A Trustworthy Usage Control Enforcement Framework

Author:

Neisse Ricardo1,Pretschner Alexander2,Di Giacomo Valentina3

Affiliation:

1. Information Systems Quality (ISQ), Fraunhofer IESE, Kaiserslautern, Germany

2. Department of Computer Science, TU München, Garching, Germany

3. Engineering Ingegneria Informatica, Rome, Italy

Abstract

Usage control policies specify restrictions on the handling of data after access has been granted. The authors present the design and implementation of a framework for enforcing usage control requirements and demonstrate its genericity by instantiating it to two different levels of abstraction, those of the operating system and an enterprise service bus. This framework consists of a policy language, an automatic conversion of policies into enforcement mechanisms, and technology implemented on the grounds of trusted computing technology that makes it possible to detect tampering with the infrastructure. The authors show how this framework can, among other things, be used to enforce separation-of-duty policies. The authors provide a performance analysis.

Publisher

IGI Global

Subject

Computer Networks and Communications

Reference25 articles.

1. Apache. (2011). The apache software foundation - ServiceMix. Retrieved from http://servicemix.apache.org

2. Dax, C., Klaedtke, F., & Lange, M. (2009). On regular temporal logics with past. In Proceedings of the 36th International Colloquium on Automata, Languages and Programming: Part ii (icalp). Berlin, Heidelberg, Germany: Springer-Verlag.

3. Finney, H. (2011). Privacy ca. Retrieved from http://www.privacyca.com

4. Garfinkel, T. (2003). Traps and pitfalls: Practical problems in system call interposition based security tools. In Proceedings of the Network and Distributed Systems Security Symposium.

5. Gheorghe, G., Neuhaus, S., & Crispo, B. (2010, Jun). xESB: An enterprise service bus for access and usage control policy enforcement. In the Proceedings of the Fourth International Conference on Trust Management (ifiptm10).

Cited by 4 articles. 订阅此论文施引文献 订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献

1. Concurrent History-based Usage Control Policies;Proceedings of the 5th International Conference on Model-Driven Engineering and Software Development;2017

2. Usage Control on Cloud systems;Future Generation Computer Systems;2016-10

3. SecKit: A Model-based Security Toolkit for the Internet of Things;Computers & Security;2015-10

4. Der Secure Data Container (SDC);Datenbank-Spektrum;2015-06-23

同舟云学术

1.学者识别学者识别

2.学术分析学术分析

3.人才评估人才评估

"同舟云学术"是以全球学者为主线,采集、加工和组织学术论文而形成的新型学术文献查询和分析系统,可以对全球学者进行文献检索和人才价值评估。用户可以通过关注某些学科领域的顶尖人物而持续追踪该领域的学科进展和研究前沿。经过近期的数据扩容,当前同舟云学术共收录了国内外主流学术期刊6万余种,收集的期刊论文及会议论文总量共计约1.5亿篇,并以每天添加12000余篇中外论文的速度递增。我们也可以为用户提供个性化、定制化的学者数据。欢迎来电咨询!咨询电话:010-8811{复制后删除}0370

www.globalauthorid.com

TOP

Copyright © 2019-2024 北京同舟云网络信息技术有限公司
京公网安备11010802033243号  京ICP备18003416号-3