Abstract
Usage control policies specify restrictions on the handling of data after access has been granted. The authors present the design and implementation of a framework for enforcing usage control requirements and demonstrate its genericity by instantiating it to two different levels of abstraction, those of the operating system and an enterprise service bus. This framework consists of a policy language, an automatic conversion of policies into enforcement mechanisms, and technology implemented on the grounds of trusted computing technology that makes it possible to detect tampering with the infrastructure. The authors show how this framework can, among other things, be used to enforce separation-of-duty policies. The authors provide a performance analysis.
Original language | English |
---|---|
Pages (from-to) | 34-49 |
Number of pages | 16 |
Journal | International Journal of Mobile Computing and Multimedia Communications |
Volume | 5 |
Issue number | 3 |
DOIs | |
State | Published - Jul 2013 |
Keywords
- Framework
- Policy Enforcement
- Security
- Trusted Computing
- Usage Control