Representation-Independent Data Usage Control

Pretschner, Alexander; Lovat, Enrico; Büchler, Matthias

doi:10.1007/978-3-642-28879-1_9

Cited by 26 publications

(49 citation statements)

References 35 publications

(108 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Together, step 4 and 5 are called policy instantiation and they might be switched in order, depending upon the context detail to be added and the corresponding system implementation. Generic Architecture: We build upon an existing generic usage control infrastructure with three main components: a Policy Enforcement Point (PEP), able to observe, intercept, possibly modify and generate events in the system; a Policy Decision Point (PDP), representing the core of the usage control monitoring logic; and a Policy Information Point (PIP), which provides the data-container mapping to the PDP [5]. This infrastructure was extended with a Policy Management Point (PMP) with a dedicated sub-component, the Policy Translation Point (PTP) for policy derivation using action refinement.…”

Section: The Generic Approach To Policy Derivationmentioning

confidence: 99%

“…In usage control, several enforcements exist at and across different layers of abstraction in various types of systems [2,3,5,[16][17][18]. In all these implementations, the focus has been on the implementation of event monitors; policy derivation has not been addressed.…”

Section: Related Work and Relevancementioning

confidence: 99%

“…Policies on data usually need to be interpreted as policies on all representations of that data. We therefore rely on a data flow model [5] that defines system states as mappings between data and containers at a moment in time. The transition relation on states is the change in these mappings.…”

Section: Introductionmentioning

confidence: 99%

“…The transition relation on states is the change in these mappings. Policy enforcement on data is done on the basis of data flow tracking which is monitored on grounds of the transition relation [5].…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Automated Translation of End User Policies for Usage Control Enforcement

Kumari

Pretschner

2015

Data and Applications Security and Privacy XXIX

Self Cite

View full text Add to dashboard Cite

Abstract. In existing implementations of usage control, policies have been specified at the implementation level by intelligent users who understand the technical details of the systems in place. However, end users who want to protect their data are not always technical experts. So they would like to specify policies in abstract terms which could somehow be translated in a format that technical systems understand. This paper describes a generic and automated policy derivation where end users can specify their usage control requirements in structured natural language sentences, from which system-understandable technical policies are derived and deployed without further human intervention.

show abstract

Section: The Generic Approach To Policy Derivationmentioning

confidence: 99%

Section: Related Work and Relevancementioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Automated Translation of End User Policies for Usage Control Enforcement

Kumari

Pretschner

2015

Data and Applications Security and Privacy XXIX

Self Cite

View full text Add to dashboard Cite

show abstract

“…Our solution works as follows: Data usage control technology [7,12,18,19] is integrated into the Software Execution Environment (SEE) (e.g., Java Runtime Environment (RTE), .NET CLR, PHP interpreter) which is then supposed to be provided in a Platform-as-a-Service (PaaS) manner by trustworthy entities. Such trustworthy entities might include the OSN operator herself, public universities, or consumer protection organizations (cf.…”

mentioning

confidence: 99%

Compliance Monitoring of Third-Party Applications in Online Social Networks

Kelbert

Fromm

2016

2016 IEEE Security and Privacy Workshops (SPW)

View full text Add to dashboard Cite

Abstract-With the widespread adoption of Online Social Networks (OSNs), users increasingly also use corresponding thirdparty applications (TPAs), such as social games and applications for collaboration. To improve their social experience, TPAs access users' personal data via an API provided by the OSN. Applications are then expected to comply with certain security and privacy policies when handling the users' data. However, in practice, they might store, use, and distribute that data in all kinds of unapproved ways. We present an approach that transparently enforces security and privacy policies on TPAs that integrate with OSNs. To this end, we integrate concepts and implementations from the research areas of data usage control and information flow control. We instantiate these results in the context of TPAs in OSNs in order to enforce compliance with security and privacy policies that are provided by the OSN operator. We perform a preliminary evaluation of our approach on the basis of a TPA that integrates with the Facebook API.

show abstract

Decentralized Distributed Data Usage Control

Kelbert

Pretschner

2014

Cryptology and Network Security

View full text Add to dashboard Cite

Representation-Independent Data Usage Control

Cited by 26 publications

References 35 publications

Automated Translation of End User Policies for Usage Control Enforcement

Automated Translation of End User Policies for Usage Control Enforcement

Compliance Monitoring of Third-Party Applications in Online Social Networks

Decentralized Distributed Data Usage Control

Contact Info

Product

Resources

About