Context-Aware Policy Analysis for Distributed Usage Control
Saved in:
| Title: | Context-Aware Policy Analysis for Distributed Usage Control |
|---|---|
| Authors: | Gil, Gonzalo, Arnaiz, Aitor, Higuero Aperribay, María Victoria, Díez, Francisco Javier, Jacob Taquet, Eduardo |
| Publisher Information: | MDPI |
| Publication Year: | 2022 |
| Collection: | ADDI: Repositorio Institucional de la Universidad del País Vasco / Euskal Herriko Unibertsitatea (UPV/EHU - Basque Country University) |
| Subject Terms: | data sovereignty, distributed usage control, policy quality, energy data, conditions |
| Description: | To boost data spaces and benefit from the great opportunities that they present, data sovereignty must be provided by Distributed Usage Control (DUC). Assuming that DUC will be managed by implementing and enforcing policies, notable efforts have already been undertaken in the context of Access Control (AC) regarding policy analysis due to the impact of low-quality policies on security. In this regard, this paper proposes that policy analysis in the DUC context should be understood as an extension of the AC, which is further affected by other challenging features, chief among which are context-aware control and extended control through action requirements. This paper presents a novel Context-Aware Policy Analysis (CAPA) algorithm for detecting inconsistencies and redundancies for DUC policies by supporting a large set of heterogeneous conditions. In this regard, the dependent relationship of conditions is formulated which will lead to more efficient conflict detection. By implementing this concept, a novel tree structure that combines a resource and a policy structure is presented to search for and compare relevant rules from policies. Built on the tree structure and through the formalization of rule conflicts, CAPA is developed and the security and performance it provides is tested in a wind energy use case. ; This research was partly supported by the project HODEI-X (KK-2021/00049), funded by SPRI-Basque Government through the ELKARTEK program. |
| Document Type: | article in journal/newspaper |
| File Description: | application/pdf |
| Language: | English |
| Relation: | https://www.mdpi.com/1996-1073/15/19/7113; Energies 15(19) : (2022) // Article ID 7113; https://hdl.handle.net/10810/58113 |
| DOI: | 10.3390/en15197113 |
| Availability: | https://hdl.handle.net/10810/58113 https://doi.org/10.3390/en15197113 |
| Rights: | info:eu-repo/semantics/openAccess ; http://creativecommons.org/licenses/by/4.0/ ; © 2022 by the authors.Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/ 4.0/). |
| Accession Number: | edsbas.BCCE4B15 |
| Database: | BASE |
Nájsť tento článok vo Web of Science | Abstract: | To boost data spaces and benefit from the great opportunities that they present, data sovereignty must be provided by Distributed Usage Control (DUC). Assuming that DUC will be managed by implementing and enforcing policies, notable efforts have already been undertaken in the context of Access Control (AC) regarding policy analysis due to the impact of low-quality policies on security. In this regard, this paper proposes that policy analysis in the DUC context should be understood as an extension of the AC, which is further affected by other challenging features, chief among which are context-aware control and extended control through action requirements. This paper presents a novel Context-Aware Policy Analysis (CAPA) algorithm for detecting inconsistencies and redundancies for DUC policies by supporting a large set of heterogeneous conditions. In this regard, the dependent relationship of conditions is formulated which will lead to more efficient conflict detection. By implementing this concept, a novel tree structure that combines a resource and a policy structure is presented to search for and compare relevant rules from policies. Built on the tree structure and through the formalization of rule conflicts, CAPA is developed and the security and performance it provides is tested in a wind energy use case. ; This research was partly supported by the project HODEI-X (KK-2021/00049), funded by SPRI-Basque Government through the ELKARTEK program. |
|---|---|
| DOI: | 10.3390/en15197113 |