{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,10]],"date-time":"2026-06-10T16:38:24Z","timestamp":1781109504954,"version":"3.54.1"},"reference-count":25,"publisher":"IGI Global Scientific Publishing","issue":"3","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013,7,1]]},"abstract":"<p>Usage control policies specify restrictions on the handling of data after access has been granted. The authors present the design and implementation of a framework for enforcing usage control requirements and demonstrate its genericity by instantiating it to two different levels of abstraction, those of the operating system and an enterprise service bus. This framework consists of a policy language, an automatic conversion of policies into enforcement mechanisms, and technology implemented on the grounds of trusted computing technology that makes it possible to detect tampering with the infrastructure. The authors show how this framework can, among other things, be used to enforce separation-of-duty policies. The authors provide a performance analysis.<\/p>","DOI":"10.4018\/jmcmc.2013070103","type":"journal-article","created":{"date-parts":[[2013,8,19]],"date-time":"2013-08-19T12:16:20Z","timestamp":1376914580000},"page":"34-49","source":"Crossref","is-referenced-by-count":6,"title":["A Trustworthy Usage Control Enforcement Framework"],"prefix":"10.4018","volume":"5","author":[{"given":"Ricardo","family":"Neisse","sequence":"first","affiliation":[{"name":"Information Systems Quality (ISQ), Fraunhofer IESE, Kaiserslautern, Germany"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Alexander","family":"Pretschner","sequence":"additional","affiliation":[{"name":"Department of Computer Science, TU M\u00fcnchen, Garching, Germany"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Valentina","family":"Di Giacomo","sequence":"additional","affiliation":[{"name":"Engineering Ingegneria Informatica, Rome, Italy"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"2432","reference":[{"key":"jmcmc.2013070103-0","unstructured":"Apache. (2011). The apache software foundation - ServiceMix. Retrieved from http:\/\/servicemix.apache.org"},{"key":"jmcmc.2013070103-1","doi-asserted-by":"crossref","unstructured":"Dax, C., Klaedtke, F., & Lange, M. (2009). On regular temporal logics with past. In Proceedings of the 36th International Colloquium on Automata, Languages and Programming: Part ii (icalp). Berlin, Heidelberg, Germany: Springer-Verlag.","DOI":"10.1007\/978-3-642-02930-1_15"},{"key":"jmcmc.2013070103-2","unstructured":"Finney, H. (2011). Privacy ca. Retrieved from http:\/\/www.privacyca.com"},{"key":"jmcmc.2013070103-3","unstructured":"Garfinkel, T. (2003). Traps and pitfalls: Practical problems in system call interposition based security tools. In Proceedings of the Network and Distributed Systems Security Symposium."},{"key":"jmcmc.2013070103-4","doi-asserted-by":"crossref","unstructured":"Gheorghe, G., Neuhaus, S., & Crispo, B. (2010, Jun). xESB: An enterprise service bus for access and usage control policy enforcement. In the Proceedings of the Fourth International Conference on Trust Management (ifiptm10).","DOI":"10.1007\/978-3-642-13446-3_5"},{"key":"jmcmc.2013070103-5","unstructured":"Havelund, K., & Rosu, G. (2004, Aug). Efficient monitoring of safety properties. International Journal of Software Tools Technology Transfer."},{"key":"jmcmc.2013070103-6","doi-asserted-by":"crossref","unstructured":"Hilty, M., Pretschner, A., Basin, D., Schaefer, C., & Walter, T. (2007). A policy language for distributed usage control. In Computer security (ESORIC 2007) (Vol. 4734).","DOI":"10.1007\/978-3-540-74835-9_35"},{"key":"jmcmc.2013070103-7","doi-asserted-by":"crossref","unstructured":"Katt, B., Zhang, X., Breu, R., Hafner, M., & Seifert, J.-P. (2008). A general obligation model and continuity: enhanced policy enforcement engine for usage control. In Proceedings of the 13th ACM Symposium on Access Control Models and Technologies.","DOI":"10.1145\/1377836.1377856"},{"key":"jmcmc.2013070103-8","doi-asserted-by":"crossref","unstructured":"Koymans, R., Vytopil, J., & de Roever, W. P. (1983). Real-time programming and asynchronous message passing. In Proceedings of the Second Annual ACM Symposium on Principles of Distributed Computing (PODC). New York, NY: ACM.","DOI":"10.1145\/800221.806721"},{"key":"jmcmc.2013070103-9","doi-asserted-by":"crossref","unstructured":"Kumari, P., Pretschner, A., Peschla, J., & Kuhn, J. (2011). Distributed data usage control for web applications: A social network implementation. In Proceedings 1st ACM Conference on Data and Application Security and Privacy (CODASPY). Retrieved from http:\/\/www22.in.tum.de","DOI":"10.1145\/1943513.1943526"},{"key":"jmcmc.2013070103-10","unstructured":"Laroussinie, F., Markey, N., & Schnoebelen, P. (2002). Temporal logic with forgettable past. In Proceedings of the 17th Annual IEEE Symposium on Logic in Computer Science (LICS). Washington, DC: IEEE Computer Society."