Model-Based Policy Derivation for Usage Control

Usage control concerns how data is used post-access. In existing work on usage control enforcement, policies are assumed to exist at the implementation-level: their derivation from specification-level policies has not been looked into. The expected behavior of a usage controlled system may therefore differ from the actual behavior. This research fills this gap with a policy derivation framework that uses a model-based refinement of domain-specific abstractions, data and actions, in terms of technical constructs viz. events and states of systems.

[1]  David W. Chadwick,et al.  Automated decomposition of access control policies , 2005, Sixth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'05).

[2]  Betty H. C. Cheng,et al.  Research Directions in Requirements Engineering , 2007, Future of Software Engineering (FOSE '07).

[3]  Neha Narula,et al.  Native Client: A Sandbox for Portable, Untrusted x86 Native Code , 2009, IEEE Symposium on Security and Privacy.

[4]  Agnar Aamodt,et al.  Case-Based Reasoning: Foundational Issues, Methodological Variations, and System Approaches , 1994, AI Commun..

[5]  Itzhak Shemer,et al.  Systems analysis: a systemic analysis of a conceptual model , 1987, CACM.

[6]  Haralambos Mouratidis,et al.  A Natural Extension of Tropos Methodology for Modelling Security , 2002 .

[7]  Gordon B. Davis,et al.  Strategies for Information Requirements Determination , 1982, IBM Syst. J..

[8]  Fabio Casati,et al.  Trust-serv: model-driven lifecycle management of trust negotiation policies for web services , 2004, WWW '04.

[9]  David A. Basin,et al.  SecureUML: A UML-Based Modeling Language for Model-Driven Security , 2002, UML.

[10]  Kristen LeFevre,et al.  Privacy wizards for social networking sites , 2010, WWW '10.

[11]  Úlfar Erlingsson,et al.  SASI enforcement of security policies: a retrospective , 1999, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[12]  Alexander Pretschner,et al.  Decentralized Distributed Data Usage Control , 2014, CANS.

[13]  G. Arango Domain analysis: from art form to engineering discipline , 1989, IWSSD '89.

[14]  Lorrie Faith Cranor,et al.  Understanding and capturing people’s privacy policies in a mobile social networking application , 2009, Personal and Ubiquitous Computing.

[15]  Andreas L. Opdahl,et al.  Eliciting security requirements with misuse cases , 2000, Proceedings 37th International Conference on Technology of Object-Oriented Languages and Systems. TOOLS-Pacific 2000.

[16]  Andreas L. Opdahl,et al.  Templates for Misuse Case Description , 2001 .

[17]  Martin S. Feather Requirements reconnoitring at the juncture of domain and instance , 1993, [1993] Proceedings of the IEEE International Symposium on Requirements Engineering.

[18]  Lars Wolf,et al.  Automatic Policy Refinement Using OWLS and Semantic Infrastructure Information , 2007 .

[19]  Bruno Crispo,et al.  Extending the Java Virtual Machine to Enforce Fine-Grained Security Policies in Mobile Devices , 2007, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007).

[20]  Srdjan Capkun,et al.  On Secure Data Deletion , 2014, IEEE Secur. Priv..

[21]  Wouter Joosen,et al.  The S3MS.NET Run Time Monitor: Tool Demonstration , 2009, Electron. Notes Theor. Comput. Sci..

[22]  Andrzej Uszok,et al.  KAoS Policies for Web Services , 2004 .

[23]  Álvaro Enrique Arenas,et al.  Model-Based Refinement of Security Policies in Collaborative Virtual Organisations , 2011, ESSoS.

[24]  Joy Beatty,et al.  Experiences with a Requirements Object Model , 2009, REFSQ.

[25]  Golnaz Elahi,et al.  Security Requirements Engineering : State of the Art and Practice and Challenges , 2008 .

[26]  Christoph Bier How Usage Control and Provenance Tracking Get Together - A Data Protection Perspective , 2013, 2013 IEEE Security and Privacy Workshops.

[27]  Axel van Lamsweerde,et al.  From System Goals to Software Architecture , 2003, SFM.

[28]  Annie I. Antón,et al.  Requirements-based Access Control Analysis and Policy Specification (ReCAPS) , 2009, Inf. Softw. Technol..

