Usage control in computer security: A survey

Lazouski, Aliaksandr; Martinelli, Fabio; Mori, Paolo

doi:10.1016/j.cosrev.2010.02.002

Cited by 120 publications

(98 citation statements)

References 66 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…The subject playing a certain role is allowed to execute all privileges for which this role is authorized which in return simplify the security administration. If a user fulfils a new or an additional function it can be allocated to new roles and the subject gets new access permissions [27]. However, RBAC is the most expressive and generalized approach for it simulates the other approaches.…”

Section: Usage Controlmentioning

confidence: 99%

“…However, decisions during runtime are not addressed by traditional approaches. Thus, we can state that access control in its traditional meaning does not cover challenges ``in open, distributed, heterogeneous and network-connected computer environment[s]'' [27]. In both IoS and in e-commerce environments, choosing credible services is a major challenge at runtime (preventing access control from being implemented properly).…”

Section: Usage Controlmentioning

confidence: 99%

“…Access rights of the subject are defined by its position in relation to the object [45]. Although subjects are permitted to access objects at any level below their own level, the strict notation of the Bell-LaPadula [5] restrictions results in too rigid constraints especially in dynamic and heterogeneous systems [27].…”

Section: Usage Controlmentioning

confidence: 99%

“…As a Torsten Eymann, Christoph Meinel result of this limitation, if a malicious or incompetent subject obtains the ownership of an object, nothing can stop the subject when destroying all discretionary protections. DAC policies do not enforce any control on the information flow [27].…”

Section: Usage Controlmentioning

confidence: 99%

See 3 more Smart Citations

Enabling Usage Control Through Reputation Objects: A Discussion on e-Commerce and the Internet of Services Environments

Alnemr

Koenig

Eymann

et al. 2010

J. theor. appl. electron. commer. res.

View full text Add to dashboard Cite

This paper discusses the meaning and the role of Trust and Reputation in Internet-of-Service and e-Commerce environments following a comparative case study. Both environments represent paradigms through which the Internet is seen as a huge infrastructure where electronic services or real products are traded on. In comparison to electronic commerce, participating in an Internet-of-Services can be full of risks for all participants. Even well known security mechanisms are not able to close all gaps of access and usage control. This paper discusses the concepts of trust and reputation and brings to light the relation between these concepts to security mechanisms, Service-Level-Agreements, and quality measurements in order to enable Usage Control. The proposed solution is based on our previous model of reputation objects. The discussion also introduces a new concept of what we call reputation auditing where quality processes are considered part of reputation management not the other way around.

show abstract

Section: Usage Controlmentioning

confidence: 99%

Section: Usage Controlmentioning

confidence: 99%

Section: Usage Controlmentioning

confidence: 99%

Section: Usage Controlmentioning

confidence: 99%

See 2 more Smart Citations

Enabling Usage Control Through Reputation Objects: A Discussion on e-Commerce and the Internet of Services Environments

Alnemr

Koenig

Eymann

et al. 2010

J. theor. appl. electron. commer. res.

View full text Add to dashboard Cite

show abstract

“…These transformations are interesting, since whilst requirements belong to the problem-domain, the architecture and design models are within the solution-domain, so there is an important gap to address. In the context of security modeling, it is extremely relevant to incept ways to model usage control (e.g., see [21,22,18]), which encompasses traditional access control, trust management and digital rights management and goes beyond these building blocks in terms of definition and scope. Finally, by means of transformation patterns, it is required to research on new ways to map the high-level policies established at requirements stage into low-level, enforceable policies at run-time.…”

Section: Secure Service Architecture and Designmentioning

confidence: 99%

Engineering Secure Future Internet Services

Joosen

López

Martinelli

et al. 2011

The Future Internet

Self Cite

View full text Add to dashboard Cite

Abstract.In this paper we analyze the need and the opportunity for establishing a discipline for engineering secure Future Internet Services, typically based on research in the areas of software engineering, of service engineering and security engineering. Generic solutions that ignore the characteristics of Future Internet services will fail, yet it seems obvious to build on best practices and results that have emerged from various research communities. The paper sketches various lines of research and strands within each line to illustrate the needs and to sketch a community wide research plan. It will be essential to integrate various activities that need to be addressed in the scope of secure service engineering into comprehensive software and service life cycle support. Such a life cycle support must deliver assurance to the stakeholders and enable risk and cost management for the business stakeholders in particular. The paper should be considered a call for contribution to any researcher in the related sub domains in order to jointly enable the security and trustworthiness of Future Internet services.

show abstract

Relays: A New Approach for the Finite Departure Problem in Overlay Networks

Scheideler

Setzer

2018

Lecture Notes in Computer Science

View full text Add to dashboard Cite

A fundamental problem for overlay networks is to safely exclude leaving nodes, i.e., the nodes requesting to leave the overlay network are excluded from it without affecting its connectivity. To rigorously study self-stabilizing solutions to this problem, the Finite Departure Problem (FDP) has been proposed [12]. In the FDP we are given a network of processes in an arbitrary state, and the goal is to eventually arrive at (and stay in) a state in which all leaving processes irrevocably decided to leave the system while for all weakly-connected components in the initial overlay network, all staying processes in that component will still form a weakly connected component. In the standard interconnection model, the FDP is known to be unsolvable by local control protocols, so oracles have been investigated that allow the problem to be solved [12]. To avoid the use of oracles, we introduce a new interconnection model based on relays. Despite the relay model appearing to be rather restrictive, we show that it is universal, i.e., it is possible to transform any weakly-connected topology into any other weaklyconnected topology, which is important for being a useful interconnection model for overlay networks. Apart from this, our model allows processes to grant and revoke access rights, which is why we believe it to be of interest beyond the scope of this paper. We show how to implement the relay layer in a self-stabilizing way and identify properties protocols need to satisfy so that the relay layer can recover while serving protocol requests.

show abstract

Usage control in computer security: A survey

Cited by 120 publications

References 66 publications

Enabling Usage Control Through Reputation Objects: A Discussion on e-Commerce and the Internet of Services Environments

Enabling Usage Control Through Reputation Objects: A Discussion on e-Commerce and the Internet of Services Environments

Engineering Secure Future Internet Services

Relays: A New Approach for the Finite Departure Problem in Overlay Networks

Contact Info

Product

Resources

About