Abstract
Access control systems can be categorized in two classes: stateless or stateful. While stateless access control systems consider only current state of the system for access decision, stateful access control integrates past and current state of the system. The state of the system can change depending on the way how resources were used. We also observe that stateful access control systems strongly rely on centralised state monitoring infrastructure. In the context of distributed systems, state monitoring is very difficult to achieve, both for security and technical reasons. In this paper, we propose to use obligation execution proof to evaluate current distributed system state. Data usage conditions are defined as obligations expressing the actions that must be executed before or after granted access. In this paper, we aim at fostering distributed access control enforcement relying on certified obligations.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Trabelsi, S., Sendor, J., Reinicke, S.: PPL: PrimeLife Privacy Policy Engine. POLICY (2011)
Ben-Ghorbel-Talbi, M., Cuppens, F., Cuppens-Boulahia, N., Bouhoula, A.: An extended role-based access control model for delegating obligations. In: Fischer-Hübner, S., Lambrinoudakis, C., Pernul, G. (eds.) TrustBus 2009. LNCS, vol. 5695, pp. 127–137. Springer, Heidelberg (2009)
Ni, Q., Bertino, E., Lobo, J.: An Obligation Model Bridging Access Control Policies and Privacy Policies. In: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, SACMAT 2008 (2008)
Chen, L., Cramptony, J., Kollingbaum, M.J., Norman, T.J.: Obligations in Risk-Aware Access Control. In: Proceedings of the 13th ACM Symposium on Access control Models and Technologies, SACMAT (2008), Proceedings of the 2012 Tenth Annual International Conference on Privacy, Security and Trust, PST 2012 (2012)
Bettini, C., Jajodia, S., Wang, X.S., Wijesekera, D.: Provisions and Obligations in Policy Management and Security Applications. In: Proceedings of the 13th ACM Symposium on Access Control Models and Technologies, SACMAT 2008 (2008), Proceedings of the 28th International Conference on Very Large Data Bases, VLDB 2002 (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gomez, L., Trabelsi, S. (2014). Obligation Based Access Control. In: Meersman, R., et al. On the Move to Meaningful Internet Systems: OTM 2014 Workshops. OTM 2014. Lecture Notes in Computer Science, vol 8842. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-45550-0_15
Download citation
DOI: https://doi.org/10.1007/978-3-662-45550-0_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-45549-4
Online ISBN: 978-3-662-45550-0
eBook Packages: Computer ScienceComputer Science (R0)