Obligation policies: An enforcement platform

Proceedings - Sixth IEEE International Workshop on Policies for Distributed Systems and Networks, POLICY 2005

Volumn 2005, Issue , 2005, Pages 203-212

  Gama, Pedro ^a   Ferreira, Paulo ^a  

^a INESC ID   (Portugal)

Author keywords

[No Author keywords available]

Indexed keywords

AD HOC FUNCTIONALS; AUTHORIZATION MECHANISMS; ENFORCEMENT MECHANISMS; PROTOTYPE IMPLEMENTATION;

COMPUTER NETWORKS; DISTRIBUTED COMPUTER SYSTEMS; SOFTWARE PROTOTYPING;

LAW ENFORCEMENT;

EID: 33744982882     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/POLICY.2005.18     Document Type: Conference Paper

References (34)

1. P. Ashley, M. Schunter, and C. Powers. From privacy promises to privacy management: a new approach for enforcing privacy throughout an enterprise. In Proceedings of the ACM New Security Paradigms Workshop (NSPW2002), Virginia Beach, USA, Oct 2002.
2. C. Bettini, S. Jajodia, X. S. Wang, and D. Wijesekera. Obligation monitoring in policy management. In Proceedings of the IEEE Third International Workshop on Policies for Distributed Systems and Networks (POLICY'02), Monterey, California, Jun 2002.
3. C. Bettini, S.Jajodia, X. S. Wang, and D. Wijesekera. Provisions and obligations in policy management and security applications. In Proceedings of the 28th International Conference on Very Large Data Bases (VLDB), Hong Kong, China, 2002.
4. D. F. Brewer and M. J. Nash. The chinese wall security policy. In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 206-214, Oakland, California, 1989.
5. M. A. Brown. Conditional obligation and positive permission for agents in time. Nordic Journal of Philosophical Logic, 5(2):83-111, Dec 2000.
6. D. Chiu, S. Cheung, and S. Till. A three layer architecture for e-contract enforcement in an e-service environment. In Proceedings of the 36th Hawaii International Conference on System Sciences (HICSS-36), Hawaii, USA, 2002.
7. F. Cuppens and C. Saurel. Specifying a security policy: a case study. In Proceedings of the Ninth IEEE Computer Security Foundations Workshop, Dromquinna Manor, Kenmare, County Kerry, Ireland, 1996.
8. N. Damianou, N. Dulay, E. Lupu, and M. Sloman. The ponder policy specification language. In Proceedings of the 2nd International Workshop on Policies for Distributed Systems and Networks, Bristol, UK, 2001.
9. A. Daskalopulu, T. Dimitrakos, and T. Maibaum. E-contract fulfilment and agents'attitudes. In Proceedings of the ERCIM WG E-Commerce Workshop on The Role of Trust in e-Business, Zurich, Switzerland, 2001.
10. N. Dulay, E. Lupu, M. Sloman, and N. Damianou. A policy deployment model for the ponder language. In Proceedings of the IEEE/IFIP International Symposium on Integrated Network Management, London, UK, 2001.
11. B. S. Firozabadi and M. Sergot. Contractual access control. In Proceedings of the 10th International Workshop of Security Protocols, Cambridge, UK, Jun 2002.
12. B. S. Firozabadi and M. Sergot. A framework for contractual resource sharing in coalitions. In Proceedings of the IEEE Fifth International Workshop on Policies for Distributed Systems and Networks (POLICY'04), Yorktown Heights, New York, Jun 2004.
13. I. Foster, C. Kesselman, and S. Tuecke. The anatomy of the grid: Enabling scalable virtual organizations. In Proceedings of the Intl. J. Supercomputer Applications, 2001.
14. J. Goguen and J. Meseguer. Security policies and security models. In Proceedings of the IEEE Symp. Security and Privacy, California, USA, 1982.
15. Q. He and A. Anton. A framework for modeling privacy requirements in role engineering. In Proceedings of the Ninth International Workshop on Requirements Engineering: Foundation for Software Quality, The 15th Conference on Advanced Information Systems Engineering (CAiSE'03), Klagenfurt/Velden, Austria, 2003.
