Proceedings of the Second ACM Conference on Data and Application Security and Privacy 2012
DOI: 10.1145/2133601.2133612
|View full text |Cite
|
Sign up to set email alerts
|

Deriving implementation-level policies for usage control enforcement

Abstract: Usage control is concerned with how data is used after access to it has been granted. As such, it is particularly relevant to end users who own the data. System implementations of access and usage control enforcement mechanisms, however, do not always adequately reflect end user requirements. This is due to several reasons, one of which is the problem of mapping concepts in the end user's domain to technical events and artifacts. For instance, semantics of basic operators such as "copy" or "delete", which are … Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
9
0

Year Published

2013
2013
2018
2018

Publication Types

Select...
5
1

Relationship

2
4

Authors

Journals

citations
Cited by 13 publications
(9 citation statements)
references
References 39 publications
0
9
0
Order By: Relevance
“…Since previous work showed how high-level OSL policies can be translated into technical Event-Condition-Action (ECA) rules ECA rule for enforcement purposes [108,109], this thesis focuses on such ECA rules. While the formal semantics of ECA rules are provided in [106,126], their intuitive semantics are as follows: Once a system event e ∈ S refining the trigger Event trigger event ∈ E (cf.…”
Section: Specification Of Data Usage Policiesmentioning
confidence: 99%
See 2 more Smart Citations
“…Since previous work showed how high-level OSL policies can be translated into technical Event-Condition-Action (ECA) rules ECA rule for enforcement purposes [108,109], this thesis focuses on such ECA rules. While the formal semantics of ECA rules are provided in [106,126], their intuitive semantics are as follows: Once a system event e ∈ S refining the trigger Event trigger event ∈ E (cf.…”
Section: Specification Of Data Usage Policiesmentioning
confidence: 99%
“…to indicate that a certain amount of time has passed. According to [108,109,156,172,174], ECA conditions (Φ) are specified in terms of past linear temporal logics [62,118,133]. Their syntax is specified as:…”
Section: Specification Of Data Usage Policiesmentioning
confidence: 99%
See 1 more Smart Citation
“…In contrast, the very idea of our work is a more generic approach that relies on instantiated domain meta models; this is the gap in usage control policy refinement that is filled by this work. A modelbased semi-automated approach to usage control policy derivation is described in [6,7]. We build on this work and achieve automated policy derivation.…”
Section: Related Work and Relevancementioning
confidence: 99%
“…Because data and actions on data are specific to an application domain, a three-layered domain meta-model for refining data and actions has been proposed in [6]. This meta-model ( Fig.…”
Section: Introductionmentioning
confidence: 99%