IIT Home Page CNR Home Page

Enforcing UCON Policies on the Enterprise Service Bus

In enterprise applications, regulatory and business policies are shifting their semantic from access to usage control requirements. The aim of such policies is to constrain the usage of groups of resources based on complex conditions that require not only state-keeping but also automatic reaction to state changes. We argue that these policies instantiate usage control requirements that can be enforced at the infrastructure layer. Extending a policy language that we prove equivalent to an enhanced version of the UCON model, we build on an instrumented message bus to enact these policies.


Lecture notes in computer science, 2010

External authors: Gabriela Gheorghe (Università di Trento), Bruno Crispo (Università di Trento)
IIT authors:

Type: Article in non-ISI Journal with international referees
Field of reference: Information Technology and Communication Systems

Activity: Sicurezza di dispositivi mobili