Abstract
Usage control model (UCON) is one of the emerging and comprehensive attribute based access control model that has the ability of monitoring the continuous updates in a system making it better than the other models of access control. UCON is suitable for the distributed environment of grid and cloud computing platforms however the proper formulation of this model does not exist in literature in any policy specification standard. It is for this reason that UCON is not widely adopted as an access control model by industry, though research community is now paying attention to make standard policy specification for this model. In this paper we are suggesting the interpretation of UCON model in extensible access control markup language (XACML) which is an OASIS standard of access control policies. We also highlight UCON model features by explaining its core processes and characteristics with respect to the case study of financial application.
Chapter PDF
Similar content being viewed by others
References
Park, J., Sandhu, R.: Towards Usage Control Models: Beyond Traditional Access Control. In: SACMAT 2002 Proceedings of 7th ACM Symposium on Access Control Models and Technologies (2002)
Zhang, X.: Formal model and analysis of usage control, PhD Thesis. George Mason University, Fairfax, USA (2006)
Lazouski, A., Martinelli, F., Moore, P.M.: Usage control in computer security: A survey. Elsevier Journal of Computer Science Review 4(2) (2010)
Park, J., Sandhu, R.: The UCON ABC Usage Control Model. Journal of ACM Transactions on Information and System Security 7(1) (2004)
Zhang, X., Nakae, M., Covington, M., Sandhu, R.: Toward a Usage-Based Security Framework for Collaborative Computing Systems. Journal of ACM Transactions on Information and System Security 11(1) (2008)
Kumaraguru, P., Cranor, L.F.: A Survey of privacy policy languages. In: SOUPS 2007 Proceedings of Third Symposium on Usable Privacy and Security (2007)
Gouglidis, A., Mavridis, I.: On the Definition of Access Control Requirements for Grid and Cloud Computing Systems. In: GridNets 2009 Third International ICST Conference (2009)
Zhang, X., Parisi-Presicce, F., Park, J., Sandhu, R.: A Logical Specification of Usage Control. In: SACMAT 2004 ACM Transactions on Information and System Security (2000)
Lu, J., Li, R., Varadharajan, V., Lu, Z., Ma, X.: Secure Interoperation in Multidomain Environments Employing UCON Policies. In: Samarati, P., Yung, M., Martinelli, F., Ardagna, C.A. (eds.) ISC 2009. LNCS, vol. 5735, pp. 395–402. Springer, Heidelberg (2009)
Subashini, S., Kavitha, V.: A survey on security issues in service delivery models of cloud computing. Elsevier Journal of Network and Computer Applications 34(1) (2010)
Haidar, D.A., CuppensBoulahia, N., Cuppens, F., Debar, H.: An Extended RBAC profile in XACML. In: SWS 2006 Proceedings of the 3rd ACM Workshop on Secure Web Services (2006)
Chen, D., Huang, X., Ren, X.: Access Control of Cloud Services Based on UCON. In: CloudCom 2009 Proceedings of the 1st International Conference on Cloud Computing (2009)
Ali, T., Nauman, M., Fazl-e-Hadi, Muhaya, F.B.: On Usage Control of Multimedia Content in and through Cloud Computing Paradigm. In: 5th International Conference on Future Information Technology (2010)
Katt, B., Zhang, X., Breu, R., Hafner, M., Seifert, J.-P.: A General Obligation Model and Continuity-Enhanced Policy Enforcement Engine for Usage Control. In: SACMAT 2008 Proceedings of the 13th ACM Symposium on Access Control Models and Technologies (2008)
xacml-3.0 core specifications, eXtensible Access Control Markup Language (XACML) Version 3.0 (April 2012), http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-en.pdf
xacml-3.0 rbac specifications, XACML v3.0 Core and Hierarchical Role Based Access Control (RBAC) Profile Version 1.0 (August 2010), http://docs.oasis-open.org/xacml/3.0/xacml-3.0-rbac-v1-spec-cs-01-en.pdf
A Brief Introduction to XACML, http://www.oasis-open.org/committees/download.php/2713/Brief_Introduction_to_XACML.html
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 IFIP International Federation for Information Processing
About this paper
Cite this paper
Um-e-Ghazia, Masood, R., Shibli, M.A., Bilal, M. (2012). Usage Control Model Specification in XACML Policy Language. In: Cortesi, A., Chaki, N., Saeed, K., Wierzchoń, S. (eds) Computer Information Systems and Industrial Management. CISIM 2012. Lecture Notes in Computer Science, vol 7564. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33260-9_5
Download citation
DOI: https://doi.org/10.1007/978-3-642-33260-9_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-33259-3
Online ISBN: 978-3-642-33260-9
eBook Packages: Computer ScienceComputer Science (R0)