Advertisement

Audit-based compliance control

  • J. G. Cederquist
  • R. Corin
  • M. A. C. DekkerEmail author
  • S. Etalle
  • J. I. den Hartog
  • G. Lenzini
Special Issue Paper

Abstract

In this paper we introduce a new framework for controlling compliance to discretionary access control policies [Cederquist et al. in Proceedings of the International Workshop on Policies for Distributed Systems and Networks (POLICY), 2005; Corin et al. in Proceedings of the IFIP Workshop on Formal Aspects in Security and Trust (FAST), 2004]. The framework consists of a simple policy language, modeling ownership of data and administrative policies. Users can create documents, and authorize others to process the documents. To control compliance to the document policies, we define a formal audit procedure by which users may be audited and asked to justify that an action was in compliance with a policy. In this paper we focus on the implementation of our framework. We present a formal proof system, which was only informally described in earlier work. We derive an important tractability result (a cut-elimination theorem), and we use this result to implement a proof-finder, a key component in this framework. We argue that in a number of settings, such as collaborative work environments, where a small group of users create and manage document in a decentralized way, our framework is a more flexible approach for controlling the compliance to policies.

Keywords

Access control Audit Policy Privacy 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    AC 2 proof tools at http://www.cs.ru.nl/pawGoogle Scholar
  2. 2.
    Abadi, M.: Logic in access control. In: Kolaitis, P.G. (ed.) Proceedings of the Symposium on Logic in Computer Science (LICS), pp. 228–233. IEEE Computer Society Press (2003)Google Scholar
  3. 3.
    Appel, A.W., Felten, E.W.: Proof-carrying authentication. In: Tsudik, G. (ed.) Proceedings of the Conference on Computer and Communications Security (CCS), pp. 52–62. ACM Press (1999)Google Scholar
  4. 4.
    Ashley, P., Hada, S., Karjoth, G., Schunter, M.: E-p3p privacy policies and privacy authorization. In: Samarati, P. (ed.) Proceedings of the ACM workshop on Privacy in the Electronic Society (WPES 2002), pp. 103–109. ACM Press (2002)Google Scholar
  5. 5.
    Bandmann, O.L., Firozabadi, B.S., Dam, M.: Constrained delegation. In: Abadi, M., Bellovin, S.M. (eds.) Proceedings of the Symposium on Security and Privacy (S&P), pp. 131–140. IEEE Computer Society Press (2002)Google Scholar
  6. 6.
    Becker, M.Y., Sewell, P.: Cassandra: flexible trust management, applied to electronic health records. In: Focardi, R. (ed.) Proceedings of the Computer Security Foundations Workshop (CSFW), pp. 139–154. IEEE Computer Society Press (2004)Google Scholar
  7. 7.
    Beckert B. and Posegga J. (1995). leantap: lean tableau-based deduction. J. Autom. Reasoning 15(3): 339–358 zbMATHCrossRefMathSciNetGoogle Scholar
  8. 8.
    Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: Proceedings of the Symposium on Security and Privacy (S&P), pp. 164–173. IEEE Computer Society Press (1996)Google Scholar
  9. 9.
    Cederquist, J.G., Corin, R.J., Dekker, M.A.C., Etalle, S., den Hartog, J.I.: An audit logic for accountability. In: Sahai, A., Winsborough, W.H. (eds.) Proceedings of the International Workshop on Policies for Distributed Systems and Networks (POLICY), pp. 34–43. IEEE Computer Society Press (2005)Google Scholar
  10. 10.
    Chong, C.N., Peng, Z., Hartel, P.H.: Secure audit logging with tamper-resistant hardware. In: Gritzalis, D., S.D.C., Samarati, P., Katsikas, S.K. (eds.) 18th IFIP TC11 International Conference on Information Security and Privacy in the Age of Uncertainty (SEC), Athens, Greece, pp. 73–84. Kluwer Academic, Dordrecht (2003)Google Scholar
