Abstract
A server-side architecture is used to connect specialized enforcement mechanisms with distributed usage control requirements and policies. The fundamentals of usage control in the notions of provisions, obligations, and compensations in the context of controllability and observability are discussed. The given architecture is compatible with different client-side software enforcement mechanisms including trusted platform technologies and other digital rights management (DRM) mechanisms. Trusted platform technology can be used as a mechanism to control obligations. The high-level policies specifies obligations and provisions that encompasses access control requirement and provisional actions. A compensation management component is used to monitor the obligations to find whether they are violated and thereby necessary actions could be taken for its prevention. The data object is modified in the controllable obligations to enable the trusted systems handle the respective requirements.
Original language | English |
---|---|
Pages (from-to) | 39-44 |
Number of pages | 6 |
Journal | Communications of the ACM |
Volume | 49 |
Issue number | 9 |
DOIs | |
State | Published - 2006 |
Externally published | Yes |