A general obligation model and continuity: enhanced policy enforcement engine for usage control

The usage control model (UCON) has been proposed to augment traditional access control models by integrating authorizations, obligations, and conditions and providing the properties of decision continuity and attribute mutability. Several recent work have applied UCON to support security requirements in different computing environments such as resource sharing in collaborative computing systems and data control in remote platforms. In this paper we identify two individual but interrelated problems of the original UCON model and recent implementations: oversimplifying the concept of usage session of the model, and the lack of comprehensive ongoing enforcement mechanism of implementations. We extend the core UCON model with continuous usage sessions thus extensively augment the expressiveness of obligations in UCON, and then propose a general, continuity-enhanced and configurable usage control enforcement engine. Finally we explain how our approach can satisfy flexible security requirements with an implemented prototype for a healthcare information system.

[1]  Jaehong Park,et al.  Attribute Mutability in Usage Control , 2004, DBSec.

[2]  Alexander Pretschner,et al.  Usage Control in Service-Oriented Architectures , 2007, TrustBus.

[3]  Sushil Jajodia,et al.  Obligation monitoring in policy management , 2002, Proceedings Third International Workshop on Policies for Distributed Systems and Networks.

[4]  Jaehong Park,et al.  Formal model and policy specification of usage control , 2005, TSEC.

[5]  Jean-Pierre Seifert,et al.  A technical architecture for enforcing usage control requirements in service-oriented architectures , 2007, SWS '07.

[6]  Ravi S. Sandhu,et al.  Peer-to-peer access control architecture using trusted computing technology , 2005, SACMAT '05.

[7]  Jaehong Park,et al.  Usage Control: A Vision for Next Generation Access Control , 2003, MMM-ACNS.

[8]  Sushil Jajodia,et al.  Provisions and Obligations in Policy Management and Security Applications , 2002, VLDB.

[9]  Ravi S. Sandhu,et al.  A usage-based authorization framework for collaborative computing systems , 2006, SACMAT '06.

[10]  Ronggong Song,et al.  Ensuring privacy for e-health services , 2006, First International Conference on Availability, Reliability and Security (ARES'06).

[11]  Alexander Pretschner,et al.  Distributed usage control , 2006, CACM.

[12]  Michael Hafner,et al.  Modeling and Enforcing Advanced Access Control Policies in Healthcare Systems with Sectet , 2008, MoDELS.

[13]  Trent Jaeger,et al.  Attestation-based policy enforcement for remote access , 2004, CCS '04.

[14]  Gerald Vogt Multiple authorization: a model and architecture for increased, practical security , 2003, IFIP/IEEE Eighth International Symposium on Integrated Network Management, 2003..

[15]  R. Sandhu,et al.  The UCON ABC Usage Control Model JAEHONG , 2004 .

[16]  Paulo Ferreira,et al.  Obligation policies: an enforcement platform , 2005, Sixth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'05).

[17]  Ting Yu,et al.  On the modeling and analysis of obligations , 2006, CCS '06.

[18]  Emil C. Lupu,et al.  The Ponder Policy Specification Language , 2001, POLICY.

[19]  Christian Schaefer,et al.  A Policy Language for Distributed Usage Control , 2007, ESORICS.

[20]  Ravi S. Sandhu,et al.  Secure information sharing enabled by Trusted Computing and PEI models , 2006, ASIACCS '06.

[21]  Sushil Jajodia,et al.  Provisions and Obligations in Policy Rule Management , 2003, Journal of Network and Systems Management.

[22]  André Zúquete,et al.  SPL: An Access Control Language for Security Policies and Complex Constraints , 2001, NDSS.

[23]  Carlos Ribeiro,et al.  A scalable history-based policy engine , 2006, Seventh IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'06).

[24]  Alexander Pretschner,et al.  On Obligations , 2005, ESORICS.

[25]  Jaehong Park,et al.  Towards usage control models: beyond traditional access control , 2002, SACMAT '02.

[26]  Trent Jaeger,et al.  Design and Implementation of a TCG-based Integrity Measurement Architecture , 2004, USENIX Security Symposium.