  11. 11.
    Corin, R., Etalle, S., den Hartog, J.I., Lenzini, G., Staicu, I.: A logic for auditing accountability in decentralized systems. In: Dimitrakos, T., Martinelli, F. (eds.) Proceedings of the IFIP Workshop on Formal Aspects in Security and Trust (FAST), vol. 173, pp. 187—202. Springer, Berlin (2004)Google Scholar
  12. 12.
    DeTreville, J.: Binder, a logic-based security language. In: Proceedings of the Symposium on Research in Security and Privacy (S&P), pp. 105–113. IEEE Computer Society Press (2002)Google Scholar
  13. 13.
    Dowek, G., Jiang, Y.: Eigenvariables, bracketing and the decidability of positive minimal intuitionistic logic. Electr. Notes Theor. Comput. Sci. 85(7) (2003)Google Scholar
  14. 14.
    Garg, D., Bauer, L., Bowers, K., Pfenning, F., Reiter, M.: A linear logic of authorization and knowledge. In: Proceedings of the European Symposium On Research In Computer Security (ESORICS). Springer, Berlin (2006)Google Scholar
  15. 15.
    Garg, D., Pfenning, F.: Non-interference in constructive authorization logic. In: Proceedings of the Computer Security Foundations Workshop (CSFW). IEEE Computer Society Press (2006)Google Scholar
  16. 16.
    Halpern, J.Y., van der Meyden, R.: A logic for SDSI’s linked local name spaces. In: Syverson, P. (ed.) Proceedings of the Computer Security Foundations Workshop (CSFW), pp. 111–122. IEEE Computer Society Press (1999)Google Scholar
  17. 17.
    Halpern, J.Y., Weissman, V.: Using first-order logic to reason about policies. In: Focardi, R. (ed.) Proceedings of the Computer Security Foundations Workshop (CSFW), pp. 187–201. IEEE Computer Society Press (2003)Google Scholar
  18. 18.
    Hu, V., Ferraiolo, D., Kuhn, D.: Assessment of access control systems—NIST interagency report. Technical report, National Institute of Standards and Technology (2006)Google Scholar
  19. 19.
    Jajodia, S., Gadia, S., Bhargava, G.: Logical design of audit information in relational databases. In: Information Security: An integrated Collection of Essays, pp. 585–595. IEEE Computer Society Press (1995)Google Scholar
  20. 20.
    Karjoth, G., Schunter, M., Waidner, M.: Platform for enterprise privacy practices: Privacy-enabled management of customer data. Privacy Enhancing Technologies (2002)Google Scholar
  21. 21.
    Li N., Grosof B.N. and Feigenbaum J. (2003). Delegation logic: a logic-based approach to distributed authorization. ACM Trans. on Inf. Syst. Secur. (TISSEC) 6(1): 128–171 CrossRefGoogle Scholar
  22. 22.
    Li, N., Mitchell, J.: Datalog with constraints: A foundation for trust management languages. In: Dahl, V., Wadler, P. (eds.) Proceedings of the International Symposium on Practical Aspects of Declarative Languages (PADL) (2003)Google Scholar
  23. 23.
    Li, N., Mitchell, J., Winsborough, W.: Design of a role-based trust-management framework. In: Abadi, M., Bellovin, S.M. (eds.) Proceedings of the Symposium on Research in Security and Privacy (S&P), pp. 114–130. IEEE Computer Society Press (2002)Google Scholar
  24. 24.
    Longstaff, J.J., Lockyer, M.A., Thick, M.G.: A model of accountability, confidentiality and override for healthcare and other applications. In: Proceedings of the Workshop on Role-based Access Control (RBAC)Google Scholar
  25. 25.
    Necula, G.C.: Compiling with proofs. Ph.D. thesis, School of Computer Science, Carnegie Mellon University, Pittsburgh, PA (1998)Google Scholar
  26. 26.
    OASIS Access Control TC: eXtensible Access Control Markup Language (XACML) Version 2.0—Oasis Standard, 1 Feb 2005 (2005)Google Scholar
  27. 27.
    Park, J., Sandhu, R.: Originator control in usage control. In: Lobo, J., Dulay, N. (eds.) Proceedings of the International Workshop on Policies for Distributed Systems and Networks (POLICY), p. 60. IEEE Computer Society, Washington, DC, USA (2002)Google Scholar
