Usage control in service-oriented architectures

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 4657 LNCS, Issue , 2007, Pages 83-93

  Pretschner, Alexander ^a   Massacci, Fabio ^b   Hilty, Manuel ^a  

^a ETH ZURICH   (Switzerland)

^b UNIVERSITY OF TRENTO   (Italy)

Author keywords

[No Author keywords available]

Indexed keywords

INFORMATION RETRIEVAL SYSTEMS; MATHEMATICAL MODELS; REQUIREMENTS ENGINEERING; SECURITY OF DATA;

INFORMATION PROCESSING DEVICES; SERVICE-ORIENTED ARCHITECTURES; USAGE CONTROL REQUIREMENTS;

COMPUTER ARCHITECTURE;

EID: 37249079159     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-540-74409-2_11     Document Type: Conference Paper

References (26)

1. Karjoth, G., Pfitzmann, B., Schunter, M., Waidner, M.: Service-oriented Assurance - Comprehensive Security by Explicit Assurances. In: Proc. of QoP'05 (2005)
2. Karabulut, Y., Kerschbaum, F., Massacci, F., Robinson, P., Yautsiukhin, A.: Security and Trust in IT Business Outsourcing: a Manifesto. In: Proc. STM. ENTCS (2006)
3. Goth, G.: The ins and outs of it outsourcing. IT Professional 1, 11-14 (1999)
4. Schaad, A., Moffett, J.: Delegation of Obligations. In: Proc. POLICY, pp. 25-35 (2002)
5. Bettini, C., Jajodia, S., Wang, X.S., Wijesekera, D.: Provisions and obligations in policy rule management. J. Network and System Mgmt. 11(3), 351-372 (2003)
6. Park, J., Sandhu, R.: The UCON ABC Usage Control Model. ACM Transactions on Information and Systems Security 7, 128-174 (2004)
7. Pretschner, A., Hilty, M., Basin, D.: Distributed Usage Control. CACM 49(9), 39-44 (2006)
8. Hilty, M., Pretschner, A., Schaefer, C., Walter, T.: A System Model and a Policy Language for Distributed Usage Control. Technical Report I-ST-20, DoCoMo (2006)
9. Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Hippocratic DBs. In: VLDB, pp. 143-154 (2002)
10. Karjoth, G., Schunter, M., Waidner, M.: Platform for Enterprise Privacy Practices: Privacy-enabled Management of Customer Data. In: Proc. PET, pp. 69-84 (2002)
11. W3C: The Platform for Privacy Preferences 1.1 (P3P1.1) Spec, Working Draft (2005)
12. Wang, X., Lao, G., DeMartini, T., Reddy, H., Nguyen, M., Valenzuela, E.: XrML-eXtensible rights Markup Language. In: Proc. XMLSEC, pp. 71-79 (2002)
13. Iannella, R.: Open Digital Rights Language - Version 1.1 (2002), odrl.net/1.1/ODRL-11.pdf
14. Ligatti, J., Bauer, L., Walker, D.: Edit Automata: Enforcement Mechanisms for Run-time Security Policies. International Journal of Information Security 4(1-2), 2-16 (2005)
15. Hilty, M., Pretschner, A., Schaefer, C., Walter, T.: Enforcement for Usage Control-An Overview of Control Mechanisms. Technical Report I-ST-18, DoCoMo EuroLabs (2006)
16. Filman, R., Elrad, T., Clarke, S., Aksit, M.: Aspect-Oriented SW Development (2004)
17. Erlingsson, U., Schneider, F.: SASI enforcement of security policies: A retrospective. In: Proc. New Security Paradigms Workshop, pp. 87-95 (1999)
18. Bauer, L., Ligatti, J., Walker, D.: Composing Security Policies with Polymer. In: Proc. ACM SIGPLAN Conf. on Programming Language Design and Implementation, pp. 305-314. ACM Press, New York (2005)
19. Zhang, X., Chen, S., Sandhu, R.: Enhancing Data Authentity and Integrity in P2P Systems. IEEE Internet Computing 9(6), 18-25 (2005)
20. Sandhu, R., Zhang, X.: Peer-to-peer access control architecture using trusted computing technology. In: SACMAT, pp. 147-158 (2005)
21. van Oorschot, P.: Revisiting software protection. In: Proc. IST, pp. 1-13 (2003)
22. van Oorschot, P.: SW protection and application security: understanding the battleground. In: State of the art and evolution of computer security and industrial cryptography (2003)
23. W3C: A P3P Preference Exchange Language 1.0 (APPEL1.0) (2002)
24. Backes, M., Pfitzmann, B., Schunter, M.: A toolkit for managing enterprise privacy policies. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 162-180. Springer, Heidelberg (2003)
25. Povey, D.: Optimistic security: a new access control paradigm. In: Proc. workshop on new security paradigms, pp. 40-45 (1999)
26. Hilty, M., Basin, D., Pretschner, A.: On obligations. In: Proc. ESORICS, pp. 98-117 (2005)