[29]  Clare-Marie Karat,et al.  Usability Challenges in Security and Privacy Policy-Authoring Interfaces , 2007, INTERACT.

[30]  James P. McDermott,et al.  Attack net penetration testing , 2001, NSPW '00.

[31]  Stephen Fickas,et al.  Goal-Directed Requirements Acquisition , 1993, Sci. Comput. Program..

[32]  Christian Schaefer,et al.  A Policy Language for Distributed Usage Control , 2007, ESORICS.

[33]  Nora Koch,et al.  Modeling Secure Navigation in Web Information Systems , 2011, BIR.

[34]  Lujo Bauer,et al.  User-Controllable Security and Privacy for Pervasive Computing , 2007 .

[35]  Alexander Pretschner,et al.  State-Based Usage Control Enforcement with Data Flow Tracking using System Call Interposition , 2009, 2009 Third International Conference on Network and System Security.

[36]  George A. Miller,et al.  WordNet: A Lexical Database for English , 1995, HLT.

[37]  Dov M. Gabbay,et al.  The Declarative Past and Imperative Future: Executable Temporal Logic for Interactive Systems , 1987, Temporal Logic in Specification.

[38]  Michael Jackson,et al.  A reference model for requirements and specifications - extended abstract , 2000, Proceedings Fourth International Conference on Requirements Engineering. ICRE 2000. (Cat. No.98TB100219).

[39]  Christian Schaefer,et al.  Usage Control Enforcement: Present and Future , 2008, IEEE Security & Privacy.

[40]  Dean Povey Optimistic security: a new access control paradigm , 1999, NSPW '99.

[41]  Jaehong Park,et al.  The UCONABC usage control model , 2004, TSEC.

[42]  Alexander Pretschner,et al.  Data Loss Prevention Based on Data-Driven Usage Control , 2012, 2012 IEEE 23rd International Symposium on Software Reliability Engineering.

[43]  Emil C. Lupu,et al.  A policy deployment model for the Ponder language , 2001, 2001 IEEE/IFIP International Symposium on Integrated Network Management Proceedings. Integrated Network Management VII. Integrated Management Strategies for the New Millennium (Cat. No.01EX470).

[44]  Alexander Pretschner,et al.  Model-Based Usage Control Policy Derivation , 2013, ESSoS.

[45]  Julio Berrocal,et al.  Ontology-Based Policy Refinement Using SWRL Rules for Management Information Definitions in OWL , 2006, DSOM.

[46]  John A. Zachman,et al.  A Framework for Information Systems Architecture , 1987, IBM Syst. J..

[47]  Jorge Lobo,et al.  Decomposition techniques for policy refinement , 2010, 2010 International Conference on Network and Service Management.

[48]  Cynthia A. Phillips,et al.  A graph-based system for network-vulnerability analysis , 1998, NSPW '98.

[49]  Ian Sommerville,et al.  Requirements engineering with viewpoints , 1996, Softw. Eng. J..

[50]  Alexander Pretschner,et al.  Data usage control enforcement in distributed systems , 2013, CODASPY.

[51]  Michael Jackson,et al.  Domain descriptions , 1993, [1993] Proceedings of the IEEE International Symposium on Requirements Engineering.

[52]  Orna Kupferman,et al.  Model Checking of Safety Properties , 1999, CAV.

[53]  Julian Hendrik Schütte Security Policies in Pervasive Systems , 2013 .

[54]  Alexander Pretschner,et al.  Data-centric multi-layer usage control enforcement: a social network example , 2011, SACMAT '11.

[55]  Marjo Kauppinen,et al.  Bridging the Gap between User Needs and User Requirements , 2001 .

[56]  Andrew P. Moore,et al.  Attack Modeling for Information Security and Survivability , 2001 .

[57]  Ian K. Bray,et al.  An Introduction to Requirements Engineering , 2002 .

[58]  A. Odlyzko,et al.  Internet growth: is there a Moore's law for data traffic? , 2000 .

[59]  Enrico Lovat,et al.  Cross-Layer Data-Centric Usage Control , 2014, ESSoS Doctoral Symposium.

[60]  Alexander Pretschner,et al.  Flexible Data-Driven Security for Android , 2012, 2012 IEEE Sixth International Conference on Software Security and Reliability.

[61]  Alexander Pretschner,et al.  Distributed usage control , 2006, CACM.

