Filters








238 Hits in 3.0 sec

Enforcement of U-XACML History-Based Usage Control Policy [chapter]

Fabio Martinelli, Ilaria Matteucci, Paolo Mori, Andrea Saracino
2016 Lecture Notes in Computer Science  
This paper presents a history-based variant of U-XACML policies composed via process algebra-like operators in order to take trace of past actions made on resources by the subjects.  ...  Usage Control policies have been introduced to overcome issues related to the usage of resources.  ...  Conclusion and Future Work This paper presents a formal approach to combine Usage Control policy to obtain an History based U-XACML policy that is enforceable at run time.  ... 
doi:10.1007/978-3-319-46598-2_5 fatcat:hbj3jdo3anbypgeacmoof4bfji

Usage Control Specification, Enforcement, and Robustness: A Survey [article]

Ines Akaichi, Sabrina Kirrane
2022 arXiv   pre-print
In order to better understand the potential of various usage control proposals, we collate and categorize usage control requirements, compare the predominant usage control frameworks based on said requirements  ...  Usage control technologies could be used by software platform providers to manage data and digital assets responsibly and to provide more control to data and digital asset owners.  ...  Various extensions of XACML include components for the continuous evaluation and the enforcement of usage control policies.  ... 
arXiv:2203.04800v1 fatcat:36nf3ltgsjdjzntvinrpdg5x6u

Integration of Quantitative Methods for Risk Evaluation within Usage Control Policies

Leanid Krautsevich, Aliaksandr Lazouski, Fabio Martinelli, Paolo Mori, Artsiom Yautsiukhin
2013 2013 22nd International Conference on Computer Communication and Networks (ICCCN)  
Usage Control (UCON) enhances traditional access control introducing mutable attributes and continuous policy enforcement.  ...  We integrate the authorisation system based on the U-XACML language with quantitative methods for risk evaluation.  ...  Security Policies Our UAS deals with the following security policies: U-XACML policies, attribute retrieval policies and risk metadata. 1) U-XACML Policy: is written in the U-XACML policy language [3]  ... 
doi:10.1109/icccn.2013.6614144 dblp:conf/icccn/KrautsevichLMMY13 fatcat:spbxfjjcdjf5vmfl2ygpd2kxam

Towards purpose enforcement model for privacy-aware usage control policy in distributed healthcare

Annanda Thavymony Rath, Jean Noël Colin
2013 International Journal of Security and Networks (IJSN)  
In this paper, we discuss the design issue of usage purpose enforcement model based on our proposed enforcement structure: pre-, ongoing-, and post-enforcement.  ...  Reference to this paper should be made as follows: Rath, A.T. and Colin, J-N. (2013) 'Towards purpose enforcement model for privacy-aware usage control policy in distributed healthcare', Int.  ...  during usage control session based on usage policy.  ... 
doi:10.1504/ijsn.2013.055943 fatcat:wni52szctnbebjfc3vlfipzjsu

Testing of PolPA-based usage control systems

Antonia Bertolino, Said Daoudagh, Francesca Lonetti, Eda Marchetti, Fabio Martinelli, Paolo Mori
2013 Software quality journal  
In this paper, we address the testing of the implementation of the Policy Decision Point (PDP) within the PolPA authorization system that enables history-based and usage-based control of accesses.  ...  Accordingly, we propose two testing strategies specifically conceived for validating the history-based access control and the usage control functionalities of the PolPA PDP.  ...  Acknowledgment This work has been partially funded by the Network of Excellence on Engineering Secure Future Internet Software Services and Systems (NESSoS) FP7 Project contract n. 256980.  ... 
doi:10.1007/s11219-013-9216-0 fatcat:u25xppqjsrhttpuu37ke2zihq4

Access control for healthcare data using extended XACML-SRBAC model

A. A. Abd El-Aziz, A. Kannan
2012 2012 International Conference on Computer Communication and Informatics  
Also we consider one of the models, namely Spatial Role-based access control (SRBAC) and model it using XACML.  ...  This paper proposes a framework of using XACML and XML security to support secure, embedded and fine-grained access control policy to control the privacy and data access of health service data accessed  ...  In [6] , the policy embedding approach that we use is similar to that of the Enterprise Rights Management (ERM) which is defined as a digital document-based security model that enforces access, usage,  ... 
doi:10.1109/iccci.2012.6158775 fatcat:acgso6chkfcobjuudynnfymb3y

A general obligation model and continuity

Basel Katt, Xinwen Zhang, Ruth Breu, Michael Hafner, Jean-Pierre Seifert
2008 Proceedings of the 13th ACM symposium on Access control models and technologies - SACMAT '08  
ongoing enforcement mechanism of implementations.  ...  The usage control model (UCON) has been proposed to augment traditional access control models by integrating authorizations, obligations, and conditions and providing the properties of decision continuity  ...  Figure 5 shows the architecture of our usage control enforcement engine. The implementation is based on XACML enforcement engine.  ... 
doi:10.1145/1377836.1377856 dblp:conf/sacmat/KattZBHS08 fatcat:2zkz4me55betpgna5ha2xkfea4

