Representation-independent data usage control

Alexander Pretschner; Enrico Lovat; Matthias Büchler

doi:10.1007/978-3-642-28879-1_9

Representation-independent data usage control

Alexander Pretschner, Enrico Lovat, Matthias Büchler

Humanoid Technologies Lab (H2T)

Publikation: Beitrag in Buch/Bericht/Konferenzband › Konferenzbeitrag › Begutachtung

21 Zitate (Scopus)

Abstract

Usage control is concerned with what happens to data after access has been granted. In the literature, usage control models have been defined on the grounds of events that, somehow, are related to data. In order to better cater to the dimension of data, we extend a usage control model by the explicit distinction between data and representation of data. A data flow model is used to track the flow of data in-between different representations. The usage control model is then extended so that usage control policies can address not just one single representation (e.g., delete file1.txt after thirty days) but rather all representations of the data (e.g., if file1.txt is a copy of file2.txt, also delete file2.txt). We present three proof-of-concept implementations of the model, at the operating system level, at the browser level, and at the X11 level, and also provide an ad-hoc implementation for multi-layer enforcement.

Originalsprache	Englisch
Titel	Data Privacy Management and Autonomous Spontaneous Security - 6th International Workshop, DPM 2011, and 4th International Workshop, SETOP 2011, Revised Selected Papers
Herausgeber (Verlag)	Springer Verlag
Seiten	122-140
Seitenumfang	19
ISBN (Print)	9783642288784
DOIs	https://doi.org/10.1007/978-3-642-28879-1_9
Publikationsstatus	Veröffentlicht - 2012
Extern publiziert	Ja
Veranstaltung	6th International Workshop on Data Privacy Management, DPM 2011 and 4th SETOP International Workshop on Autonomous and Spontaneous Security, SETOP 2011 - Leuven, Belgien Dauer: 15 Sept. 2011 → 16 Sept. 2011

Publikationsreihe

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Band	7122 LNCS
ISSN (Print)	0302-9743
ISSN (elektronisch)	1611-3349

Konferenz

Konferenz	6th International Workshop on Data Privacy Management, DPM 2011 and 4th SETOP International Workshop on Autonomous and Spontaneous Security, SETOP 2011
Land/Gebiet	Belgien
Ort	Leuven
Zeitraum	15/09/11 → 16/09/11

Zugriff auf Dokument

10.1007/978-3-642-28879-1_9

Andere Dateien und Links

Verknüpfung zur Publikation in Scopus

Dieses zitieren

Pretschner, A., Lovat, E., & Büchler, M. (2012). Representation-independent data usage control. in Data Privacy Management and Autonomous Spontaneous Security - 6th International Workshop, DPM 2011, and 4th International Workshop, SETOP 2011, Revised Selected Papers (S. 122-140). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Band 7122 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-642-28879-1_9

Pretschner, Alexander ; Lovat, Enrico ; Büchler, Matthias. / Representation-independent data usage control. Data Privacy Management and Autonomous Spontaneous Security - 6th International Workshop, DPM 2011, and 4th International Workshop, SETOP 2011, Revised Selected Papers. Springer Verlag, 2012. S. 122-140 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{1b8d3f4293344260bc36cfee8bac1720,

title = "Representation-independent data usage control",

abstract = "Usage control is concerned with what happens to data after access has been granted. In the literature, usage control models have been defined on the grounds of events that, somehow, are related to data. In order to better cater to the dimension of data, we extend a usage control model by the explicit distinction between data and representation of data. A data flow model is used to track the flow of data in-between different representations. The usage control model is then extended so that usage control policies can address not just one single representation (e.g., delete file1.txt after thirty days) but rather all representations of the data (e.g., if file1.txt is a copy of file2.txt, also delete file2.txt). We present three proof-of-concept implementations of the model, at the operating system level, at the browser level, and at the X11 level, and also provide an ad-hoc implementation for multi-layer enforcement.",

author = "Alexander Pretschner and Enrico Lovat and Matthias B{\"u}chler",

year = "2012",

doi = "10.1007/978-3-642-28879-1_9",

language = "English",

isbn = "9783642288784",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "122--140",

booktitle = "Data Privacy Management and Autonomous Spontaneous Security - 6th International Workshop, DPM 2011, and 4th International Workshop, SETOP 2011, Revised Selected Papers",

note = "6th International Workshop on Data Privacy Management, DPM 2011 and 4th SETOP International Workshop on Autonomous and Spontaneous Security, SETOP 2011 ; Conference date: 15-09-2011 Through 16-09-2011",

