Security Enforcement Model for Distributed Usage Control

Recently proposed usage control concept and models extend traditional access control models with features for contemporary distributed computing systems, including continuous access control in dynamic computing environments where subject attributes and system states can be changed. Particularly, this is very useful in specifying security requirements to control the usage of an object after it is released into a distributed environment, which is regarded as one of the fundamental security issues in many distributed systems. However, the enabling technology for usage control is a challenging problem and the space has not been fully explored yet. In this paper we identify the general requirements of a trusted usage control enforcement in heterogeneous computing environments, and then propose a general platform architecture and enforcement mechanism by following these requirements. According to our usage control requirements, we augment the traditional SELinux MAC enforcement mechanism by considering subject/object integrity and environmental information. The result shows that our framework is effective in practice and can be seen as a general solution for usage control in distributed and pervasive computing environments with widely deployed trusted computing technologies on various computing devices.