short-paper

Mechanisms for usage control

Authors:

T. WalterAuthors Info & Claims

ASIACCS '08: Proceedings of the 2008 ACM symposium on Information, computer and communications security

Pages 240 - 244

https://doi.org/10.1145/1368310.1368344

Published: 18 March 2008 Publication History

Get Access

Abstract

Usage control is a generalization of access control that also addresses how data is used after it is released. We present a formal model for different mechanisms that can enforce usage control policies on the consumer side.

References

[1]

M. Hilty, A. Pretschner, D. Basin, C. Schaefer, and T. Walter. A Policy Language for Usage Control. In Proc. ESORICS, pages 531--546, 2007.

Digital Library

Google Scholar

[2]

M. Hilty, A. Pretschner, C. Schaefer, and T. Walter. Enforcement for Usage Control: A System Model and a Policy Language for Distributed Usage Control. Technical Report I-ST-20, DoCoMo Euro-Labs, 2006.

Google Scholar

[3]

J. Ligatti, L. Bauer, and D. Walker. Edit Automata: Enforcement Mechanisms for Run-time Security Policies. Intl. J. of Inf. Security, 4(1--2):2--16, 2 2005.

Google Scholar

[4]

J. Park and R. Sandhu. The UCON ABC Usage Control Model. ACM Transactions on Information and Systems Security, 7:128--174, 2004.

Digital Library

Google Scholar

[5]

X. Zhang, J. Park, F. Parisi-Presicce, and R. Sandhu. A logical specification for usage control. In Proc. SACMAT, pages 1--10, 2004.

Digital Library

Google Scholar

Cited By

View all

Zrenner JMöller FJung CEitel AOtto B(2019)Usage control architecture options for data sovereignty in business ecosystemsJournal of Enterprise Information Management10.1108/JEIM-03-2018-005832:3(477-495)Online publication date: 4-Jun-2019
https://doi.org/10.1108/JEIM-03-2018-0058
Kelbert FPretschner A(2018)Data Usage Control for Distributed SystemsACM Transactions on Privacy and Security10.1145/318334221:3(1-32)Online publication date: 16-Apr-2018
https://dl.acm.org/doi/10.1145/3183342
Basin DDebois SHildebrandt T(2018)On Purpose and by Necessity: Compliance Under the GDPRFinancial Cryptography and Data Security10.1007/978-3-662-58387-6_2(20-37)Online publication date: 7-Dec-2018
https://doi.org/10.1007/978-3-662-58387-6_2
Show More Cited By

Index Terms

Mechanisms for usage control

Recommendations

The UCON_ABC usage control model

In this paper, we introduce the family of UCON_ABC models for usage control (UCON), which integrate Authorizations (A), oBligations (B), and Conditions (C). We call these core models because they address the essence of UCON, leaving administration, ...
Towards a times-based usage control model
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security

Modern information systems require temporal and privilege-consuming usage of digital objects. To meet these requirements, we present a new access control model-Times-based Usage Control (TUCON). TUCON extends traditional and temporal access control ...
Adapting usage control as a deterrent to address the inadequacies of access controls

Access controls are difficult to implement and evidently deficient under certain conditions. Traditional controls offer no protection for unclassified information, such as a telephone list of employees that is unrestricted, yet available only to members ...

Comments

Information & Contributors

Information

Published In

ASIACCS '08: Proceedings of the 2008 ACM symposium on Information, computer and communications security

March 2008

399 pages

ISBN:9781595939791

DOI:10.1145/1368310

Program Chairs:
Masayuki Abe
NTT, Japan
,
Virgil Gligor
University of Maryland

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 18 March 2008

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper

Conference

Asia CCS '08

Sponsor:

SIGSAC

Asia CCS '08: Asia CCS'08 ACM Symposium on Information, Computer and Communications Security

March 18 - 20, 2008

Tokyo, Japan

Acceptance Rates

Overall Acceptance Rate 418 of 2,322 submissions, 18%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

42
Total Citations
View Citations
552
Total Downloads

Downloads (Last 12 months)5
Downloads (Last 6 weeks)2

Reflects downloads up to 05 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Zrenner JMöller FJung CEitel AOtto B(2019)Usage control architecture options for data sovereignty in business ecosystemsJournal of Enterprise Information Management10.1108/JEIM-03-2018-005832:3(477-495)Online publication date: 4-Jun-2019
https://doi.org/10.1108/JEIM-03-2018-0058
Kelbert FPretschner A(2018)Data Usage Control for Distributed SystemsACM Transactions on Privacy and Security10.1145/318334221:3(1-32)Online publication date: 16-Apr-2018
https://dl.acm.org/doi/10.1145/3183342
Basin DDebois SHildebrandt T(2018)On Purpose and by Necessity: Compliance Under the GDPRFinancial Cryptography and Data Security10.1007/978-3-662-58387-6_2(20-37)Online publication date: 7-Dec-2018
https://doi.org/10.1007/978-3-662-58387-6_2
Vasiliadis CGeorgiadis CZdravkova KEleftherakis GKefalas P(2017)A Survey on Access Control Mechanisms in E-commerce EnvironmentsProceedings of the 8th Balkan Conference in Informatics10.1145/3136273.3136288(1-6)Online publication date: 20-Sep-2017
https://dl.acm.org/doi/10.1145/3136273.3136288
Karafili ELupu EBertino ESandhu RWeippl E(2017)Enabling Data Sharing in Contextual EnvironmentsProceedings of the 22nd ACM on Symposium on Access Control Models and Technologies10.1145/3078861.3078876(231-238)Online publication date: 7-Jun-2017
https://dl.acm.org/doi/10.1145/3078861.3078876
Spanoudakis NConstantinou EKoumi AKakas A(2017)Modeling Data Access Legislation with GorgiasAdvances in Artificial Intelligence: From Theory to Practice10.1007/978-3-319-60045-1_34(317-327)Online publication date: 3-Jun-2017
https://doi.org/10.1007/978-3-319-60045-1_34
Schneider G(2016)On the Specification and Enforcement of Privacy-Preserving Contractual AgreementsLeveraging Applications of Formal Methods, Verification and Validation: Discussion, Dissemination, Applications10.1007/978-3-319-47169-3_34(413-419)Online publication date: 5-Oct-2016
https://doi.org/10.1007/978-3-319-47169-3_34
Dolzhenko ELigatti JReddy S(2015)Modeling runtime enforcement with mandatory results automataInternational Journal of Information Security10.1007/s10207-014-0239-814:1(47-60)Online publication date: 1-Feb-2015
https://dl.acm.org/doi/10.1007/s10207-014-0239-8
Karwe MMüller G(2015)DPIP: A Demand Response Privacy Preserving Interaction ProtocolBusiness Information Systems Workshops10.1007/978-3-319-26762-3_20(224-234)Online publication date: 2-Dec-2015
https://doi.org/10.1007/978-3-319-26762-3_20
Kumari PPretschner A(2015)Automated Translation of End User Policies for Usage Control EnforcementData and Applications Security and Privacy XXIX10.1007/978-3-319-20810-7_18(250-258)Online publication date: 23-Jun-2015
https://doi.org/10.1007/978-3-319-20810-7_18
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

The UCON_ABC usage control model

Towards a times-based usage control model

Adapting usage control as a deterrent to address the inadequacies of access controls

Comments

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Other Metrics

Article Metrics

Other Metrics

Cited By

Login options

Full Access

PDF

eReader

Abstract

References

Cited By

Index Terms

Recommendations

The UCONABC usage control model

Towards a times-based usage control model

Adapting usage control as a deterrent to address the inadequacies of access controls

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations

The UCON_ABC usage control model