Policy Evolution in Distributed Usage Control

Usage control is a generalization of access control that also addresses how data is handled after it is released. Controlling the future usage of data includes controlling the future distribution of data. The evolution of policies upon re-distribution must hence be defined. Intuitively, clients should only strengthen policies associated with a data item when they re-distribute it. We provide a role-based re-distribution model for usage control that encompasses strengthening both rights and duties. By introducing orderings for events and parameter values we show how both rights and duties can be strengthened with the traditional abstraction of trace inclusion.

[1]  Antonio F. Gómez-Skarmeta,et al.  Delegation in Distributed Systems: Challenges and Open Issues , 2003, DEXA Workshops.

[2]  Alexander Pretschner,et al.  On Obligations , 2005, ESORICS.

[3]  Timothy W. Finin,et al.  A policy language for a pervasive computing environment , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[4]  Timothy W. Finin,et al.  Trust-Based Security in Pervasive Computing Environments , 2022 .

[5]  Jerry den Hartog,et al.  Audit-based compliance control , 2007, International Journal of Information Security.

[6]  Christian Schaefer,et al.  A Policy Language for Distributed Usage Control , 2007, ESORICS.

[7]  Alexander Pretschner,et al.  Distributed usage control , 2006, CACM.

[8]  Andrew D. Gordon,et al.  Design and Semantics of a Decentralized Authorization Language , 2007, 20th IEEE Computer Security Foundations Symposium (CSF'07).

[9]  Vijay Varadharajan,et al.  Logic-Based Reasoning on Delegatable Authorizations , 2002, ISMIS.

[10]  SandhuRavi,et al.  The UCONABC usage control model , 2004 .

[11]  Elisa Bertino,et al.  A temporal authorization model , 1994, CCS '94.

[12]  Sushil Jajodia,et al.  Provisions and Obligations in Policy Rule Management , 2003, Journal of Network and Systems Management.

[13]  Jaehong Park,et al.  Originator Control in Usage Control , 2002, POLICY.