Usage Control Policy Enforcement in OpenOffice.org and Information Flow
نویسندگان
چکیده
Usage control is a generalisation of access control addressing how data is to be handled after it has been released. To control the data handling enforcement mechanisms have to be in place where the data is being used. These enforcement mechanisms can be implemented on different layers of the system. One way to do the enforcement is on the application layer. This paper describes how usage control policies can be enforced in OpenOffice.org using the component technology UNO (Universal Network Objects) provided by OpenOffice.org. The drawbacks and sketches how to overcome these are also identified.
منابع مشابه
A Purpose Model and Policy Enforcement Engine for Usage Control in Distributed Healthcare Information System
This paper addresses two issues: the purpose model designed for distributed healthcare and the purpose-based usage policy enforcement engine based on our purpose-based UCON (the extended UCON model). UCON has been proposed and applied to support security requirements in different computing environments such as resources sharing in collaborative computing systems and data control in remote users...
متن کاملData Usage Control for Distributed Systems
Data usage control provides mechanisms for data owners to remain in control over how their data is used after it has been accessed. Corresponding technical solutions are thus applicable in many distinct areas such as the protection of business, military and government secrets, intellectual property, as well as private user data. However, most existing solutions focus on the enforcement of data ...
متن کاملTowards purpose enforcement model for privacy-aware usage control policy in distributed healthcare
Enforcing the purpose of data usage means to ensure that data are used as it intends for and that excessive usage cannot happen. In general, the enforcement of purpose is a complicated task. The main difficulty is to identify the purpose of an agent when it requests to perform an action. In this paper, we discuss the design issue of usage purpose enforcement model based on our proposed enforcem...
متن کاملEnforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کاملAchieving Accountability with Distributed Data Usage Control Technology
Distributed data usage control technology enforces obligations on future data usage in a preventive or a detective manner. The goal of preventive enforcement is to make sure that a data usage policy is adhered to. The goal of detective, or optimistic, enforcement is to maintain a log of policy violations, which directly provides technical means for accountability. Depending on the underlying tr...
متن کامل