16. S. Jajodia, M. Kudo, and V. Subrahmanian. Provisional authorizations. E-Commerce Security and Privacy, 57(1):133-159, 2001.
17. S. Kent, T. Maibaum, and W. Quirk. Formally specifying temporal constraints and error recovery. In Proceedings of the RE93 - 1st Intl. IEEE Symp. on Requirements Engineering, pages 208-215, San Diego, California, 1996.
18. J. Lobo, R. Bhatia, and S. Naqvi. A policy description language. In Proceedings of the National Conference of the American Association for Artificial Intelligence, Florida, USA, 1999.
19. J.-J. Meyer, R. Wieringa, and F. Dignum. The Role of Deontic Logic in the Specification of Information Systems, chapter 4. Kluwer Academic Publishers, 1998.
20. Z. Milosevic, A. Josang, T. Dimitrakios, and M. Patton. Discretionary enforcement of electronic contracts. In Proceedings of the 6th IEEE Conf. on Enterprise Distributed Object Computing (EDOC-2002), Lausanne, Switzerland, Sep 2002.
21. N. Minsky and A. D. Lockman. Ensuring integrity by adding obligations to privileges. In Proceedings of the 8th International Conference on Sofware Engineering, pages 92-102, Klagenfurt/Velden, Austria, Aug 1985.
22. N. Minsky and V. Ungureanu. Law-governed interaction: A coordination & control mechanism for heterogeneous distributed systems. ACM Trans. Software Eng. and Methodology, 9(3):273-305, July 2000.
23. C. Molina-Jimenez, S. Shrivastava, E. Solaiman, and J. Warne. Contract representation for run-time monitoring and enforcement. In Proceedings of the IEEE Conf. on Electronic Commerce (CEC), California, USA, June 2003.
24. J. Park and R. Sandhu. The ucon abc usage control model. ACM Transactions on Information and Systems Security, Feb 2004.
25. H. Prakken and M. Sergot Contrary-to-duty obligations. Studia Logica, 57(1):91-115, 1996.
26. C. N. Ribeiro, A. Zúquete, P. Ferreira, and P. Guedes. Enforcing obligation with security monitors. In Proceedings of the Third International Conference on Information and Communication Security (ICICS'2001), Xi'an, China, 2001.
27. C. N. Ribeiro, A. Zúquete, P. Ferreira, and P. Guedes. SPL: An access control language for security policies with complex constraints. In Proceedings of the Network and Distributed System Security Symposium, San Diego, California, Feb 2001.
28. A. Schaad and J. Moffett. A framework for organisational control principles. In Proceedings of the 18th Annual Computer Security Applications Conference, Las Vegas, USA, 2002.
29. F. B. Schneider. Enforceable security policies. The ACM Transactions on Information and System Security, 3(1):30-50, 2000.
30. B. Shand and J. Bacon. Policies in accountable contracts. In Proceedings of the IEEE 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02), page 80. IEEE Computer Society, 2002.
31. G. Wasson and M. Humphrey. Policy and enforcement in virtual organizations. In Proceedings of the 4th International Workshop on Grid Computing (Grid2003) (associated with Supercomputing 2003), Phoenix, USA, Nov 2003.
32. G. Wasson and M. Humphrey. Toward explicit policy management for virtual organizations. In Proceedings of the IEEE 4th International Workshop on Policies for Distributed Systems and Networks, Lake Como, Italy, 2003.
33. T. Y. C. WOO and S. S. Lam. Authorizations in distributed systems: A new approach. Journal of Computer Security, 2(2,3): 107-136, 1993.
34. X. Zhang, J. Park, F. Parisi-Presicce, and R. Sandhu. A logical specification for usage control. In Proceedings of the Symposium on Access Control Models and Technologies, New York, USA, 2004.