IIT Home Page CNR Home Page

Enforcement of U-XACML History-Based Usage Control Policy

Usage Control policies have been introduced to overcome issues related to the usage of resources. Indeed, a Usage Control policy takes into account attributes of subjects and resources which change over time. Hence, the policy is continuously enforced while an action is performed on a resource, and it is re-evaluated at every context change. This permits to revoke the access to a resource as soon as the new context violates the policy. The Usage Control model is very flexible, and mutable attributes can be exploited also to make a decision based on the actions that have been previously authorized and executed. This paper presents a history-based variant of U-XACML policies composed via process algebra-like operators in order to take trace of past actions made on resources by the subjects. In particular, we present a formalization of our idea through a process algebra and the enhanced logical architecture to enforce such policies.

STM 2016 (ESORICS workshop), Hiraklion, Grecia, 2016

IIT authors:

Type: Contributo in atti di convegno
Field of reference: Computer Science & Engineering

File: main.pdf

Activity: Metodi formali per la sicurezza di sistemi ICT