Security enforcement model for distributed usage control

Proceedings - IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing

Volumn , Issue , 2008, Pages 10-18

  Zhang, Xinwen ^a   Seifert, Jean Pierre ^a   Sandhu, Ravi ^b  

^a SAMSUNG INFORMATION SYSTEMS AMERICA   (United States)

^b UNIVERSITY OF TEXAS AT SAN ANTONIO   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER NETWORKS; CONTROL SYSTEMS; MECHANISMS; SECURITY SYSTEMS; SENSOR NETWORKS; SENSORS; UBIQUITOUS COMPUTING;

USAGE CONTROL;

ACCESS CONTROL;

EID: 50949130846     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/SUTC.2008.79     Document Type: Conference Paper

References (28)

1. Fairplay. http://en.wikipedia.org/wiki/FairPlay.
2. Windows media digital rights management (DRM). http://www.microsoft.com/ windows/windowsmedia/drm/default.aspx.
3. Web Services Security: SOAP Message Security 1.1. OASIS Web Service Security TC, 2004.
4. M. Abadi, M. Burrows, and B. Lampson. A calculus for access control in distributed systems. ACM Transactions on Programming Languages and Systems, 15(4):706-734, 1993.
5. J. P. Anderson. Computer security technology planning study volume II, ESD-TR-73-51, vol. II, electronic systems division, air force systems command, hanscom field, bedford, MA 01730. http://csrc.nist.gov/publications/history/ ande72.pdf, Oct. 1972.
6. W. A. Arbaugh, D. J. Farber, and J. M. Smith. A secure and reliable bootstrap architecture. In Proc. of IEEE Conference on Security and Privacy, pages 65-71, 1997.
7. D. E. Bell and L. J. LaPadula. Secure computer systems: Mathematical foundations and model. Mitre Corp. Report No.M74-244, Bedford, Mass., 1975.
8. K. J. Biba. Integrity consideration for secure computer system. Technical report, Mitre Corp. Report TR-3153, Bedford, Mass., 1977.
9. Matt Blaze, Joan Feigenbaum, and Jack Lacy. Decentralized trust management. In Proceedings of IEEE Symposium on Security and Privacy, pages 164-173, Oakland, CA, May 1996.
10. D. E. Denning. A lattice model of secure information flow. Communications of the ACM, 19(5), May 1976.
11. Department of Defense National Computer Security Center. Department of Defense Trusted Computer Systems Evaluation Criteria, December 1985. DoD 5200.28-STD.
12. J. Dyer, M. Lindemann, R. Perez, R. Sailer, L. van Doorn, S.W. Smith, and S.Weingart. Building the ibm 4758 secure coprocessor. IEEE Computer, (10):57-66, 2001.
13. M. H. Harrison, W. L. Ruzzo, and J. D. Ullman. Protection in operating systems. Communication of ACM, 19(8), 1976.
14. A. Herzberg, Y. Mass, J. Mihaeli, D. Naor, and Y. Ravid. Access control meets public key infrastructure, or: assigning roles to strangers. In Proc. of IEEE Symposium on Security and Privacy, pages 2-14, 2000.
15. M. Hilty, D. Basin, and A. Pretschner. On obligations. In Proc. of 10th European Symp. on Research in Computer Security, September 2005.
16. T. Jaeger, R. Sailer, and U. Shankar. PRIMA: Policy-reduced integrity measurement architecture. In Proceedings of the 11th ACM Symposium on Access Control Models and Technologies, pages 19-28, June 2006.
17. B. Lampson. Computer security in the real world. IEEE Computer, (6):37-46, June 2004.
18. B.W. Lampson. Protection. In 5th Princeton Symposium on Information Science and Systems, pages 437-443, 1971. Reprinted in ACM Operating Systems Review 8(1):18-24, 1974.
19. N. Li, J. C. Mitchell, and W. H. Winsborough. Design of a role-based trust-management framework. In Proc. of IEEE Symposium on Security and Privacy, pages 114-130, 2002.
20. P. Loscocco, S. Smalley, P. Muckelbauer, R. Taylor, J. Turner, and J. Farrell. The inevitability of failure: The flawed assumption of computer security in modern computing environments. In Proceedings of the National Information Systems Security Conference, October 1998.
21. abc usage control model. ACM Transactions on Information and Systems Security, 7(1):128-174, February 2004.
22. A. Pretschner, M. Hilty, and D. Basin. Distributed usage control. Communications of the ACM, (9):39-44, 2006.
23. J. F. Reid and W. J. Caelli. Drm, trusted computing and operating system architecture. In Australasian Information Security Workshop, 2005.
24. R. Sailer, T. Jaeger, X. Zhang, and L. van Doorn. Attestation-based policy enforcement for remote access. In Proceedings of ACM Conference on Computer and Communication Security, 2004.
25. R. Sailer, X. Zhang, T. Jaeger, and L. van Doorn. Design and implementation of a TCG-based integrity measurement architecture. In USENIX Security Symposium, pages 223-238, 2004.
26. R. Sandhu. Good-enough security: Toward a pragmatic business-driven discipline. IEEE Internet Computing, (1):66-68, 2003.
27. R. Sandhu, K. Ranganathan, and X. Zhang. Secure information sharing enabled by trusted computing and PEI models. In Proc. of ACM Symposium on Information, Computer, and Communication Security, 2006.
28. TCG TPM. Main part 1 design principles specification version 1.2, https://www.trustedcomputinggroup.org.