|
Alexander Pretschner - Distributed Data-Driven Usage Control
Usage Control generalizes access control to what happens to data after it
has been given away. Requirements include "don't disseminate," "delete after
thirty days", "at most three copies," and "use for statistical purposes
only." At a conceptual level, we discuss requirements, policies [1], and the
problem of defining statements such as "don't delete my data" - what is
deletion, and what is data [4]? We then argue that one is usually interested
in enforcing [2] policies on all representations of a data item (a picture
can come as network packets, a Java object, a cache file, a pixmap) and show
how to perform cross-layer [3] and cross-system [5] data flow tracking of
usage control policies. We present implementations for various operating
systems, applications such as browsers and email clients, and for a video
surveillance systems.
Readings:
-
Demo
videos
-
[1] Hilty, M., Pretschner, A., Basin, D., Schaefer, C., Walter, T.:
A Policy Language for Distributed Usage Control
Proc. 12th European Symp. on Research in Computer Security (ESORICS), pp.
531-546, Dresden, September 2007
(pdf).
-
[2] Pretschner, A., Hilty, M., Basin, D., Schaefer, C., Walter, T.:
Mechanisms for Usage Control
Proc. ACM Symposium on Information, Computer & Communication Security
(ASIACCS), pp. 240-245, Tokyo, March 2008
(pdf).
-
[3] Pretschner, A., Lovat, E., Buchler, M.:
Representation-Independent Data Usage Control
Proc. 6th Intl. Workshop on Data Privacy Management, pp. 122-140, September
2011.
(pdf).
-
[4] Kumari, P., Pretschner, A.:
Model-Based Usage Control Policy Derivation
Proc. 5th Intl. Symp. on Engineering Secure Software and Systems (ESSOS),
pp. 58-74, February 2013
(pdf).
-
[5] Kelbert, F., Pretschner, A.:
Data Usage Control Enforcement in Distributed Systems
Proc. 3rd ACM Conf. on Data and Application Security and Privacy (CODASPY),
pp. 71-82, February 2013
(pdf).
|