Title :
Research on Usage Control Model with Delegation Characteristics Based on OM-AM Methodology
Author :
Zhang, Zhiyong ; Yang, Lin ; Pei, Qingqi ; Ma, Jianfeng
Author_Institution :
Xidian Univ., Xian
Abstract :
UCONABC is a basic framework of next generation access control policy Usage Control that is composed of Authorization-oBlige-Condition components, but so far it lacks of important delegation characteristic. The paper analyses the behaviors of delegation in UCON based on OM-AM engineering principles, presents a formalized usage control model with delegation features using BNF Extensions, called as UCOND, and further articulates its hybrid architecture based on Client & Server Delegation Reference Monitors and relative key protocol functions. UCOND is an extension model of UCONABC in the aspect of delegation authorization, and it resolves the delegation question of Usage Control Model. Moreover, we specify delegation procedure of an application for Digital Medium Resource Distribution System.
Keywords :
authorisation; authorization-oblige-condition components; delegation characteristics; digital medium resource distribution system; formalized usage control; next generation access control policy; usage control model; Access control; Access protocols; Authorization; Design engineering; Environmental management; Information security; Laboratories; Mechanical factors; Parallel processing; Resource management;
Conference_Titel :
Network and Parallel Computing Workshops, 2007. NPC Workshops. IFIP International Conference on
Conference_Location :
Liaoning
Print_ISBN :
978-0-7695-2943-1
DOI :
10.1109/NPC.2007.103
