Affiliation:
1. China Ship Development and Design Center
Abstract
The term usage control (UCON)[1] is a generalization of access control to cover obligations, conditions, continuity (ongoing controls) and mutability. Traditionally, access control has dealt only with authorization decisions on a subject's access to target resources, and as a consequence of access have not been systematically studied. In this paper we motivate the need for usage control, study a family of ABC models as a core model for usage control and show how it encompasses traditional access control, such as mandatory, discretionary and role-based access control,. In addition, we also discuss architectures that introduce a new reference monitor for usage control and some variations.
Publisher
Trans Tech Publications, Ltd.
Reference12 articles.
1. Park J, Sandhu R. The UCON usage control model[J]. ACM Transaction on Information and System Security, 2004, 7(1): 128-174.
2. D. Bell and L. LaPadula. Secure computer systems: Mathematical foundations and model[M]. MITRE Report, 1973, 2(2547).
3. John S. Erickson. Fair use, drm, and trusted computing[J]. Communications of the ACM, 46(4): 34-39, (2003).
4. M.H. Harrison, W.L. Ruzzo, and J.D. Ullman. Protection in operating systems[J]. Communications of the ACM, 1976, 19(8): 461-471.
5. Security frameworks for open systems: Access control framework[M]. Technical Report ISO/IEC 10181-3, ISO, (1996).