Enforcement of U-XACML History-Based Usage Control Policy

  • Fabio Martinelli
  • Ilaria Matteucci
  • Paolo Mori
  • Andrea Saracino
Conference paper

DOI: 10.1007/978-3-319-46598-2_5

Part of the Lecture Notes in Computer Science book series (LNCS, volume 9871)
Cite this paper as:
Martinelli F., Matteucci I., Mori P., Saracino A. (2016) Enforcement of U-XACML History-Based Usage Control Policy. In: Barthe G., Markatos E., Samarati P. (eds) Security and Trust Management. STM 2016. Lecture Notes in Computer Science, vol 9871. Springer, Cham

Abstract

Usage Control policies have been introduced to overcome issues related to the usage of resources. Indeed, a Usage Control policy takes into account attributes of subjects and resources which change over time. Hence, the policy is continuously enforced while an action is performed on a resource, and it is re-evaluated at every context change. This permits to revoke the access to a resource as soon as the new context violates the policy. The Usage Control model is very flexible, and mutable attributes can be exploited also to make a decision based on the actions that have been previously authorized and executed. This paper presents a history-based variant of U-XACML policies composed via process algebra-like operators in order to take trace of past actions made on resources by the subjects. In particular, we present a formalization of our idea through a process algebra and the enhanced logical architecture to enforce such policies.

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  • Fabio Martinelli
    • 1
  • Ilaria Matteucci
    • 1
  • Paolo Mori
    • 1
  • Andrea Saracino
    • 1
  1. 1.Istituto di Informatica e TelematicaIIT-CNRPisaItaly

Personalised recommendations