TITLE:
The Package Concept for Enforcing Usage Control
AUTHORS:
Patricia Ghann, Changda Wang, Conghua Zhou
KEYWORDS:
Access Control; Usage Control; Policies; Obligation; User or Subject; Biometric Finger Print; Logic Bomb; Remote Client
JOURNAL NAME:
Journal of Information Security,
Vol.4 No.2,
April
23,
2013
ABSTRACT:
Access and usage control is a major challenge in information and
computer security in a distributed network connected environment. Many models
have been proposed such as traditional access control and UCONABC. Though these
models have achieved their objectives in some areas, there are some issues both
have not dealt with. The issue of what happens to a resource once it has been
accessed rightfully. In view of this, this paper comes out with how to control
resource usage by a concept known as the package concept. This concept can be
implemented both with internet connection and without the internet connection
to ensure continual control of resource. It packages the various types of resources
with the required policies and obligations that pertain to the use of these
different resources. The package concept of ensuring usage control focuses on
resource by classifying them into three: Intellectual, sensitive and non-sensitive
resources. Also this concept classifies access or right into three as: access
to purchase, access to use temporally online and access to modify. The concept
also uses biometric mechanism such as fingerprints for authentication to check
redistribution of resource and a logic bomb to help ensure the fulfillment of
obligations.