Skip to main content
SpringerLink
Log in

Representation-Independent Data Usage Control

  • Conference paper
Data Privacy Management and Autonomous Spontaneus Security (DPM 2011, SETOP 2011)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7122))

Abstract

Usage control is concerned with what happens to data after access has been granted. In the literature, usage control models have been defined on the grounds of events that, somehow, are related to data. In order to better cater to the dimension of data, we extend a usage control model by the explicit distinction between data and representation of data. A data flow model is used to track the flow of data in-between different representations. The usage control model is then extended so that usage control policies can address not just one single representation (e.g., delete file1.txt after thirty days) but rather all representations of the data (e.g., if file1.txt is a copy of file2.txt, also delete file2.txt). We present three proof-of-concept implementations of the model, at the operating system level, at the browser level, and at the X11 level, and also provide an ad-hoc implementation for multi-layer enforcement.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Lovat, E., Pretschner, A.: Data-centric multi-layer usage control enforcement: A social network example. In: Proceedings of the 16th ACM Symposium on Access Control Models and Technologies, SACMAT 2011, pp. 151–152 (2011)

    Google Scholar 

  2. Hilty, M., Pretschner, A., Basin, D., Schaefer, C., Walter, T.: A Policy Language for Distributed Usage Control. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 531–546. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  3. Harvan, M., Pretschner, A.: State-based Usage Control Enforcement with Data Flow Tracking using System Call Interposition. In: Proc. 3rd Intl. Conf. on Network and System Security, pp. 373–380 (2009)

    Google Scholar 

  4. Pretschner, A., Buechler, M., Harvan, M., Schaefer, C., Walter, T.: Usage control enforcement with data flow tracking for x11. In: Proc. 5th Intl. Workshop on Security and Trust Management, pp. 124–137 (2009)

    Google Scholar 

  5. Schaefer, C., Walter, T., Pretschner, A., Harvan, M.: Usage control policy enforcement in OpenOffice.org and information flow. In: Proc. Annual ISSA (2009)

    Google Scholar 

  6. Pretschner, A., Hilty, M., Basin, D., Schaefer, C., Walter, T.: Mechanisms for Usage Control. In: Proc. ACM Symposium on Information, Computer & Communication Security, pp. 240–245 (2008)

    Google Scholar 

  7. Leucker, M., Schallhart, C.: A brief account of runtime verification. J. Log. Algebr. Program. 78(5), 293–303 (2009)

    Article  MATH  Google Scholar 

  8. Hilty, M., Pretschner, A., Basin, D., Schaefer, C., Walter, T.: Monitors for usage control. In: Proc. Trust Management, vol. 238, pp. 411–414 (2007)

    Google Scholar 

  9. Neisse, R., Holling, D., Pretschner, A.: Implementing trust in cloud infrastructures. In: CCGrid (2011), http://zvi.ipd.kit.edu

  10. Dam, M., Jacobs, B., Lundblad, A., Piessens, F.: Security Monitor Inlining for Multithreaded Java. In: Drossopoulou, S. (ed.) ECOOP 2009. LNCS, vol. 5653, pp. 546–569. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  11. Ion, I., Dragovic, B., Crispo, B.: Extending the Java Virtual Machine to Enforce Fine-Grained Security Policies in Mobile Devices. In: Proc. Annual Computer Security Applications Conference, pp. 233–242. IEEE Computer Society (2007)

    Google Scholar 

  12. Desmet, L., Joosen, W., Massacci, F., Naliuka, K., Philippaerts, P., Piessens, F., Vanoverberghe, D.: The S3MS.NET Run Time Monitor: Tool Demonstration. ENTCS 253(5), 153–159 (2009)

    Google Scholar 

  13. Erlingsson, U., Schneider, F.: SASI enforcement of security policies: A retrospective. In: Proc. New Security Paradigms Workshop, pp. 87–95 (1999)

    Google Scholar 

  14. Yee, B., Sehr, D., Dardyk, G., Chen, J., Muth, R., Ormandy, T., Okasaka, S., Narula, N., Fullagar, N.: Native Client: A Sandbox for Portable, Untrusted x86 Native Code. In: Proc. IEEE Symposium on Security and Privacy, pp. 79–93 (2009)

    Google Scholar 

  15. Gheorghe, G., Neuhaus, S., Crispo, B.: xESB: An Enterprise Service Bus for Access and Usage Control Policy Enforcement. In: Nishigaki, M., Jøsang, A., Murayama, Y., Marsh, S. (eds.) IFIPTM 2010. IFIP AICT, vol. 321, pp. 63–78. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  16. Egele, M., Kruegel, C., Kirda, E., Yin, H., Song, D.: Dynamic spyware analysis. In: Proceedings of USENIX Annual Technical Conference (June 2007)

    Google Scholar 

  17. Adobe livecycle rights management es (August 2010), http://www.adobe.com/products/livecycle/rightsmanagement/indepth.html

  18. Microsoft. Windows Rights Management Services (2010), http://www.microsoft.com/windowsserver2008/en/us/ad-rms-overview.aspx

  19. Pretschner, A., Hilty, M., Schutz, F., Schaefer, C., Walter, T.: Usage control enforcement: Present and future. IEEE Security & Privacy 6(4), 44–53 (2008)

    Article  Google Scholar 

  20. Mantel, H.: Possibilistic definitions of security - an assembly kit. In: IEEE Computer Security Foundations Workshop, p. 185 (2000)

    Google Scholar 

  21. Hammer, C., Snelting, G.: Flow-sensitive, context-sensitive, and object-sensitive information flow control based on program dependence graphs. International Journal of Information Security 8, 399–422 (2009), 10.1007/s10207-009-0086-1

