TC: Usage Control Models, Architectures and Mechanisms Based on Integrating Authorizations, Obligations and Conditions
George Mason University, Fairfax VA
Investigators
Abstract
Abstract This project is developing a new approach called usage control to protection of information and system resources in cyberspace. In addition to the traditional concept of authorization (whereby access is authorized by explicit or implicit permissions and rights), usage control includes obligations (conditions which must be met before and during access) and conditions (environmental and system conditions). Usage control further recognizes continuity of access enforcement so the decision to allow access is not only made prior to access, but also while the access is underway. Finally, usage control recognizes the need for mutability whereby appropriate attributes need to be updated as access proceeds. This project will develop, refine and formalize models for usage control. It will consider applications from healthcare, digital rights management and electronic commerce domains. Concurrently it will investigate architectures for enforcing usage control. This research seeks to give clarity and intellectual cohesion to a variety of proposals to enhance the classic access matrix model. This intellectual foundation will in turn foster additional basic and applied research. The results of this research are being taught in existing GMU courses as they emerge. These results will influence and shape the next generation of access control systems.
View original record on NSF Award Search →