Toward practical authorization-dependent user obligation systems

Murillo Pontual, Omar Chowdhury, William H. Winsborough, Ting Yu, Keith Irwin

Research output: Chapter in Book/Report/Conference proceedingConference contribution

6 Citations (Scopus)

Abstract

Many authorization system models include some notion of obligation. Little attention has been given to user obligations that depend on and affect authorizations. However, to be usable, the system must ensure users have the authorizations they need when their obligations must be performed. Prior work in this area introduced accountability properties that ensure failure to fulfill obligations is not due to lack of required authorizations. That work presented inconclusive and purely theoretical results concerning the feasibility of maintaining accountability in practice. The results of the current paper include algorithms and performance analysis that support the thesis that maintaining accountability in a reference monitor is reasonable in many applications.

Original languageEnglish
Title of host publicationProceedings of the 5th International Symposium on Information, Computer and Communications Security, ASIACCS 2010
Pages180-191
Number of pages12
DOIs
Publication statusPublished - 16 Jul 2010
Event5th ACM Symposium on Information, Computer and Communication Security, ASIACCS 2010 - Beijing, China
Duration: 13 Apr 201016 Apr 2010

Publication series

NameProceedings of the 5th International Symposium on Information, Computer and Communications Security, ASIACCS 2010

Other

Other5th ACM Symposium on Information, Computer and Communication Security, ASIACCS 2010
CountryChina
CityBeijing
Period13/4/1016/4/10

Keywords

  • RBAC
  • accountability
  • authorization systems
  • obligations
  • policy

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Hardware and Architecture
  • Information Systems
  • Software

Cite this

Pontual, M., Chowdhury, O., Winsborough, W. H., Yu, T., & Irwin, K. (2010). Toward practical authorization-dependent user obligation systems. In Proceedings of the 5th International Symposium on Information, Computer and Communications Security, ASIACCS 2010 (pp. 180-191). (Proceedings of the 5th International Symposium on Information, Computer and Communications Security, ASIACCS 2010). https://doi.org/10.1145/1755688.1755711