Usage Control: A Vision for Next Generation Access Control - Computer Network Security

Information Technology Reference

In-Depth Information

obligations is true. The UCON preB 1 and UCON preB 3 add preUpdate ( AT T ( s )),

preUpdate ( AT T ( o )) and postUpdate ( AT T ( s )), postUpdate ( AT T ( o )) procedu-

res respectively. The preUpdate procedure could be used to mark a subject

as registered so the contact information is requested only the first time the

subject attempts to access a white paper. The postUpdate procedure could be

used to monitor total usage of a resource by a subject, e.g., to require periodic

rearmation of a license agreement.

UCON onB - Ongoing-Obligations Models

The UCON onB models require obligations to be fulfilled while rights are exer-

cised. Ongoing-obligations may have to be fulfilled periodically or continuously.

For example, a user may have to click an advertisement at least every 30 minutes

or at every 20 Web pages. Alternatively, a user may have to leave an advertise-

ment window active all the time. Note that this concern is about when users have

to fulfill obligations, not about when the system actually checks the fulfillments.

Actual obligation verification intervals can vary and are not prescribed by the

model.

UCON preC - Pre-conditions Model

As described earlier, conditions define environmental and system restrictions on

usage. These are not directly related to subjects and objects.

Definition 5. The UCON preC 0

model has the following components:

- S, O, R, AT T ( S ) , and AT T ( O ) are not changed from UCON preA ;

- preCON (a set of pre-conditions elements);

preConChecked : preCON

→{

true, false

}

;

2 preCON ;

- getP reCON : S

×

O

×

R

→

( s, o, r )= preCon i ∈getPreCON ( s,o,r ) preConChecked ( preCon i )

- pre

C

- allowed ( s, o, r )

⇒

pre

C

( s, o, r ).

Unlike other ABC models, condition models cannot have update procedures.

Checking the time-of-day before access is allowed is an example of UCON preC 0 .

Checking the location of the client in cyberspace is another example.

UCON onC - Ongoing-conditions Model

Enforcement of conditions while rights are in active use is supported by the

UCON onC model by means of the on

C

predicate. For example, if the system

status changes to 'emergency mode' access by certain kinds of users may be

terminated. Likewise if the system load exceeds a specified value access may be

aborted.

Computer Network Security

Search WWH ::

Custom Search

Home