D.3.2 – State of the art of purpose-based, usage control approaches

Abstract : Federation of plugs makes users real owners of their data i.e., there is no a third party provider that hosts personal data with a service agreement. This allows end-users to define their own policies for their data and services. Therefore, data can be shared with personal policies specifying what can be done and what is forbidden, without depending on a collaboration provider. Consequently, it prevents information asymmetry problems and abusive usage of personal data. Our work focuses on the problem of: "How to ensure usage control in community-regulated federations"? This problem is related to usage control (UCON) [PS02b, Zha06], a model that emerged recently as a so- lution for modern applications to preserve access control in open, distributed, heterogeneous, and network- connected environments. The particularities of UCON are continuity of access decision evaluation and mutability of several properties (i.e., attributes of subjects or objects) considered during the access deci- sion. We consider that the evaluation of access decision should take into account policies of involved subjects (not only providers but also identified subjects) and eventual conflicts between concurrent users should be resolved. In this open, untrusted and federated network, we need another asset to guarantee a continuous access control. This asset is provenance [CCT09, MCF+11, CAB+14], which generally is identified as a meta-data that records the ancestry, derivation, or history of some object, explaining it’s current state. We can use this information/meta-data for a more compact perception of the context, in which access may be granted or denied.
Liste complète des métadonnées

Cited literature [43 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/hal-01174210
Contributor : Yann Busnel <>
Submitted on : Wednesday, July 8, 2015 - 4:11:25 PM
Last modification on : Friday, August 17, 2018 - 2:34:02 PM
Document(s) archivé(s) le : Friday, October 9, 2015 - 11:10:21 AM

File

d32.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : hal-01174210, version 1

Collections

Citation

Georges Nassopoulos, Patricia Serrano-Alvarado, Pascal Molli, Emmanuel Desmontils. D.3.2 – State of the art of purpose-based, usage control approaches. [Technical Report] D3.2, LINA-University of Nantes. 2015. ⟨hal-01174210⟩

Share

Metrics

Record views

1841

Files downloads

301