ABSTRACT
This paper is part of a project investigating authorization systems that assign obligations to users. We are particularly interested in obligations that require authorization to be performed and that, when performed, may modify the authorization state. In this context, a user may incur an obligation she is unauthorized to perform. Prior work has introduced a property of the authorization system state that ensures users will be authorized to fulfill their obligations. We call this property accountability because users that fail to perform authorized obligations are accountable for their non-performance. While a reference monitor can mitigate violations of accountability, it cannot prevent them entirely. This paper presents techniques to be used by obligation system managers to restore accountability. We introduce several notions of dependence among pending obligations that must be considered in this process. We also introduce a novel notion we call obligation pool slicing, owing to its similarity to program slicing. An obligation pool slice identifies a set of obligations that the administrator may need to consider when applying strategies proposed here for restoring accountability. The paper also presents the system architecture of an authorization system that incorporates obligations that can require and affect authorizations.
- A Framework for Enforcing User Obligations. Technical Report CS-TR-2011-001. The University of Texas at San Antonio.Google Scholar
- M. Ali, L. Bussard, and U. Pinsdorf. Obligation Language and Framework to Enable Privacy-Aware SOA. In Data Privacy Management and Autonomous Spontaneous Security, volume 5939 of Lecture Notes in Computer Science, pages 18--32. Springer Berlin, Heidelberg, 2010. Google ScholarDigital Library
- M. Casassa and F. Beato. On Parametric Obligation Policies: Enabling Privacy-Aware Information Lifecycle Management in Enterprises. In Policies for Distributed Systems and Networks., pages 51 --55, jun. 2007. Google ScholarDigital Library
- D. J. Dougherty, K. Fisler, and S. Krishnamurthi. Obligations and their interaction with programs. In Proceedings of the 12th European Symposium On Research In Computer Security, Dresden, Germany, September 24--26, Proceedings, pages 375--389, 2007. Google ScholarDigital Library
- M. P. Gallaher, A. C. Oconnor, and B. Kropp. The Economic Impact of Role-Based Access Control, March 2002. Available at http://www.nist.gov/director/prog-ofc/report02--1.pdf.Google Scholar
- P. Gama and P. Ferreira. Obligation policies: An enforcement platform. In 6th IEEE International Workshop on Policies for Distributed Systems and Networks, Stockholm, Sweden, June 2005. IEEE Computer Society. Google ScholarDigital Library
- M. Hilty, A. Pretschner, D. Basin, C. Schaefer, and T. Walter. A policy language for distributed usage control. In J. Biskup and J. Lopez, editors, Computer Security - ESORICS 2007, volume 4734 of Lecture Notes in Computer Science, pages 531--546. Springer Berlin, Heidelberg, 2008. Google ScholarDigital Library
- K. Irwin, T. Yu, and W. H. Winsborough. On the modeling and analysis of obligations. In Proceedings of the 13th ACM conference on Computer and communications security, pages 134--143, New York, NY, USA, 2006. ACM. Google ScholarDigital Library
- K. Irwin, T. Yu, and W. H. Winsborough. Assigning responsibilities for failed obligations. In IFIPTM Joined iTrust and PST Conference on Privacy, Trust Management and Security, pages 327--342. Springer Boston, 2008.Google Scholar
- B. Katt, X. Zhang, R. Breu, M. Hafner, and J.-P. Seifert. A general obligation model and continuity: enhanced policy enforcement engine for usage control. In Proceedings of the 13th ACM symposium on Access control models and technologies, pages 123--132, New York, NY, USA, 2008. ACM. Google ScholarDigital Library
- N. H. Minsky and A. D. Lockman. Ensuring integrity by adding obligations to privileges. In Proceedings of the 8th international conference on Software engineering, pages 92--102, Los Alamitos, CA, USA, 1985. IEEE Computer Society Press. Google ScholarDigital Library
- Q. Ni, E. Bertino, and J. Lobo. An obligation model bridging access control policies and privacy policies. In Proceedings of the 13th ACM symposium on Access control models and technologies, pages 133--142, New York, NY, USA, 2008. ACM. Google ScholarDigital Library
- Q. Ni, A. Trombetta, E. Bertino, and J. Lobo. Privacy-aware role based access control. In Proceedings of the 12th ACM symposium on Access control models and technologies, pages 41--50, New York, NY, USA, 2007. ACM. Google ScholarDigital Library
- J. Park and R. Sandhu. The uconabc usage control model. ACM Trans. Inf. Syst. Secur., 7(1):128--174, 2004. Google ScholarDigital Library
- M. Pontual, O. Chowdhury, W. Winsborough, T. Yu, and K. Irwin. Toward Practical Authorization Dependent User Obligation Systems. In Proceedings of the 5th International Symposium on ACM Symposium on Information, Computer and Communications Security, 2010. Google ScholarDigital Library
- M. Pontual, K. Irwin, O. Chowdhury, W. H. Winsborough, and T. Yu. Failure feedback for user obligation systems. In The Second IEEE International Conference on Information Privacy, Security, Risk and Trust, pages 713 --720, 2010. Google ScholarDigital Library
- R. S. Sandhu, V. Bhamidipati, and Q. Munawer. The ARBAC97 model for role-based aministration of roles. ACM Transactions on Information and Systems Security, 2(1):105--135, Feb. 1999. Google ScholarDigital Library
- A. Sasturkar, A. Yang, S. D. Stoller, and C. Ramakrishnan. Policy analysis for administrative role based access control. volume 0, pages 124--138, Los Alamitos, CA, USA, 2006. IEEE Computer Society. Google ScholarDigital Library
- V. Swarup, L. Seligman, and A. Rosenthal. A data sharing agreement framework. In Information Systems Security, Second International Conference, Kolkata, India, December 19--21, Proceedings, pages 22--36, 2006. Google ScholarDigital Library
- M. Weiser. Program slicing. In Proceedings of the 5th international conference on Software engineering, pages 439--449, Piscataway, NJ, USA, 1981. IEEE Press. Google ScholarDigital Library
Index Terms
On the management of user obligations
Recommendations
On the modeling and analysis of obligations
CCS '06: Proceedings of the 13th ACM conference on Computer and communications securityTraditional security policies largely focus on access control requirements, which specify who can access what under what circumstances. Besides access control requirements, the availability of services in many applications often further imposes ...
Toward practical authorization-dependent user obligation systems
ASIACCS '10: Proceedings of the 5th ACM Symposium on Information, Computer and Communications SecurityMany authorization system models include some notion of obligation. Little attention has been given to user obligations that depend on and affect authorizations. However, to be usable, the system must ensure users have the authorizations they need when ...
Formal specification and management of security policies with collective group obligations
Obligations are an essential element of security policies since they enable the specification of many security requirements such as availability, privacy, usage control and data protection. In everyday life, the fulfillment of obligations is often the ...
Comments