Title :
xDUCON: Cross Domain Usage Control through Shared Data Spaces
Author :
Russello, Giovanni ; Dulay, Naranker
Author_Institution :
Create-net, Trento, Italy
Abstract :
In this paper, we present a preliminary design of a framework for coordinating and enforcing usage control policies across different collaborating organisations. We named our framework xDUCON. The main goal of xDUCON is the specification of usage control policies that concisely capture conditions, authorisations, and obligations on both providers and consumers of resources. The novelty of xDUCON is its enforcement design that is based on the Shared Data Space (SDS) abstraction. The SDS allows the coordination of the decision and enforcement points abstracting from the details of the actual deployment of the framework. Moreover, the SDS abstraction caters for the necessary synchronisation facilities necessary to realise a concrete implementation of control usage framework such as support for entity mutability and control over long-lived sessions to evaluate the access rights of a subject while the access is being executed.
Keywords :
authorisation; data structures; formal specification; information management; synchronisation; authorisation; cross domain usage control policy specification; information management; organisation collaboration; shared data space abstraction; synchronisation; xDUCON framework; Authorization; Business; Companies; Computer networks; Concrete; Control systems; Distributed computing; Information management; International collaboration; Permission;
Conference_Titel :
Policies for Distributed Systems and Networks, 2009. POLICY 2009. IEEE International Symposium on
Conference_Location :
London
Print_ISBN :
978-0-7695-3742-9
Electronic_ISBN :
978-0-7695-3742-9
DOI :
10.1109/POLICY.2009.18
