2010
DOI: 10.1016/j.cosrev.2010.02.002
|View full text |Cite
|
Sign up to set email alerts
|

Usage control in computer security: A survey

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
4
1

Citation Types

0
96
0
2

Year Published

2010
2010
2019
2019

Publication Types

Select...
6
1

Relationship

2
5

Authors

Journals

citations
Cited by 121 publications
(98 citation statements)
references
References 66 publications
(200 reference statements)
0
96
0
2
Order By: Relevance
“…The subject playing a certain role is allowed to execute all privileges for which this role is authorized which in return simplify the security administration. If a user fulfils a new or an additional function it can be allocated to new roles and the subject gets new access permissions [27]. However, RBAC is the most expressive and generalized approach for it simulates the other approaches.…”
Section: Usage Controlmentioning
confidence: 99%
See 3 more Smart Citations
“…The subject playing a certain role is allowed to execute all privileges for which this role is authorized which in return simplify the security administration. If a user fulfils a new or an additional function it can be allocated to new roles and the subject gets new access permissions [27]. However, RBAC is the most expressive and generalized approach for it simulates the other approaches.…”
Section: Usage Controlmentioning
confidence: 99%
“…However, decisions during runtime are not addressed by traditional approaches. Thus, we can state that access control in its traditional meaning does not cover challenges ``in open, distributed, heterogeneous and network-connected computer environment[s]'' [27]. In both IoS and in e-commerce environments, choosing credible services is a major challenge at runtime (preventing access control from being implemented properly).…”
Section: Usage Controlmentioning
confidence: 99%
See 2 more Smart Citations
“…These transformations are interesting, since whilst requirements belong to the problem-domain, the architecture and design models are within the solution-domain, so there is an important gap to address. In the context of security modeling, it is extremely relevant to incept ways to model usage control (e.g., see [21,22,18]), which encompasses traditional access control, trust management and digital rights management and goes beyond these building blocks in terms of definition and scope. Finally, by means of transformation patterns, it is required to research on new ways to map the high-level policies established at requirements stage into low-level, enforceable policies at run-time.…”
Section: Secure Service Architecture and Designmentioning
confidence: 99%