},{"key":"jmcmc.2013070103-11","doi-asserted-by":"publisher","DOI":"10.1016\/j.jlap.2008.08.004"},{"key":"jmcmc.2013070103-12","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-88808-6_2"},{"key":"jmcmc.2013070103-13","unstructured":"MASTER. (2012). Managing assurance, security, and trust for services. Retrieved from http:\/\/www.master-fp7.eu"},{"key":"jmcmc.2013070103-14","doi-asserted-by":"crossref","unstructured":"Meredith, P. O., Jin, D., Griffith, D., Chen, F., & Rosu, G. (2011). An overview of the mop runtime verification framework. International Journal on Software Tools for Technology Transfer (STTT). Retrieved from http:\/\/fsl.cs.uiuc.edu","DOI":"10.1007\/s10009-011-0198-6"},{"key":"jmcmc.2013070103-15","doi-asserted-by":"crossref","unstructured":"Neisse, R., Holling, D., & Pretschner, A. (2011). Implementing trust in cloud infrastructures. In Proceedings of the 11th IEEE\/ACM International Conference on Cluster, Cloud and Grid Computing, CCGRID 2011. Retrieved from http:\/\/www22.in.tum.de","DOI":"10.1109\/CCGrid.2011.35"},{"key":"jmcmc.2013070103-16","doi-asserted-by":"crossref","unstructured":"Neisse, R., Pretschner, A., & Di Giacomo, V. (2011). A trustworthy usage control enforcement framework. In Proceedings of the Sixth International Conference on Availability, Reliability and Security (ARES 2011). Retrieved from http:\/\/ricardo.neisse.name","DOI":"10.1109\/ARES.2011.40"},{"key":"jmcmc.2013070103-17","unstructured":"OASIS. (2012). Open service component architecture (sca). Retrieved from http:\/\/www.oasis-opencsa.org\/sca"},{"key":"jmcmc.2013070103-18","doi-asserted-by":"publisher","DOI":"10.1145\/984334.984339"},{"key":"jmcmc.2013070103-19","unstructured":"Pretschner, A., Buechler, M., Harvan, M., Schaefer, C., & Walter, T. (2009). Usage control enforcement with data flow tracking for x11. In Proceedings of the 5th International Workshop on Security and Trust Management (pp. 124{137)."},{"key":"jmcmc.2013070103-20","doi-asserted-by":"crossref","unstructured":"Pretschner, A., Hilty, M., Basin, D., Schaefer, C., & Walter, T. (2008). Mechanisms for usage control. In Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security (ASIACCS).","DOI":"10.1145\/1368310.1368344"},{"key":"jmcmc.2013070103-21","doi-asserted-by":"crossref","unstructured":"Pretschner, A., Ruesch, J., Schaefer, C., & Walter, T. (2009). Formal analyses of usage control policies. In Proceedings of the International Conference on Availability, Reliability and Security (ARES).","DOI":"10.1109\/ARES.2009.100"},{"key":"jmcmc.2013070103-22","unstructured":"Provos, N. (2003). Improving host security with system call policies. In Proceedings of the 12th Usenix Security Symposium."},{"key":"jmcmc.2013070103-23","unstructured":"Rissanen, E. (2010). Extensible access control markup language v3.0. Retrieved from http:\/\/docs.oasis-open.org."},{"key":"jmcmc.2013070103-24","doi-asserted-by":"crossref","unstructured":"Twidle, K., Lupu, E., Dulay, N., & Sloman, M. (2008, June). Ponder2 \u2013 A policy environment for autonomous pervasive systems. In Proceedings of the IEEE Workshop on Policies for Distributed Systems and Network (POLICY) (p. 245-246).","DOI":"10.1109\/POLICY.2008.10"}],"container-title":["International Journal of Mobile Computing and Multimedia Communications"],"original-title":[],"language":"ng","link":[{"URL":"https:\/\/www.igi-global.com\/viewtitle.aspx?TitleId=80426","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,6,1]],"date-time":"2022-06-01T14:37:12Z","timestamp":1654094232000},"score":1,"resource":{"primary":{"URL":"https:\/\/services.igi-global.com\/resolvedoi\/resolve.aspx?doi=10.4018\/jmcmc.2013070103"}},"subtitle":[""],"short-title":[],"issued":{"date-parts":[[2013,7,1]]},"references-count":25,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2013,7]]}},"URL":"https:\/\/doi.org\/10.4018\/jmcmc.2013070103","relation":{},"ISSN":["1937-9412","1937-9404"],"issn-type":[{"value":"1937-9412","type":"print"},{"value":"1937-9404","type":"electronic"}],"subject":[],"published":{"date-parts":[[2013,7,1]]}}}