pretschner, David Basin, Christian Schaefer, and Thomas Walter. 2007. A policy language for distributed usage control. In Proceedings of the European Symposium on Research in Computer Security (ESORICS’07). LNCS, Vol. 4734. Springer, 531--546. Google ScholarDigital Library
Renato Iannella. 2000. Open Digital Rights Management. Technical Report. IPR Systems Pty Ltd.Google Scholar
Helge Janicke, Antonio Cau, François Siewe, and Hussein Zedan. 2008. Concurrent enforcement of usage control policies. In Proceedings of the IEEE Workshop on Policies for Distributed Systems and Networks. 111--118. Google ScholarDigital Library
Helge Janicke, Mohamed Sarrab, and Hamza Aldabbas. 2012. Controlling data dissemination. In Data Privacy Management and Autonomous Spontaneus Security. LNCS, Vol. 7122. Springer, 303--309. Google ScholarDigital Library
Florian Kelbert. 2016. Data Usage Control for Distributed Systems. Ph. D. Dissertation. Technical University of Munich, Garching b. München, Germany.Google Scholar
Florian Kelbert and Alexander Pretschner. 2013. Data usage control enforcement in distributed systems. In Proceedings of the 3rd ACM Conference on Data and Application Security and Privacy. ACM, 71--82. Google ScholarDigital Library
Florian Kelbert and Alexander Pretschner. 2014. Decentralized distributed data usage control. In Cryptology and Network Security. LNCS, Vol. 8813. Springer, 353--369. Google ScholarDigital Library
Florian Kelbert and Alexander Pretschner. 2015. A fully decentralized data usage control enforcement infrastructure. In Applied Cryptography and Network Security. LNCS, Vol. 9092. Springer, 409--430.Google Scholar
Rob H. Koenen, Jack Lacy, Michael Mackay, and Steve Mitchell. 2004. The long march to interoperable digital rights management. Proc. IEEE 92, 6 (2004), 883--897.Google ScholarCross Ref
Paul Kranenburg and Dmitry Levin. 2015. strace. Retrieved from http://sourceforge.net/projects/strace/.Google Scholar
Prachi Kumari and Alexander Pretschner. 2013. Model-based usage control policy derivation. In Engineering Secure Software and Systems. LNCS, Vol. 7781. Springer. Google ScholarDigital Library
Prachi Kumari, Alexander Pretschner, Jonas Peschla, and Jens-Michael Kuhn. 2011. Distributed data usage control for web applications: A social network implementation. In Proceedings of the 1st ACM Conference on Data and Application Security and Privacy. ACM, 85--96. Google ScholarDigital Library
David Kyle and José Carlos Brustoloni. 2007. UCLinux: A linux security module for trusted-computing-based usage controls enforcement. In Proceedings of the Workshop on Scalable Trusted Computing. ACM, 63--70. Google ScholarDigital Library
Aliaksandr Lazouski, Gaetano Mancini, Fabio Martinelli, and Paolo Mori. 2014. Architecture, workflows, and prototype for stateful data usage control in cloud. In Proceedings of the IEEE Security 8 Privacy Workshops. 23--30. Google ScholarDigital Library
Orna Lichtenstein, Amir Pnueli, and Lenore Zuck. 1985. The glory of the past. In Logics of Programs. LNCS, Vol. 193. Springer, 196--218. Google ScholarDigital Library
Daniel Lienert. 2012. Distributed Usage Control for the MySQL Database Server. Master’s thesis. Karlsruhe Institute of Technology, Germany.Google Scholar
Qiong Liu, Reihaneh Safavi-Naini, and Nicholas Paul Sheppard. 2003. Digital rights management for content distribution. In Proceedings of the Australasian Information Security Workshop Conference on ACSW Frontiers 2003 - Volume 21. Australian Computer Society, 49--58. Google ScholarDigital Library
Michael Lörscher. 2012. Data Usage Control for the Thunderbird Mail Client. Master’s thesis. University of Kaiserslautern, Germany.Google Scholar
Enrico Lovat and Florian Kelbert. 2014. Structure matters—a new approach for data flow tracking. In Proceedings of the IEEE Security and Privacy Workshops. Google ScholarDigital Library
Enrico Lovat, Martín Ochoa, and Alexander Pretschner. 2016. Sound and precise cross-layer data flow tracking. In Proceedings of the 8th International Symposium on Engineering Secure Software and Systems. Springer, 38--55. Google ScholarDigital Library
Enrico Lovat, Johan Oudinet, and Alexander Pretschner. 2014. On quantitative dynamic data flow tracking. In Proceedings of the 4th ACM Conference on Data and Application Security and Privacy. ACM, 211--222. Google ScholarDigital Library
Andrew C. Myers and Barbara Liskov. 1997. A decentralized model for information flow control. SIGOPS Oper. Syst. Rev. 31, 5 (Oct. 1997), 129--142. Google ScholarDigital Library
Ricardo Neisse, Dominik Holling, and Alexander Pretschner. 2011a. Implementing trust in cloud infrastructures. In Proceedings of the 11th International Symposium on Cluster, Cloud and Grid Computing. IEEE, 524--533. Google ScholarDigital Library
Ricardo Neisse, Alexander Pretschner, and Valentina Di Giacomo. 2011b. A trustworthy usage control enforcement framework. In Proceedings of the 6th International Conference on Availability, Reliability and Security. 230--235. Google ScholarDigital Library
Ioannis Papagiannis and Peter Pietzuch. 2012. CloudFilter: Practical control of sensitive data propagation to the cloud. In Proceedings of the Workshop on Cloud Computing Security Workshop. ACM, 97--102. Google ScholarDigital Library
Jaehong Park and Ravi Sandhu. 2004. The UCONABC usage control model. ACM Trans. Inf. Syst. Secur. 7, 1 (2004), 128--174. Google ScholarDigital Library
Alexander Pretschner, Matthias Büchler, Matúš Harvan, Christian Schaefer, and Thomas Walter. 2009. Usage control enforcement with data flow tracking for X11. In Proceedings of the 5th International Workshop on Security and Trust Management (STM’09).Google Scholar
Alexander Pretschner, Manuel Hilty, and David Basin. 2006. Distributed usage control. Commun. ACM 49, 9 (2006), 39--44. Google ScholarDigital Library
Alexander Pretschner, Manuel Hilty, David Basin, Christian Schaefer, and Thomas Walter. 2008. Mechanisms for usage control. In Proceedings of the Symposium on Information, Computer and Communications Security. ACM, 5. Google ScholarDigital Library
Alexander Pretschner, Enrico Lovat, and Matthias Büchler. 2012. Representation-independent data usage control. In Data Privacy Management and Autonomous Spontaneus Security. LNCS, Vol. 7122. Springer. Google ScholarDigital Library
Alexander Pretschner, Fabio Massacci, and Manuel Hilty. 2007. Usage control in service-oriented architectures. In Trust, Privacy and Security in Digital Business. LNCS, Vol. 4657. Springer, 83--93. Google ScholarDigital Library
Giovanni Russello and Naranker Dulay. 2009. xDUCON: Coordinating usage control policies in distributed domains. In Third International Conference on Network and System Security. 246--253. Google ScholarDigital Library
Gelareh Taban, Alvaro A. Cárdenas, and Virgil D. Gligor. 2006. Towards a secure and interoperable DRM architecture. In Proceedings of the ACM Workshop on Digital Rights Management. ACM, 69--78. Google ScholarDigital Library
Danan Thilakanathan, Rafael Calvo, Shiping Chen, and Surya Nepal. 2013. Secure and controlled sharing of data in distributed computing. In Proceedings of the 16th International Conference on Computational Science and Engineering. 825--832. Google ScholarDigital Library
Tobias Wüchner and Alexander Pretschner. 2012. Data loss prevention based on data-driven usage control. In Proceedings of the IEEE 23rd International Symposium on Software Reliability Engineering. 151--160. Google ScholarDigital Library
Nickolai Zeldovich, Silas Boyd-Wickizer, and David Mazières. 2008. Securing distributed systems with information flow control. In Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation. Google ScholarDigital Library
Olive Qing Zhang, Markus Kirchberg, Ryan K. L. Ko, and Bu Sung Lee. 2011. How to track your data: The case for cloud computing provenance. In Proceedings of the 3rd International Conference on Cloud Computing Technology and Science. Google ScholarDigital Library
Qing Zhang, John McCullough, Justin Ma, Nabil Schear, Michael Vrable, Amin Vahdat, Alex C. Snoeren, Geoffrey M. Voelker, and Stefan Savage. 2010. Neon: System support for derived data management. In Proceedings of the 6th ACM International Conference on Virtual Execution Environments. ACM, 63--74. Google ScholarDigital Library
Xinwen Zhang, Jean-Pierre Seifert, and Ravi Sandhu. 2008. Security enforcement model for distributed usage control. Proceedings of the International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing. 10--18. Google ScholarDigital Library

