2014 | OriginalPaper | Buchkapitel
Obligation Based Access Control
verfasst von : Laurent Gomez, Slim Trabelsi
Erschienen in: On the Move to Meaningful Internet Systems: OTM 2014 Workshops
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
Access control systems can be categorized in two classes: stateless or stateful. While stateless access control systems consider only current state of the system for access decision, stateful access control integrates past and current state of the system. The state of the system can change depending on the way how resources were used. We also observe that stateful access control systems strongly rely on centralised state monitoring infrastructure. In the context of distributed systems, state monitoring is very difficult to achieve, both for security and technical reasons. In this paper, we propose to use obligation execution proof to evaluate current distributed system state. Data usage conditions are defined as obligations expressing the actions that must be executed before or after granted access. In this paper, we aim at fostering distributed access control enforcement relying on certified obligations.