Skip to main content

Distributed and minimal usage control

Abstract

With more and more personal data being collected and stored by service providers, there is an increasing need to ensure that their usage is compliant with privacy regulations and user preferences. We consider the specific scenario where promised usage is specified as metric temporal logic policies, and these policies can be verified against the database usage logs. Given the vast amount of data being collected, scalability is very important. In this work, we show how such usage monitoring can be performed in a distributed fashion for an expressive subset of policies. Experimental results are given for a real-life use case to show the genericness and scalability of the results.

This is a preview of subscription content, access via your institution.

References

  1. Basin D, Harvan M, Klaedtke F, Zalinescu E (2011) Monitoring usage-control policies in distributed systems. In: Proceedings of the international symposium on temporal representation and reasoning (TIME), pp 88–95

  2. Kiukkonen N, Blom J, Dousse O, Gatica-Perez D, Laurila J 2010 Towards Rich Mobile Phone Datasets: Lausanne Data Collection Campaign. in: Proceedings of the International Conference on Pervasive Services (ICPS) [Online]. Available: http://research.nokia.com/page/11367

  3. Basin D, Klaedtke F, Muller S, Pfitzmann B (2008) Runtime monitoring of metric first-order temporal properties. In: Proceedings of the foundations of software technology and theoretical computer science (FSTTCS), pp 49–60

  4. Lee I-S, Rask A (2008) Auditing in SQL server [Online]. Available: http://msdn.microsoft.com/en-us/library/dd392015%28v=sql.100%29.aspx

  5. Jeloka S (2010) Chapter 8. Database auditing: security considerations. Oracle database security guide [Online]. Available: http://download.oracle.com/docs/cd/B19306_01/network.102/b14266.pdf

  6. Goodloe A, Pike L (2010) Monitoring distributed real-time systems: a survey and future directions. NASA Langley Research Center, Tech. Rep. NASA/CR-2010-216724

  7. Stihler M Santin AO, Calsavara A, Marcon AL (2009) Distributed usage control architecture for business coalitions. In: Proceedings of the international conference on communications (ICC), pp 1–6

  8. Hilty M, Pretschner A, Basin D, Schaefer C, Walter T (2007) A policy language for distributed usage control. In: Proceedings of the European symposium On research in computer security (ESORICS), pp 531–546

  9. Hilty M, Pretschner A, Schaefer C, Walter T (2008) DUKE—distributed usage control enforcement. In: Proceedings of the IEEE workshop on policies for distributed systems and networks (POLICY), p 275

  10. Pretschner A, Hilty M, Basin D (2006) Distributed usage control. Commun ACM 49(9): 39–44

    Article  Google Scholar 

  11. Genon A, Massart T, Meuter C (2006) Monitoring distributed controllers: when an efficient LTL algorithm on sequences is needed to model-check traces. In: Proceedings of the international symposium on formal methods (FM), pp 557–572

  12. Bauer A, Leucker M, Schallhart C (2006) Model-based runtime analysis of distributed reactive systems. In: Proceedings of the Australian software engineering conference (ASWEC)

  13. Janicke H, Cau A, Siewe F, Zedan H (2008) Concurrent enforcement of usage control policies. In: Proceedings of the IEEE workshop on policies for distributed systems and networks (POLICY), pp 111–118

  14. Biswas D (2012) Privacy policies change management for smartphones. In: Proceedings of the IEEE workshop on managing ubiquitous communications and services (MUCS)

  15. Biswas D, Niemi V (2011) Transforming privacy policies to auditing specifications. In: Proceedings of the 13th IEEE international symposium on high-assurance systems engineering (HASE), pp 368–375

  16. Sen K, Vardhan A, Agha G, Rosu G (2004) Efficient decentralized Monitoring of Safety in Distributed Systems. In: Proceedings of the international conference on software engineering (ICSE), pp 418–427

  17. Biswas D, Nefedov N, Niemi V (2011) Distributed usage control. In: Proceedings of the 8th international conference on mobile Web information systems (MobiWIS), pp 562–569

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Debmalya Biswas.

Rights and permissions

Reprints and Permissions

About this article

Cite this article

Biswas, D., Nefedov, N. & Niemi, V. Distributed and minimal usage control. SOCA 6, 393–402 (2012). https://doi.org/10.1007/s11761-012-0112-4

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11761-012-0112-4

Keywords

  • Usage control
  • Auditing
  • Distributed logic
  • Heuristics