Downstream usage control

Proceedings - 2010 IEEE International Symposium on Policies for Distributed Systems and Networks, Policy 2010

Volumn , Issue , 2010, Pages 22-29

  Bussard, Laurent ^a   Neven, Gregory ^b   Preiss, Franz Stefan ^b  

^a MICROSOFT   (United States)

^b IBM RESEARCH ZURICH   (Switzerland)

Author keywords

Data sharing; Policy languages; Privacy; Usage control

Indexed keywords

ACCESS CONTROL; COPYRIGHTS; WEB SERVICES;

DATA SHARING; DIGITAL RIGHTS MANAGEMENT; FINE GRAINED; POLICY LANGUAGE; SENSITIVE PERSONAL INFORMATIONS; USAGE CONTROL;

DATA PRIVACY;

EID: 79951911954     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/POLICY.2010.17     Document Type: Conference Paper

References (18)

1. C. A. Ardagna, M. Cremonini, S. De Capitani di Vimercati, and P. Samarati, "A privacy-aware access control system," J. Comput. Secur., vol. 16, no. 4, pp. 369-397, 2008.
2. P. Ashley, S. Hada, G. Karjoth, C. Powers, and M. Schunter, "Enterprise privacy authorization language (EPAL 1.2)," 2003.
3. M. Y. Becker, C. Fournet, and A. D. Gordon, "SecPAL: Design and semantics of a decentralized authorization language," Journal of Computer Security, 2009.
4. M. Y. Becker, A. Malkis, and L. Bussard, "MSR-TR-2009-128: A framework for privacy preferences and data-handling policies," Tech. Rep., September 2009.
5. P. Bonatti and P. Samarati, "A unified framework for regulating access and information release on the web," Journal of Computer Security, vol. 10, no. 3, pp. 241-272, 2002.
6. L. Bussard, G. Neven, and F.-S. Preiss, "Downstream usage control," IBM Research Zurich, Tech. Rep. RZ 3777, 2010, available at domino.research.ibm.com/library/cyberdig.nsf.
7. ContentGuard, "XrML 2.0 Technical Overview," http://www.xrml.org/reference/XrMLTechnicalOverviewV1.pdf, 2002.
8. M. Hilty, D. Basin, and A. Pretschner, "On obligations," Lecture Notes in Computer Science, vol. 3679, pp. 98-117, 2005.
9. M. Hilty, A. Pretschner, D. Basin, C. Schaefer, and T. Walter, "A policy language for distributed usage control," in 12th European Symposium on Research in Computer Security (ESORICS 2007), ser. LNCS, J. Biskup and J. Lopez, Eds., vol. 4734. Springer-Verlag, 2007, pp. 531-546.
10. T. Moses, "OASIS eXtensible Access Control Markup Language (XACML) Version 2.0," OASIS, OASIS Standard oasis-access-control-xacml-2.0-core- spec-os, February 2005.
11. ODRL, "Open Digital Rights Language (ODRL), version 1.1," 2002. [Online]. Available: http://www.odrl.net/1.1/ODRL-11.pdf
12. J. Park and R. Sandhu, "The UCONABC usage control model," ACM Trans. Inf. Syst. Secur., vol. 7, no. 1, pp. 128-174, 2004.
13. A. Pretschner, F. Schütz, C. Schaefer, and T. Walter, "Policy evolution in distributed usage control," in 4th Intl. Workshop on Security and Trust Management. Elsevier, June 2008.
14. N. Qun, X. Shouhuai, B. Elisa, S. Ravi, and H. Weili, "An access control language for a general provenance model," in Proceedings of SDM 2009, 2009, pp. 68-88.
15. R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman, "Role-based access control models," IEEE Computer, vol. 29, no. 2, pp. 38-47, 1996.
16. W3C, "A P3P preference exchange language 1.0 (AP-PEL1.0)," 2002.
17. -, "The platform for privacy preferences 1.1 (P3P1.1) specification," November 2006.
18. X. Wang, "Mpeg-21 rights expression language: Enabling interoperable digital rights management," IEEE MultiMedia, vol. 11, no. 4, pp. 84-87, 2004. (Pubitemid 40527352)