Index Terms

Data Usage Control for Distributed Systems
1. Security and privacy

Recommendations

Data usage control enforcement in distributed systems
CODASPY '13: Proceedings of the third ACM conference on Data and application security and privacy

Distributed usage control is concerned with how data may or may not be used in distributed system environments after initial access has been granted. If data flows through a distributed system, there exist multiple copies of the data on different client ...
Read More
Distributed data usage control for web applications: a social network implementation
CODASPY '11: Proceedings of the first ACM conference on Data and application security and privacy

Usage control is concerned with how data is used after access to it has been granted. Respective enforcement mechanisms need to be implemented at different layers of abstraction in order to monitor or control data at and across all these layers. We ...
Read More
A posteriori compliance control
SACMAT '07: Proceedings of the 12th ACM symposium on Access control models and technologies

While preventative policy enforcement mechanisms can provide theoretical guarantees that policy is correctly enforced, they have limitations in practice. They are inflexible when unanticipated circumstances arise, and most are either inflexible with ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
ACM Transactions on Privacy and Security Volume 21, Issue 3
August 2018
157 pages
ISSN:2471-2566
EISSN:2471-2574
DOI:10.1145/3208360
Editor:
David Basin
ETH Zurich, Switzerland
Issue’s Table of Contents
Copyright © 2018 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 16 April 2018
- Accepted: 1 January 2018
- Revised: 1 October 2017
- Received: 1 April 2016
Published in tops Volume 21, Issue 3

Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
Data usage control
data protection
dataflow tracking
distributed systems
policy enforcement
privacy
security
Qualifiers
- research-article
- Research
- Refereed
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 16
  Total Citations
  View Citations
- 565
  Total Downloads
- Downloads (Last 12 months)45
- Downloads (Last 6 weeks)1
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Data Usage Control for Distributed Systems

ACM Transactions on Privacy and Security

Abstract

References

Cited By

Index Terms

Recommendations

Data usage control enforcement in distributed systems

Distributed data usage control for web applications: a social network implementation

A posteriori compliance control