Monitors for Usage Control
Distributed usage control is concerned with controlling how data may or may not be used after it has been given away. One strategy for enforcing usage control requirements is based on monitoring data usage and reacting to policy violations by imposing penalties. We show how to implement monitors for usage control requirements using runtime verification technology.
KeywordsData Provider Usage Control Data Consumer Temporal Formula Exclusive Permission
- 2.S. Colin and L. Mariani. Model-Based Testing of Reactive Systems, chapter 18: Run-Time Verification, pages 525–555. LNCS 3472. 2005.Google Scholar
- 4.M. Geilen and D. Dams. An on-the-fly tableau construction for a real-time temporal logic. In Proc. 6th International Symposium on Formal Techniques in Real-Time and Fault-Tolerant Systems, LNCS 1926, pages 276–290, 2000.Google Scholar
- 5.M. Hilty, D. Basin, and A. Pretschner. On obligations. In 10th European Symposium on Research in Computer Security, LNCS 3679, pages 98–117, 2005.Google Scholar
- 6.M. Hilty, A. Pretschner, C. Schaefer, and T. Walter. A system model and an obligation lanugage for distributed usage control. Technical Report I-ST-20, DoCoMo Euro-Labs, 2006.Google Scholar
- 9.A. Pretschner, M. Hilty, and D. Basin. Distributed Usage Control. Communications of the ACM, September 2006.Google Scholar