Information Technology Reference
In-Depth Information
user requests certain digital information that includes some secret information
as well, SRM can pre-customize the requested objects before distribution so the
distributed version of the objects don't include any secret information. Any finer-
control on the distributed objects can be done by CRM at client side. In real
world applications, functional specifications of UCON reference monitor can be
divided into SRM and CRM in various ways based on the system's functional
and security requirements.
5 Conclusion
Classic access matrix based access control has been studied for over thirty years
with great attention from the information and computer security community.
Nevertheless, there is increasing realization that this model is not adequate for
modern application requirements. Researchers have studied various extensions to
classic access control concepts. These studies are specific to target problems and
thereby seemingly ad-hoc. Unlike these solutions, usage control is comprehensive
enough to encompass traditional access control and modern access control such
as digital rights management applications. We believe usage control will provide
a solid foundations for a robust framework for next generation access control.
References
1. Bell, D. and LaPadula, L.: Secure computer systems: Mathematical foundations
and model. MITRE Report, 2(2547) (November 1973)
2. Erickson, J.S.: Fair use, drm, and trusted computing. Communications of the ACM,
46(4) (2003) 34-39
3. Harrison, M.H., Ruzzo, W.L., and Ullman, J.D.: Protection in operating sys- tems.
Communications of the ACM, 19(8) (1976) 461-471
4. Security frameworks for open systems: Access control framework. Technical Report
ISO/IEC 10181-3, ISO (1996)
5. Jaehong Park, Ravi Sandhu, and James Schifalacqua: Security architectures for
controlled digital information dissemination. In Proceedings of 16th Annual Com-
puter Security Application Conference (December 2000)
6. Jaehong Park and Ravi Sandhu. Towards Usage Control Models: Beyond Tradi-
tional Access Control, In Proceedings of 7th ACM Symposium on Access Control
Models and Technologies (June 2002)
