The UCON ABC usage control model

ACM Transactions on Information and System Security

Volumn 7, Issue 1, 2004, Pages 128-174

  Park, Jaehong ^a   Sandhu, Ravi ^a  

^a GEORGE MASON UNIVERSITY   (United States)

Author keywords

Access control; Digital rights management; Privacy; Trust; Usage control

Indexed keywords

ACCESS CONTROL; CORE MODELS; DIGITAL RIGHTS MANAGEMENT (DRM); PRIVACY; TRUST; USAGE CONTROL;

CLIENT SERVER COMPUTER SYSTEMS; COMPUTER AIDED NETWORK ANALYSIS; COMPUTER MONITORS; COMPUTER OPERATING SYSTEMS; DECISION MAKING; INTERNET; MATHEMATICAL MODELS; MOBILE COMPUTING; MOBILE TELECOMMUNICATION SYSTEMS; SECURITY OF DATA;

DIGITAL COMPUTERS;

EID: 3142523603     PISSN: 10949224     EISSN: None     Source Type: Journal    
DOI: 10.1145/984334.984339     Document Type: Article

References (44)

1. ABADI, M., BURROWS, M., AND LAMPSON, B. 1993. A calculus for access control in distributed systems. ACM TOPLAS 15, 4, 706-734.
2. ANDERSON, R. 2002. TCPA/palladium frequently asked questions. Available at http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html.
3. ARBAUGH, W. 1997. A secure and reliable bootstrap architecture Proceedings of the IEEE Symposium on Security and Privacy, 65-71.
4. BAKER, D., BARNHART, R., AND BUSS, T. 1997. PCASSO: Applying and extending state-of-the-art security in the healthcare domain. Proceedings of the Annual Computer Security Applications Conference.
5. BELL, D. AND LAPADULA, L. 1973. Secure computer systems: Mathematical foundations and model. MITRE Report, MTR 2547, v2, November.
6. BETTINI ET AL. 2002. Obligation monitoring in policy management. Proceedings of the Workshop on Policies for Distributed Systems and Networks.
7. BLAZE, M., FEIGENBAUM, J., AND LACY, J. 1996. Decentralized trust management. Proceedings of IEEE Symposium on Security and Privacy.
8. CONTENTGUARD. 2002. XrML: Extensible rights Markup Language Core 2.1 Specification. Available at http://www.xrml.org.
9. DAMIANOU ET AL. 2001. The ponder policy specification language. Proceedings of the Workshop on Policies for Distributed Systems and Networks.
10. GODIK, S. AND MOSES, T. 2002. OASIS extensible Access Control Markup Language (XACML) Specification 1.0. Available at http://www.oasis-open.org/ committees/xacml/docs/.
11. GLIGOR, V., GAVRILA, S., AND FERRAIOLO, D. 1998. On the formal definition of separation-of-duty policies and their composition. 19th IEEE Computer Society Symposium on Research in Security and Privacy.
12. GUNTER, C., WEEKS, S., AND WRIGHT, A. 2001. Models and languages for digital rights. Proceedings of the Hawaii International Conference on System Sciences.
13. HARRISON, M. H., RUZZO, W. L., AND ULLMAN, J. D. 1976. Protection in operating systems. CACM 19, 8, 461-471.
14. HERZBERG, A., MASS, Y., MIHAELI, J., NAOR, D., AND RAVID, Y. 2000. Access control meets public key infrastructure, or assigning roles to strangers. Proceedings of IEEE Symposium on Security and Privacy.
15. HHS. 2002. Standards for Privacy of Individually Identifiable Health Information. Available at http://www.hhs.gov/ocr/hipaa/finalreg.html.
16. IANNELLA, R. 2002. Open Digital Rights Language V1.1. Available at http://odrl.net.
17. JAJODIA, S., KUDO, M., AND SUBRAHMANIAN, V. S. 2001. Provisional authorizations. In E-Commerce Security and Privacy, Anup Gosh (Ed.) Kluwer Academic Press, Boston, MA.
18. KAPLAN, M. 1996. IBM Cryptolopes, Superdistribution and Digital Right Management. Available at http://www.research.ibm.com/people/k/kaplan.
19. KUDO, M. AND HADA, S. 2000. XML document security based on provisional authorization. Proceedings of the ACM Conference on Computer and Communications Security.
