A trustworthy usage control enforcement framework

Ricardo Neisse, Alexander Pretschner, Valentina Di Giacomo

Research output: Contribution to journalArticlepeer-review

7 Scopus citations

Abstract

Usage control policies specify restrictions on the handling of data after access has been granted. The authors present the design and implementation of a framework for enforcing usage control requirements and demonstrate its genericity by instantiating it to two different levels of abstraction, those of the operating system and an enterprise service bus. This framework consists of a policy language, an automatic conversion of policies into enforcement mechanisms, and technology implemented on the grounds of trusted computing technology that makes it possible to detect tampering with the infrastructure. The authors show how this framework can, among other things, be used to enforce separation-of-duty policies. The authors provide a performance analysis.

Original languageEnglish
Pages (from-to)34-49
Number of pages16
JournalInternational Journal of Mobile Computing and Multimedia Communications
Volume5
Issue number3
DOIs
StatePublished - Jul 2013

Keywords

  • Framework
  • Policy Enforcement
  • Security
  • Trusted Computing
  • Usage Control

Fingerprint

Dive into the research topics of 'A trustworthy usage control enforcement framework'. Together they form a unique fingerprint.

Cite this