The UCONABC usage control model

J Park, R Sandhu - ACM transactions on information and system security …, 2004 - dl.acm.org
ACM transactions on information and system security (TISSEC), 2004dl.acm.org
In this paper, we introduce the family of UCONABC models for usage control (UCON), which
integrate Authorizations (A), oBligations (B), and Conditions (C). We call these core models
because they address the essence of UCON, leaving administration, delegation, and other
important but second-order issues for later work. The term usage control is a generalization
of access control to cover authorizations, obligations, conditions, continuity (ongoing
controls), and mutability. Traditionally, access control has dealt only with authorization …
In this paper, we introduce the family of UCONABC models for usage control (UCON), which integrate Authorizations (A), oBligations (B), and Conditions (C). We call these core models because they address the essence of UCON, leaving administration, delegation, and other important but second-order issues for later work. The term usage control is a generalization of access control to cover authorizations, obligations, conditions, continuity (ongoing controls), and mutability. Traditionally, access control has dealt only with authorization decisions on users' access to target resources. Obligations are requirements that have to be fulfilled by obligation subjects for allowing access. Conditions are subject and object independent environmental or system requirements that have to be satisfied for access. In today's highly dynamic, distributed environment, obligations and conditions are also crucial decision factors for richer and finer controls on usage of digital resources. Although they have been discussed occasionally in recent literature, most authors have been motivated from specific target problems and thereby limited in their approaches. The UCONABC model integrates these diverse concepts in a unified framework. Traditional authorization decisions are generally made at the time of requests but hardly recognize ongoing controls for relatively long-lived access or for immediate revocation. Moreover, mutability issues that deal with updates on related subject or object attributes as a consequence of access have not been systematically studied.Unlike other studies that have targeted on specific problems or issues, the UCONABC model seeks to enrich and refine the access control discipline in its definition and scope. UCONABC covers traditional access controls such as mandatory, discretionary, and role-based access control. Digital rights management and other modern access controls are also covered. UCONABC lays the foundation for next generation access controls that are required for today's real-world information and systems security. This paper articulates the core of this new area of UCON and develops several detailed models.
ACM Digital Library