[62]  Alexander Pretschner,et al.  Representation-Independent Data Usage Control , 2011, DPM/SETOP.

[63]  Birgit Penzenstadler Tackling Automotive Challenges with an Integrated RE & Design Artifact Model , 2008, OTM Workshops.

[64]  Joaquin Miller,et al.  MDA Guide Version 1.0.1 , 2003 .

[65]  Jan Jürjens,et al.  UMLsec: Extending UML for Secure Systems Development , 2002, UML.

[66]  Alexander Pretschner,et al.  Distributed data usage control for web applications: a social network implementation , 2011, CODASPY '11.

[67]  Alexander Pretschner,et al.  Towards a policy enforcement infrastructure for distributed usage control , 2012, SACMAT '12.

[68]  Christian Schaefer,et al.  Mechanisms for usage control , 2008, ASIACCS '08.

[69]  Alexander Pretschner,et al.  Automated Translation of End User Policies for Usage Control Enforcement , 2015, DBSec.

[70]  Pamela Zave,et al.  Deriving Specifications from Requirements: an Example , 1995, 1995 17th International Conference on Software Engineering.

[71]  Akhil Sahai,et al.  A Classification-Based Approach to Policy Refinement , 2007, 2007 10th IFIP/IEEE International Symposium on Integrated Network Management.

[72]  Axel van Lamsweerde,et al.  Formal refinement patterns for goal-driven requirements elaboration , 1996, SIGSOFT '96.

[73]  Morris Sloman,et al.  Policies Hierarchies for Distributed Systems Management , 1993, IEEE J. Sel. Areas Commun..

[74]  John P. McDermott,et al.  Using abuse case models for security requirements analysis , 1999, Proceedings 15th Annual Computer Security Applications Conference (ACSAC'99).

[75]  Christian Schaefer,et al.  Policy Evolution in Distributed Usage Control , 2009, STM@IFIPTM.

[76]  Markus Schumacher,et al.  Security Engineering with Patterns: Origins, Theoretical Models, and New Applications , 2003 .

[77]  Derek Babb User requirements for security in wireless mobile systems , 2004, Inf. Secur. Tech. Rep..

[78]  Bruno Crispo,et al.  xESB: An Enterprise Service Bus for Access and Usage Control Policy Enforcement , 2010, IFIPTM.

[79]  Grigore Rosu,et al.  Efficient monitoring of safety properties , 2004, International Journal on Software Tools for Technology Transfer.

[80]  Emil C. Lupu,et al.  Tools for domain-based policy management of distributed systems , 2002, NOMS 2002. IEEE/IFIP Network Operations and Management Symposium. ' Management Solutions for the New Communications World'(Cat. No.02CH37327).

[81]  James E. Rumbaugh,et al.  Getting Started: Using Use Cases to Capture Requirements , 1994, J. Object Oriented Program..

[82]  Jessica D. Young Commitment analysis to operationalize software requirements from privacy policies , 2010, Requirements Engineering.

[83]  Pankaj Jalote,et al.  An Integrated Approach to Software Engineering , 1991, Springer Compass International.

[84]  Sabrina De Capitani di Vimercati,et al.  Access Control Policies, Models, and Mechanisms , 2011, Encyclopedia of Cryptography and Security.

[85]  David Sands,et al.  Declassification: Dimensions and principles , 2009, J. Comput. Secur..

[86]  Christian Schaefer,et al.  Usage Control Enforcement with Data Flow Tracking for X11 , 2009, STM 2009.

[87]  Xin Jin,et al.  A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC , 2012, DBSec.

[88]  Neil A. M. Maiden,et al.  Bridging the requirements gap: policies, goals and domains , 1993, Proceedings of 1993 IEEE 7th International Workshop on Software Specification and Design.

[89]  Paris Flegkas,et al.  Using linear temporal model checking for goal-oriented policy refinement frameworks , 2005, Sixth IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'05).

[90]  Taufiq Rochaeli,et al.  An automated policy refinement process supported by expert knowledge , 2009 .

[91]  Christopher Alexander,et al.  The Timeless Way of Building , 1979 .

[92]  Mary Shaw,et al.  Software architecture - perspectives on an emerging discipline , 1996 .

