A note on the formalisation of UCON

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

A note on the formalisation of UCON

Full text

Pdf (208 KB)

Source

Symposium on Access Control Models and Technologies archive
Proceedings of the 12th ACM symposium on Access control models and technologies table of contents

Sophia Antipolis, France

SESSION: Short papers: access control table of contents

Pages: 163 - 168

Year of Publication: 2007

ISBN:978-1-59593-745-2

Authors

Helge Janicke	De Montfort University, Leicester, UK
Antonio Cau	De Montfort University, Leicester, UK
Hussein Zedan	De Montfort University, Leicester, UK

Sponsors

ACM: Association for Computing Machinery
SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 5, Downloads (12 Months): 86, Citation Count: 0

Additional Information:

abstract references index terms collaborative colleagues

Tools and Actions:	Review this Article Save this Article to a Binder Display Formats: BibTex EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1266840.1266867 What is a DOI?

ABSTRACT

Usage Control (UCON) Models, similar to Access Control Models, control and govern the users' access to resources and services that are available in the system. One of the major improvements of UCON over traditional access control models is the continuity of the control and the concept of attribute mutability. In this paper we provide an alternative formalisation of the UCON model that relaxes many of the assumptions made in earlier formalisations of the model. We question the enforceability of UCON policies as described by previous formalisations and improve on it.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	M. Y. Becker, C. Fournet, and A. D. Gordon. SecPAL: Design and Semantics of a Decentralized Authorisation Language. Technical report, Microsoft Research, 2006.
	2	Jan Chomicki, Efficient checking of temporal integrity constraints using bounded history encoding, ACM Transactions on Database Systems (TODS), v.20 n.2, p.149-186, June 1995 [doi>10.1145/210197.210200]
	3	Sushil Jajodia , Pierangela Samarati , Maria Luisa Sapino , V. S. Subrahmanian, Flexible support for multiple access control policies, ACM Transactions on Database Systems (TODS), v.26 n.2, p.214-260, June 2001 [doi>10.1145/383891.383894]
	4	Helge Janicke , Antonio Cau , Francois Siewe , Hussein Zedan , Kevin Jones, A Compositional Event & Time-Based Policy Model, Proceedings of the Seventh IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'06), p.173-182, June 05-07, 2006 [doi>10.1109/POLICY.2006.2]
	5	Leslie Lamport, The temporal logic of actions, ACM Transactions on Programming Languages and Systems (TOPLAS), v.16 n.3, p.872-923, May 1994 [doi>10.1145/177492.177726]
	6	J. Park, X. Zhang, and R. S. Sandhu. Attribute mutability in usage control. In C. Farkas and P. Samarati, editors, DBSec, pages 15--29. Kluwer, 2004.
	7	R. Sandhu and J. Park. The UCON<sub>ABC</sub> usage control model. In Proceeding of the Second International Workshop on Mathematical Method, Models and Architectures for Computer Networks Security, 2003.
	8	F. Siewe. A Compositional Framework for the Development of Secure Access Control Systems. PhD thesis, De Montfort University, 2005.
	9	Xinwen Zhang , Jaehong Park , Francesco Parisi-Presicce , Ravi Sandhu, A logical specification for usage control, Proceedings of the ninth ACM symposium on Access control models and technologies, June 02-04, 2004, Yorktown Heights, New York, USA [doi>10.1145/990036.990038]
	10	Xinwen Zhang , Francesco Parisi-Presicce , Ravi Sandhu , Jaehong Park, Formal model and policy specification of usage control, ACM Transactions on Information and System Security (TISSEC), v.8 n.4, p.351-387, November 2005 [doi>10.1145/1108906.1108908]