  28. 28.
    Park, J., Sandhu, R.: Towards usage control models: beyond traditional access control. In: Bertino, E. (ed.) Proceedings of the Symposium on Access Control Models and Technologies (SACMAT), pp. 57–64. ACM Press (2002)Google Scholar
  29. 29.
    Pfenning, F.: Linear logic course handouts. http://www.cs.cmu. edu/ fp/courses/linear.html (2002)Google Scholar
  30. 30.
    Pfenning, F., Schürmann, C.: System description: Twelf—a meta-logical framework for deductive systems. In: Ganzinger, H. (ed.) Proceedings of the International Conference on Automated Deduction (CADE), pp. 202–206. Springer, Berlin (1999)Google Scholar
  31. 31.
    Rissanen, E., Firozabadi, B.S., Sergot, M.J.: Discretionary overriding of access control in the privilege calculus. In: Dimitrakos, T., Martinelli, F. (eds.) Proceedings of the 2nd IFIP Workshop on Formal Aspects in Security and Trust (FAST), pp. 219–232. Springer, Berlin (2004)Google Scholar
  32. 32.
    Sandhu, R., Park, J.: Usage control: A vision for next generation access control. In: Gorodetsky, V., Popyack, L.J., Skormin, V.A. (eds.) Proceedings of the International Workshop on Mathematical Methods, Models, and Architectures for Computer Network Security MMM-ACNS. LNCS, vol. 2776, pp. 17–31. Springer, Berlin (2003)Google Scholar
  33. 33.
    Sandhu R. and Samarati P. (1994). Access control: principles and practice. IEEE Commun. Mag. 32(9): 40–48 CrossRefGoogle Scholar
  34. 34.
    Sandhu R. and Samarati P. (1996). Authentication, access control and audit. ACM Comput. Surv. 28(1): 241–243 CrossRefGoogle Scholar
  35. 35.
    Shmatikov V. and Talcott C.L. (2005). Reputation-based trust management. J. Comput. Secur. 13(1): 167–190 Google Scholar
  36. 36.
    Szabo E.M. ed. (1969). The Collected of Gerhard Gentzen. North Holland, AmsterdamzbMATHGoogle Scholar
  37. 37.
    The European Parliament and the Council of the European Union: UE DIRECTIVE 2002/58/EC on privacy and electronic communications. Official Journal of the European Union. http://europa.eu.int/eur-lex/pri/en/oj/dat/2002/l_201/ l_20120020731en 00370047.pdf (2002)Google Scholar
  38. 38.
    The US Department of Health and Human Services: Summary of the HIPAA Privacy Rule. Available on the website http://www.hhs.gov/ocr/privacysummary.pdf (2002)Google Scholar
  39. 39.
    Topkara, M., Topkara, U., Atallah, M.J.: Words are not enough: sentence level natural language watermarking. In: Proceedings of the International workshop on Contents Protection and Security (MCPS), pp. 37–46. ACM Press (2006)Google Scholar
  40. 40.
    U.S. Securities and Exchange Commission: Sarbanes-oxley act (2002)Google Scholar
  41. 41.
    Wang, X., Lao, G., De Martini, T., Reddy, H., Nguyen, M., Valenzuela, E.: XrML: eXtensible rights markup language. In: Kudo, M. (ed.) Proceedings of the Workshop on XML Security (XMLSEC), pp. 71–79. ACM Press (2002)Google Scholar
  42. 42.
    Whitehead, N., Abadi, M., Necula, G.C.: By reason and authority: a system for authorization of proof-carrying code. In: Focardi, R. (ed.) Proceedings of the Computer Security Foundations Workshop (CSFW), pp. 236–250. IEEE Computer Society Press (2004)Google Scholar

Copyright information

© Springer-Verlag 2007

Authors and Affiliations

  • J. G. Cederquist
    • 1
  • R. Corin
    • 2
  • M. A. C. Dekker
    • 3
    Email author
  • S. Etalle
    • 2
  • J. I. den Hartog
    • 2
  • G. Lenzini
    • 4
  1. 1.SQIG—IT, ISTTechnical University of LisbonLisbonPortugal
  2. 2.Computer Science DepartmentUniversity of TwenteTwenteThe Netherlands
  3. 3.Security GroupTNO ICTDelftThe Netherlands
  4. 4.Telematica InstituutEnschedeThe Netherlands

Personalised recommendations