Abstract
In this paper, a new Use-based usage CONtrol (UseCON) approach that supports recording of usages with the help of a new entity, named use, is presented. Uses provide information for the latest state (requested, active, denied, completed or terminated) of every usage and facilitate the fine-grained definition and proper association of attributes to various system entities. The proposed approach provides enhanced contextual information modeling, support of complicated access modes and an alternative approach in obligations modeling. Moreover, UseCON is characterized by high expressiveness and ability to define policy rules in almost natural language.
Chapter PDF
Similar content being viewed by others
Keywords
References
Grompanopoulos, C., Mavridis, I.: Towards differentiated utilization of attribute mutability for access control in ubiquitous computing. In: Panhellenic Conference on Informatics, pp. 118–123 (2010)
Katt, B., Zhang, X., Breu, R., Hafner, M., Seifert, J.P.: A general obligation model and continuity: enhanced policy enforcement engine for usage control. In: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, SACMAT 2008, pp. 123–132. ACM, New York (2008)
Park, J., Sandhu, R.: The ucon abc usage control model. ACM Transactions on Information and System Security 7, 128–174 (2004)
Thomas, R.K., Sandhu, R.: Models, protocols, and architectures for secure pervasive computing: Challenges and research directions. In: Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops, PERCOMW 2004, pp. 164–170. IEEE Computer Society, Washington, DC (2004)
Zhang, X., Parisi-Presicce, F., Sandhu, R., Park, J.: Formal model and policy specification of usage control. ACM Transactions on Information and System Security 8(4), 351–387 (2005)
Zhang, X., Sandhu, R., Parisi-Presicce, F.: Safety analysis of usage control authorization models. In: Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security, ASIACCS 2006, pp. 243–254. ACM, New York (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 IFIP International Federation for Information Processing
About this paper
Cite this paper
Grompanopoulos, C., Mavridis, I. (2012). Towards Use-Based Usage Control. In: Gritzalis, D., Furnell, S., Theoharidou, M. (eds) Information Security and Privacy Research. SEC 2012. IFIP Advances in Information and Communication Technology, vol 376. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-30436-1_53
Download citation
DOI: https://doi.org/10.1007/978-3-642-30436-1_53
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-30435-4
Online ISBN: 978-3-642-30436-1
eBook Packages: Computer ScienceComputer Science (R0)