IIT Home Page CNR Home Page

A Survey of Usage Control in Computer Security

Protecting access to digital resources is one of the fundamental problems recognized in the computer security. It yet remains a challenging problem to work out starting from the design of a system till its implementation. Access control is deØned as the ability to permit or deny to access a particular resource (object) to a particular entity (subject). Three most widely used traditional access control models are: Discretionary Access Control (DAC), Mandatory Access Control (MAC), and Role Based Access Control (RBAC). Traditional access control solutions do not respond adequately to new challenges addressed by modern computer systems. Today highly-distributed, network-connected, heterogeneous and open computing environment requires a Øne-grained, ∞exible, persistent and continuous model for protecting the access and usage of digital resources.   This paper surveys the literature on Usage Control (UCON) model proposed by R. Sandhu and J. Park [1, 2, 3]. Usage control is the novel and promising approach for access control in open, distributed, heterogeneous and network-connected computer environments. It encompasses and enhances traditional access control models, Trust Management (TM) and Digital Rights Management (DRM), and its main novelties are mutability of attributes and continuity of access decisions evaluation.
Computer Science Review - Elsevier, 2010

Autori IIT:

Aliaksandr Lazouski

Foto di Aliaksandr Lazouski

Tipo: Articoli su riviste non ISI con referee internazionali
Area di disciplina: Information Technology and Communication Systems

File: elsarticle-template-num.pdf

Attività: Architetture, protocolli e meccanismi di sicurezza per sistemi e servizi distribuiti