    Article  Google Scholar 

  22. Luckham, D.C.: The Power of Events: An Introduction to Complex Event Processing in Distributed Enterprise Systems. In: Bassiliades, N., Governatori, G., Paschke, A. (eds.) RuleML 2008. LNCS, vol. 5321, p. 3. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  23. Pretschner, A., Lovat, E., Büchler, M.: Representation-Independent Data Usage Control. Technical Report 2011,23, Karlsruhe Institute of Technology (August 2011), http://digbib.ubka.uni-karlsruhe.de/volltexte/1000024005

  24. Pretschner, A., Rüesch, J., Schaefer, C., Walter, T.: Formal analyses of usage control policies. In: ARES, pp. 98–105 (2009)

    Google Scholar 

  25. Havelund, K., Rosu, G.: Efficient monitoring of safety properties. Int. J. Softw. Tools Technol. Transf. 6 (August 2004)

    Google Scholar 

  26. Kumari, P., Pretschner, A., Peschla, J., Kuhn, J.M.: Distributed data usage control for web applications: a social network implementation. In: Proc. of 1st ACM Conference on Data and Application Security and Privacy, CODASPY (2011)

    Google Scholar 

  27. Efstathopoulos, P., Krohn, M., VanDeBogart, S., Frey, C., Ziegler, D., Kohler, E., Mazières, D., Kaashoek, F., Morris, R.: Labels and event processes in the asbestos operating system. In: Proc. SOSP, pp. 17–30 (2005)

    Google Scholar 

  28. Zeldovich, N., Boyd-Wickizer, S., Mazières, D.: Securing distributed systems with information flow control. In: Proc. of NSDI, pp. 293–308 (2008)

    Google Scholar 

  29. Enck, W., Gilbert, P., Chun, B., Cox, L., Jung, J., McDaniel, P., Sheth, A.: Taintdroid: An information-flow tracking system for realtime privacy monitoring on smartphones. In: Proc. of USENIX OSDI (2010)

    Google Scholar 

  30. Demsky, B.: Garm: cross application data provenance and policy enforcement. In: Proceedings of the 4th USENIX Conference on Hot Topics in Security, HotSec 2009, pages 10. USENIX Association, Berkeley (2009)

    Google Scholar 

  31. Rushby, J.: Noninterference, transitivity and channel-control security policies (1992)

    Google Scholar 

  32. Goguen, J.A., Meseguer, J.: Security policies and security models. In: Proc. of IEEE Symposium on Security and Privacy, pp. 11–20 (1982)

    Google Scholar 

  33. Vachharajani, N., Bridges, M.J., Chang, J., Rangan, R., Ottoni, G., Blome, J.A., Reis, G.A., Vachharajani, M., August, D.I.: Rifle: An architectural framework for user-centric information-flow security. In: Proc. of 37th Annual IEEE/ACM International Symposium on Microarchitecture, MICRO 37, pp. 243–254 (2004)

    Google Scholar 

  34. Rissanen, E.: Extensible access control markup language v3.0 (2010), http://docs.oasis-open.org

  35. Twidle, K., Lupu, E., Dulay, N., Sloman, M.: Ponder2 - a policy environment for autonomous pervasive systems. In: IEEE International Workshop on Policies for Distributed Systems and Networks (2008)

    Google Scholar 

  36. Park, J., Sandhu, R.: The UCON ABC usage control model. ACM Trans. Inf. Syst. Secur. 7(1), 128–174 (2004)

    Article  Google Scholar 

  37. Zhang, X., Park, J., Parisi-Presicce, F., Sandhu, R.: A logical specification for usage control. In: SACMAT (2004)

    Google Scholar 

  38. Nair, S.K., Tanenbaum, A.S., Gheorghe, G., Crispo, B.: Enforcing drm policies across applications. In: Proceedings of the 8th ACM Workshop on Digital Rights Management, DRM 2008, pp. 87–94. ACM, New York (2008)

    Chapter  Google Scholar 

  39. Gheorghe, G., Mori, P., Crispo, B., Martinelli, F.: Enforcing UCON Policies on the Enterprise Service Bus. In: Meersman, R., Dillon, T., Herrero, P. (eds.) OTM 2010, Part II. LNCS, vol. 6427, pp. 876–893. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  40. McCamant, S., Ernst, M.D.: Quantitative information flow as network flow capacity. In: PLDI, pp. 193–205 (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Karlsruhe Institute of Technology, Germany

    Alexander Pretschner, Enrico Lovat & Matthias Büchler

Authors
  1. Alexander Pretschner
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Enrico Lovat
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Matthias Büchler
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. TELECOM-Bretagne, Campus de Rennes, 2, rue de la Châtaigneraie, 35512, Cesson Sévigné Cedex, France

    Joaquin Garcia-Alfaro

  2. Universitat Autonoma de Barcelona, Edifici-Q, Campus UAB, 08193, Bellaterra, Spain

    Guillermo Navarro-Arribas

  3. Institut Télécom, Télécom Bretagne, CS 17607, 35576, Cesson-Sévigné, France

    Nora Cuppens-Boulahia

  4. Dipartimento di Tecnologie dell’Informazione, Università degli Studi di Milano, Via Bramante 65, 26013, Crema, Italy

    Sabrina de Capitani di Vimercati

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Pretschner, A., Lovat, E., Büchler, M. (2012). Representation-Independent Data Usage Control. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cuppens-Boulahia, N., de Capitani di Vimercati, S. (eds) Data Privacy Management and Autonomous Spontaneus Security. DPM SETOP 2011 2011. Lecture Notes in Computer Science, vol 7122. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28879-1_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-28879-1_9

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-28878-4

  • Online ISBN: 978-3-642-28879-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation