Model Checking Usage Policies
نویسندگان
چکیده
We propose a model for specifying, analysing and enforcing safe usageof resources. Our usage policies allow for parametricity over resources,and they can be enforced through finite state automata. The patternsof resource access and creation are described through a basic calculus ofusages. In spite of the augmented flexibility given by resource creationand by policy parametrization, we devise an efficient (polynomial-time)model-checking technique for deciding when a usage is resource-safe, i.e.when it complies with all the relevant usage policies.
منابع مشابه
Static Enforcement of Static Separation-of-Duty Policies in Usage Control Authorization Models
Separation-of-Duty (SoD) is a fundamental security principle for prevention of fraud and errors in computer security. It has been studied extensively in traditional access control models. However, the research of SoD policy in the recently proposed usage control (UCON) model has not been well studied. This paper formulates and studies the fundamental problem of static enforcement of static SoD ...
متن کاملLogical Model and Specification of Usage Control
The recent usage control model (UCON) is a foundation for next generation access control models with distinguishing properties of decision continuity and attribute mutability. A usage control decision is determined by combining authorizations, obligations, and conditions, presented as UCONABC core models by Park and Sandhu. Based on these core aspects, we develop a firstorder logic specificatio...
متن کاملSemantic-Driven Enforcement of Rights Delegation Policies via the Combination of Rules and Ontologies
We show that the semantic formal model for Open Digital Right Language (ODRL)-based rights delegation policies can be enforced and expressed as a combination of ontologies and rules, e.g., Semantic Web Rule Language (SWRL). Based on ODRL’s expressions and data dictionary, a rights delegation ontology is proposed in this study. Furthermore, we express the rights delegation policy as a set of ont...
متن کامل6 A pr 2 00 5 An Audit Logic for Accountability ( Extended
We describe a policy language and implement its associated proof checking system. In our system, agents can distribute data along with usage policies in a decentralized architecture. Our language supports the specification of conditions and obligations, and also the possibility to refine policies. In our framework, the compliance with usage policies is not actively enforced. However, agents are...
متن کاملPrivacy Enforcement and Accountability with Semantics (peas2007) Iswc 2007 Sponsor Workshop Motivation and Goal beyond Secrecy: New Privacy Protection Strategies for the World Wide Web Semantic-driven Enforcement of Rights Delegation Policies via the Combination of Rules and Ontologies
We show that the semantic formal model for Open Digital Right Language (ODRL)-based rights delegation policies can be enforced and expressed as a combination of ontologies and rules, e.g., Semantic Web Rule Language (SWRL). Based on ODRL’s expressions and data dictionary, a rights delegation ontology is proposed in this study. Furthermore, we express the rights delegation policy as a set of ont...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Mathematical Structures in Computer Science
دوره 25 شماره
صفحات -
تاریخ انتشار 2008