}

Pretschner, A, Lovat, E & Büchler, M 2012, Representation-independent data usage control. in Data Privacy Management and Autonomous Spontaneous Security - 6th International Workshop, DPM 2011, and 4th International Workshop, SETOP 2011, Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Bd. 7122 LNCS, Springer Verlag, S. 122-140, 6th International Workshop on Data Privacy Management, DPM 2011 and 4th SETOP International Workshop on Autonomous and Spontaneous Security, SETOP 2011, Leuven, Belgien, 15/09/11. https://doi.org/10.1007/978-3-642-28879-1_9

Representation-independent data usage control. / Pretschner, Alexander; Lovat, Enrico; Büchler, Matthias.
Data Privacy Management and Autonomous Spontaneous Security - 6th International Workshop, DPM 2011, and 4th International Workshop, SETOP 2011, Revised Selected Papers. Springer Verlag, 2012. S. 122-140 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Band 7122 LNCS).

Publikation: Beitrag in Buch/Bericht/Konferenzband › Konferenzbeitrag › Begutachtung

TY - GEN

T1 - Representation-independent data usage control

AU - Pretschner, Alexander

AU - Lovat, Enrico

AU - Büchler, Matthias

PY - 2012

Y1 - 2012

N2 - Usage control is concerned with what happens to data after access has been granted. In the literature, usage control models have been defined on the grounds of events that, somehow, are related to data. In order to better cater to the dimension of data, we extend a usage control model by the explicit distinction between data and representation of data. A data flow model is used to track the flow of data in-between different representations. The usage control model is then extended so that usage control policies can address not just one single representation (e.g., delete file1.txt after thirty days) but rather all representations of the data (e.g., if file1.txt is a copy of file2.txt, also delete file2.txt). We present three proof-of-concept implementations of the model, at the operating system level, at the browser level, and at the X11 level, and also provide an ad-hoc implementation for multi-layer enforcement.

AB - Usage control is concerned with what happens to data after access has been granted. In the literature, usage control models have been defined on the grounds of events that, somehow, are related to data. In order to better cater to the dimension of data, we extend a usage control model by the explicit distinction between data and representation of data. A data flow model is used to track the flow of data in-between different representations. The usage control model is then extended so that usage control policies can address not just one single representation (e.g., delete file1.txt after thirty days) but rather all representations of the data (e.g., if file1.txt is a copy of file2.txt, also delete file2.txt). We present three proof-of-concept implementations of the model, at the operating system level, at the browser level, and at the X11 level, and also provide an ad-hoc implementation for multi-layer enforcement.

UR - http://www.scopus.com/inward/record.url?scp=84864071745&partnerID=8YFLogxK

U2 - 10.1007/978-3-642-28879-1_9

DO - 10.1007/978-3-642-28879-1_9

M3 - Conference contribution

AN - SCOPUS:84864071745

SN - 9783642288784

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 122

EP - 140

BT - Data Privacy Management and Autonomous Spontaneous Security - 6th International Workshop, DPM 2011, and 4th International Workshop, SETOP 2011, Revised Selected Papers

PB - Springer Verlag

T2 - 6th International Workshop on Data Privacy Management, DPM 2011 and 4th SETOP International Workshop on Autonomous and Spontaneous Security, SETOP 2011

Y2 - 15 September 2011 through 16 September 2011

ER -

Pretschner A, Lovat E, Büchler M. Representation-independent data usage control. in Data Privacy Management and Autonomous Spontaneous Security - 6th International Workshop, DPM 2011, and 4th International Workshop, SETOP 2011, Revised Selected Papers. Springer Verlag. 2012. S. 122-140. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-642-28879-1_9

Representation-independent data usage control

Abstract

Publikationsreihe

Konferenz

Zugriff auf Dokument

Andere Dateien und Links

Fingerprint

Dieses zitieren