[93]  Alexander Pretschner,et al.  Deriving implementation-level policies for usage control enforcement , 2012, CODASPY '12.

[94]  Mark Strembeck,et al.  A scenario-driven role engineering process for functional RBAC roles , 2002, SACMAT '02.

[95]  John Wilander,et al.  Security Requirements---A Field Study of Current Practice , 2005 .

[96]  Emil C. Lupu,et al.  The Ponder Policy Specification Language , 2001, POLICY.

[97]  Jaehong Park,et al.  A logical specification for usage control , 2004, SACMAT '04.

[98]  Renato Ianella Open Digital Rights Language (ODRL) , 2007 .

[99]  Christiane Fellbaum,et al.  Book Reviews: WordNet: An Electronic Lexical Database , 1999, CL.

[100]  Alexander Gruler,et al.  Modeling the Functionality of Multi-Functional Software Systems , 2007, 14th Annual IEEE International Conference and Workshops on the Engineering of Computer-Based Systems (ECBS'07).

[101]  Cataldo Basile,et al.  Ontology-Based Policy Translation , 2009, CISIS.

[102]  Ravi S. Sandhu,et al.  Lattice-based access control models , 1993, Computer.

[104]  Bashar Nuseibeh,et al.  Requirements engineering: a roadmap , 2000, ICSE '00.

[105]  Alessandra Russo,et al.  A goal-based approach to policy refinement , 2004, Proceedings. Fifth IEEE International Workshop on Policies for Distributed Systems and Networks, 2004. POLICY 2004..

[106]  Saharon Shelah,et al.  On the temporal analysis of fairness , 1980, POPL '80.

[107]  Bernhard Schätz,et al.  AutoMoDe - model-based development of automotive software , 2005, Design, Automation and Test in Europe.

[108]  Frank Piessens,et al.  Security Monitor Inlining for Multithreaded Java , 2009, ECOOP.

[109]  Carol O'Rourke,et al.  Enterprise Architecture Using the Zachman Framework , 2003 .

[110]  Marco Casassa Mont,et al.  POWER prototype: towards integrated policy-based management , 2000, NOMS 2000. 2000 IEEE/IFIP Network Operations and Management Symposium 'The Networked Planet: Management Beyond 2000' (Cat. No.00CB37074).

[111]  Paul R. Ashley,et al.  Enterprise Privacy Authorization Language , 2003 .

[112]  Enrico Lovat,et al.  Structure Matters - A New Approach for Data Flow Tracking , 2014, 2014 IEEE Security and Privacy Workshops.

[113]  Ralph Johnson,et al.  design patterns elements of reusable object oriented software , 2019 .

[114]  Michael Jackson,et al.  The meaning of requirements , 1997, Ann. Softw. Eng..

[115]  Prachi Kumari,et al.  Requirements Analysis for Privacy in Social Networks , 2010 .

[116]  Jaehong Park,et al.  Towards usage control models: beyond traditional access control , 2002, SACMAT '02.

[117]  Ricardo Neisse,et al.  Model-based specification and refinement of usage control policies , 2013, 2013 Eleventh Annual Conference on Privacy, Security and Trust.

[118]  George Yee,et al.  Semiautomatic Derivation and Use of Personal Privacy Policies in E-Business , 2005, Int. J. E Bus. Res..

[119]  Gary McGraw,et al.  Exploiting Software: How to Break Code , 2004 .

[120]  Alexander Pretschner,et al.  Data protection in heterogeneous distributed systems: A smart meter example , 2011, GI-Jahrestagung.

[121]  Alexander Pretschner An Overview of Distributed Usage Control , 2009 .

[122]  Nora Koch,et al.  MagicUWE - A CASE Tool Plugin for Modeling Web Applications , 2009, ICWE.

[123]  Kathryn L. Heninger Specifying Software Requirements for Complex Systems: New Techniques and Their Application , 2001, IEEE Transactions on Software Engineering.

[124]  Nora Koch,et al.  Towards model-driven development of access control policies for web applications , 2012, MDsec '12.

[125]  Shari Lawrence Pfleeger,et al.  A framework for security requirements , 1991, Comput. Secur..

[126]  Nary Subramanian,et al.  Transforming Functional Requirements from UML into BPEL to Efficiently Develop SOA-Based Systems , 2009, OTM Workshops.