20. LANDWEHR, C. 1997. Protection (Security) Models and Policy The Computer Science and Engineering Handbook. CRC Press, Boco Raton, FL, 1914-1928
21. LAMPSON, B. W. 1971. Protection. 5th Princeton Symposium on Information Science and Systems. Reprinted in ACM Operating Systems Review 8, 1, 18-24, 1974
22. LAMPSON, B. W. 1971. Protection. 5th Princeton Symposium on Information Science and Systems. Reprinted in ACM Operating Systems Review 8, 1, 18-24, 1974
23. LAMACCHIA, B. 2002. Key challenges in DRM: An industry perspective. Proceedings of the 2nd ACM DRM Workshop (in conjunction with ACM CCS Conference) November.
24. MIT 2001. Ten emerging technologies that will change the world. MIT Technology Review (Jan/Feb).
25. P3P 2002. The Platform for Privacy Preferences 1.0 (P3P1.0) Specification. Available at http://www.w3.org/P3P/.
26. PARK, J. AND SANDHU, R. 2002. Towards usage control models: beyond traditional access control. Proceedings of Seventh ACM Symposium on Access Control Models and Technologies.
27. ROSENBLATT, B., TRIPPE, B., AND MOONEY, S. 2002. Digital Rights Management: Business and Technology. M&T Books.
28. RYUTOV, T. AND NEUMAN, C. 2001. The set and function approach to modeling authorization in distributed systems. Proceedings of the Workshop on Mathematical Methods and Models and Architecture for Computer Networks Security.
29. RYUTOV, T. AND NEUMAN, C. 2002. The specification and enforcement of advanced security policies. Proceedings of the Workshop on Policies for Distributed Systems and Networks.
30. SANDHU, R. 1988. Transaction control expressions for separation of duties. In Proceedings of the Fourth Computer Security Applications Conference, 282-286.
31. SANDHU, R. 1993. Lattice-based access control models. IEEE Computer (Nov.), 9-19.
32. SANDHU, R. 2000. Engineering authority and trust in cyberspace: The OM-AM and RBAC way. Proceedings of the 5th ACM Workshop on Role-Based Access Control, Berlin, Germany, July 26-28, 111-119.
33. SANDHU, R. AND SAMARATI, P. 1994. Access control: Principles and practice. IEEE Communication Magazine (Sept.), 40-48.
34. SANDHU, R., COYNE, E., FEINSTEIN, H., AND YOUMAN, C. 1996. Role-based access control models. IEEE Computer (Feb.), 38-47.
35. SCHAAD, A. AND MOFFETT, J. 2002. Delegation of obligation. Proceedings of the Workshop on Policies for Distributed Systems and Networks.
36. SCHNECK, P. 1999. Persistent access control to prevent piracy of digital information. Proceedings of the IEEE 87, 7 (July).
37. SIBERT ET AL. 1995. The DigiBox: A self-protecting container for information commerce. Proceedings of USENIX Workshop on Electronic Commerce.
38. SIMON, R. AND ZURKO, M. 1997. Separation of duty in role-based environments. IEEE Computer Security Foundations Workshop.
39. TCPA. 2002. Trusted Computing Paltform Alliance, Main Specification V1.1b. Available at http://www.trustedcomputing.org/docs.
40. THOMAS, R. AND SANDHU, R. 1997. Task-based Authorization Controls (TBAC): Models for Active and Enterprise-Oriented Authorization Management Database Security XI: Status and Prospects, North-Holland, Amsterdam.
41. WANG ET AL. 2002. XrML - extensible rights Markup Language. Proceedings of ACM Workshop on XML Security.
42. WEEKS, S. 2001. Understanding trust management systems. Proceedings of IEEE Symposium on Security and Privacy.
43. WINSBOROUGH, W., SEAMONS, K., AND JONES, V. 2000. Automated trust negotiation. Proceedings of the DARPA Information Survivability Conference and Exposition.
44. ZHANG, X. 2004. Personal communication.