Title :
A Trustworthy Usage Control Enforcement Framework
Author :
Neisse, Ricardo ; Pretschner, Alexander ; Giacomo, Valentina Di
Author_Institution :
Fraunhofer IESE, Kaiserslautern, Germany
Abstract :
Usage control policies specify restrictions on the handling of data after access has been granted. We present the design and implementation of a framework for enforcing usage control requirements and demonstrate its genericity by instantiating it to two different levels of abstraction, those of the operating system and an enterprise service bus. This framework consists of a policy language, an automatic conversion of policies into enforcement mechanisms, and technology implemented on the grounds of trusted computing technology that makes it possible to detect tampering with the infrastructure. We show how this framework can, among other things, be used to enforce separation-of-duty policies. We provide a performance analysis.
Keywords :
data handling; security of data; specification languages; abstraction level; automatic policy conversion; control requirements; data handling; detect tampering; enforcement mechanisms; enterprise service bus; operating system; performance analysis; policy language; separation-of-duty policy; trusted computing technology; trustworthy usage control enforcement framework; usage control policy; Assembly; Authentication; Business; Monitoring; Runtime; Signal resolution; Throughput; Data usage control;
Conference_Titel :
Availability, Reliability and Security (ARES), 2011 Sixth International Conference on
Conference_Location :
Vienna
Print_ISBN :
978-1-4577-0979-1
Electronic_ISBN :
978-0-7695-4485-4
DOI :
10.1109/ARES.2011.40
