Attribute Mutability in Usage Control
نویسندگان
چکیده
The notion of Usage Control (UCON) has been introduced recently to extend traditional access controls by including three decision factors called authorizations, obligations, and conditions. Usage control also recognize two important decision properties of continuity and mutability. In access control literature, an authorization decision is commonly made by utilizing some form of subject and object attributes. Identities, security labels and roles are some examples of attributes. Traditionally these attributes are assigned to subjects and objects by a security officer and can be modified only by administrative actions. However, in modern information systems these attributes are often required to be changed as a side effect of subject’s usage on object. This requirement of updates has been recognized and defined as mutability property in usage control. In this paper, we discuss issues of this attribute mutability and show how usage control can apply this mutability property in various traditional and modern access control policies.
منابع مشابه
Logical Model and Specification of Usage Control
The recent usage control model (UCON) is a foundation for next generation access control models with distinguishing properties of decision continuity and attribute mutability. A usage control decision is determined by combining authorizations, obligations, and conditions, presented as UCONABC core models by Park and Sandhu. Based on these core aspects, we develop a firstorder logic specificatio...
متن کاملComponent Lifecycle and Concurrency Model in Usage Control (UCON) System
Access control is one of the most challenging issues facing information security. Access control is defined as, the ability to permit or deny access to a particular computational resource or digital information by an unauthorized user or subject. The concept of usage control (UCON) has been introduced as a unified approach to capture a number of extensions for access control models and systems....
متن کاملUsing Regression based Control Limits and Probability Mixture Models for Monitoring Customer Behavior
In order to achieve the maximum flexibility in adaptation to ever changing customer’s expectations in customer relationship management, appropriate measures of customer behavior should be continually monitored. To this end, control charts adjusted for buyer’s/visitor’s prior intention to repurchase or visit again are suitable means taking into account the heterogeneity across customers. In the ...
متن کاملFormal Verification of Usage Control Models: A Case Study of UseCON Using TLA+
Usage control models provide an integration of access control, digital rights, and trust management. To achieve this integration, usage control models support additional concepts such as attribute mutability and continuity of decision. However, these concepts may introduce an additional level of complexity to the underlying model, rendering its definition a cumbersome and prone to errors proces...
متن کاملTowards a Usage Monitor for Enforcement of Usage-Based Access Control in Grid Computing
Grid computing is evolving as a solution to resource issues associated with large-scale computing. As the technology to manage the resources of the grid evolves beyond multiple logins and Unix file permissions, access control becomes a viable solution as it has in many application spaces. Usage-based access control solutions resolve the need for attribute based resource security that can handle...
متن کامل