D3.3 - Context-aware ABAC Enforcement Mechanism

UBITECH, Institute Of Communication And Computer Systems
2020 Zenodo  
of each authorization decision.  ...  This deliverable provided and discusses all the software components designed for enabling the context-aware ABAC enforcement and raising the involved actors' security awareness by indicating the logic  ...  Based on the work reported on this deliverable, access control policies will be enforced as part of two different authorisation paradigms; i) the Attribute Based Access Control (ABAC layer which permits  ... 
doi:10.5281/zenodo.4022338 fatcat:gm2spfbuizebjcyqabgnegteki

Data Usage and Access Control in Industrial Data Spaces: Implementation Using FIWARE

Andres Munoz-Arcentales, Sonsoles López-Pernas, Alejandro Pozo, Álvaro Alonso, Joaquín Salvachúa, Gabriel Huecas
2020 Sustainability  
Usage Control.  ...  Data Usage Control provides a common and trustful security framework to guarantee the compliance with data governance rules and responsible use of organizations' data by third-party entities, easing and  ...  Conflicts of Interest: The authors declare no conflict of interest.  ... 
doi:10.3390/su12093885 fatcat:xkspvnabqndarh5u4erp2wrfxq

Policy expression and checking in XACML, WS-Policies, and the jABC

Martin Karusseit, Tiziana Margaria, Holger Willebrandt
2008 Proceedings of the 2008 workshop on Testing, analysis, and verification of web services and applications - TAV-WEB '08  
This paper compares the temporal logic-based approach for modeling access control used by the jABC framework with two popular XML-based description languages (XACML and WS-Policy), which are quasi-standards  ...  Its usage is illustrated here on the example of the web-based Online Conference Service (OCS).  ...  We compare here the popular XML-based policy definition languages XACML and WS-Policy (Sect. 2, with the temporal logic-based approach for modeling access control supported by the jABC [?]  ... 
doi:10.1145/1390832.1390836 dblp:conf/issta/KarusseitMW08 fatcat:f754n5kq2fgk3jbcpt7ext5bf4

Analysis and Verification of XACML Policies in a Medical Cloud Environment

Meryeme Ayache, Mohammed Erradi, Ahmed Khoumsi, Bernd Freisleben
2016 Scalable Computing : Practice and Experience  
In this paper, we propose a Cloud Policy Verification Service (CPVS ) for the analysis and the verification of access control policies specified using XACML.  ...  Access control protects the system's resources against unauthorized access via a set of policies. Jansen [18] proposed XACML as a policy specification language for cloud applications.  ...  Each organisation regulates the access to its own resources by enforcing a set of access control rules.  ... 
doi:10.12694/scpe.v17i3.1180 fatcat:lbh4lamoznc4ndqv5sszyi5uj4

Methods and Tools for Policy Analysis

Amani Abu Jabal, Maryam Davari, Elisa Bertino, Christian Makaya, Seraphin Calo, Dinesh Verma, Alessandra Russo, Christopher Williams
2019 ACM Computing Surveys  
We conclude the paper by outlining novel research directions in the area of policy analysis. 2.1.1 Role-based Access Control (RBAC).  ...  Policy-based management of computer systems, computer networks and devices is a critical technology especially for present and future systems characterized by large-scale systems with autonomous devices  ...  The views and conclusions contained in this document are those of the authors and should not be interpreted as representing the ocial policies, either expressed or implied, of the U.S.  ... 
doi:10.1145/3295749 fatcat:ujkyr4jeerdxdbeonmh2wnixhy

Licit: Administering Usage Licenses in Federated Environments

Prashant C. Kediyal, Munindar P. Singh
2014 IEEE Transactions on Services Computing  
We show how to represent a variety of usage licenses formally as executable policies and provide a simple information model using which each party can specify both the attributes involved in its licenses  ...  We address the problem of usage license administration in federated settings.  ...  In particular, Aaron Peeler provided us statistics regarding VCL usage. We are also indebted to the anonymous reviewers for helpful comments.  ... 
doi:10.1109/tsc.2013.1 fatcat:l3vlaq2t5vefpiby7z3lp4dkda

EPICS: A Framework for Enforcing Security Policies in Composite Web Services

Rohit Ranchal, Bharat Bhargava, Pelin Angin, Lotfi Ben Othmane
2018 IEEE Transactions on Services Computing  
The clients lack options for specifying policies to control the sharing of their data and have to rely on service providers which provide limited selection of security and privacy preferences.  ...  This lack of awareness and loss of control over data sharing increases threats to a client's data and diminishes trust in these systems. Disciplines Electrical and Computer Engineering  ...  The use of XACML-based policies incur some additional overhead.  ... 
doi:10.1109/tsc.2018.2797277 fatcat:3x2qqm7f4vgrxk3sgwhnnceqym

A Rigorous Framework for Specification, Analysis and Enforcement of Access Control Policies

Andrea Margheri, Massimiliano Masi, Rosario Pugliese, Francesco Tiezzi
2017 IEEE Transactions on Software Engineering  
In this paper, we introduce a formally-defined, fully-implemented framework for specification, analysis and enforcement of attribute-based access control policies.  ...  The framework is supported by Java-based tools, among which an Eclipse-based IDE offering a tailored development and analysis environment for FACPL policies and a Java library for policy enforcement.  ...  and enforcement of access control policies.  ... 
doi:10.1109/tse.2017.2765640 fatcat:d7lsslgxfbcwzd2ami6e37vxom
« Previous Showing results 1 — 15 out of 238 results