论文信息 - Architecture, Workflows, and Prototype for Stateful Data Usage Control in Cloud

Architecture, Workflows, and Prototype for Stateful Data Usage Control in Cloud

This paper deals with the problem of continuous usage control of multiple copies of data objects in distributed systems. This work defines an architecture, a set of workflows, a set of policies and an implementation for the distributed enforcement. The policies, besides including access and usage rules, also specify the parties that will be involved in the decision process. Indeed, the enforcement requires collaboration of several entities because the access decision might be evaluated on one site, enforced on another, and the attributes needed for the policy evaluation might be stored in many distributed locations.

[1] Alexander Pretschner,et al. Distributed usage control , 2006, CACM.

[2] Fabio Martinelli,et al. Usage Control on Cloud systems , 2016, Future Gener. Comput. Syst..

[3] Gregory Neven,et al. Downstream Usage Control , 2010, POLICY.

[4] Leon Gommans,et al. AAA Authorization Framework , 2000, RFC.

[5] Jaehong Park,et al. Formal model and policy specification of usage control , 2005, TSEC.

[6] Tal Garfinkel,et al. Terra: a virtual machine-based platform for trusted computing , 2003, SOSP '03.

[7] Fabio Martinelli,et al. A Prototype for Enforcing Usage Control Policies Based on XACML , 2012, TrustBus.

[8] Alexander Pretschner,et al. Data usage control enforcement in distributed systems , 2013, CODASPY.

[9] Fabio Martinelli,et al. Usage control in computer security: A survey , 2010, Comput. Sci. Rev..

[10] Jaehong Park,et al. A provenance-based access control model , 2012, 2012 Tenth Annual International Conference on Privacy, Security and Trust.

[11] David W. Chadwick,et al. Providing secure coordinated access to grid services , 2006, MCG '06.

[12] Jaehong Park,et al. Towards usage control models: beyond traditional access control , 2002, SACMAT '02.

[13] Fabio Martinelli,et al. A Proposal on Enhancing XACML with Continuous Usage Control Features , 2009, CoreGRID@Euro-Par.

[14] Patrick Valduriez,et al. Principles of Distributed Database Systems , 1990 .