SlideShare ist ein Scribd-Unternehmen logo

Specification of usage control requirement

Bibek Shrestha
Bibek Shrestha
Technologie
1 von 37
Downloaden Sie, um offline zu lesen
Specification of Usage Control Requirements Bibek Shrestha bibek.shrestha@tum.de
Table of Contents 1. 2. 3. 4. 5. 6. 7. Usage Control? Obligation Specification Language (OSL) Brief introduction to another Policy Language : Ponder. Comparison between OSL and Ponder. Analysis: compare OSL to other security languages Conclusion. Questions.
Concerns for data distribution Once data is distributed, control is limited. Concerns for Data Providers: Privacy, Intellectual Property, Data Security, Data Sender and Receiver need to agree to conditions.
Conditions for data distribution Data distribution on two grounds Conditions that should already satisfy before data is given to a receiver : Provisions and Conditions on future use of data : Obligations Usage Control deals with Obligations
What is Usage Control? Usage Control deals with who and how, must or must not, allowed or not allowed, to use the data after distribution. Encompasses Specification of conditions and control enforcement mechanisms
Usage control requirements Existing literature on notions of Usage Control. But, Separately studied, Closed source implementations, Not defined precisely, Lack of holistic system model for Usage Control.
Focus Specification of conditions Not into: control enforcement mechanisms Languages Reviewed Usage Control Specific: Obligation Specification Language (OSL) Another Policy Language Policy
Obligation Specification Language does: Analysis of policies If set of mechanisms enforces a given policy? Is a policy free of contradiction? General purpose specification language for Usage Control Combine "must" and "may" modality Example: Allows DRM mechanisms for enforcing privacy policies Interoperability between different DRM Mechanisms and give a formal semantics to these languages
Obligation Specification Language First order linear temporal logic Formalized in 'Z'
OSL : Time Steps and Traces Policies act upon a long period of time, which is divided into discrete time portions called time steps. A trace is the combination of these time steps as a whole. At each time step of a trace, multiple events can happen.
OSL : Events EventDecl Example: { (play, usage, {(object, ObjID), (device, DevID)}), (backup, usage, {(object, ObjID), (device, DevID)}), } ● Used interchangeably with action. ● Has (name, type {parameter set}) ● Event type can be either usage (usage of data) or other (signalling or messaging or similar events) ● Parameters specify extra details about the event (Eg: data item the event is performed on, etc)
OSL : Indexed Events An event can be as long as one or more TimeSteps. Efst - Indexed event with index start Eall - All indexed events with index ongoing Eall 1st ongoing ongoing ongoing ongoing start Efst ...
OSL : Time Steps and Traces (Alice, repmax(5, Efst((play, {(object, mov)})))) mov can be played for 5 times at max (Alice, repmax(5, Eall((play, {(object, mov)})))) mov must not be played more than 5 time steps Note the difference with the first example
OSL : Obligation formula { (Alice, permitonlyevname({play, backup}, {(object, mov)})), (Alice, repmax(5, Eall((play, {(object, mov)})))), (Alice, repmax(1, Efst((backup, {(object, mov)})))), } Each line is an obligation formula ( SubjectID x Φ ) Obligation formula are of two different forms: 1. Action Requirements (Mandatory Actions) 2. Usage Restrictions (Prohibiting Conditions)
OSL : Conditions in obligation formula Circumstances under which the usage restrictions or action requirements apply.
OSL : Operators (Informal Description) Logical Operators: not(x), and(x,y), or(x,y), implies(x,y) Eg: (Alice, not( Efst( (play, {Object, song.mp3}) ) )) Temporal Operators: until(x,y), after(n,x), during(n,x), within(n,x) Eg: (Alice, after( 5, Efst(...) ) ) Cardinality Operators: replim(i,m,n,x), repuntil(n,x,y), repmax(n,x) Eg: (Alice, replim(20, 5, 30, Efst ((playCommercial , {(stream, s)}))) ) Permit Operators: permitonlyevname(es,ps), permitonlyparam(pv,pn,es,ps) Eg: (Alice, permitonlyevname({play, backup}, {(object, mov)}))
OSL : Syntax and Example OSLPolicy = {EventDecl} x {OblFormula} OblFormula = SubjectID x Φ Example OSLPolicy ({ (play, usage, {(object, ObjID), (device, DevID)}), (backup, usage, {(object, ObjID), (device, DevID)}), }, { (Alice, permitonlyevname({play, backup}, {(object, mov)})), (Alice, repmax(5, Eall((play, {(object, mov)})))), (Alice, repmax(1, Efst((backup, {(object, mov)})))), }
OSL : Translation from OSL to RELs ● OSL supports must and may modalities. ● OSL more expressive than other RELs like XrML and ODRL ● Translation from OSL to ODRL and viceversa done. Why? Three main reasons: 1. Give semantics to XrML, ODRL or any other RELs. 2. Intermediate translation language between RELs. 3. Utilize enforcement mechanisms existing for RELs.
OSL : Translation ODRLc to OSL ● A subset of Open Digital Rights Language (ODRL) called ODRLcompact (ODRLc) chosen that does not include concepts outside the scope of OSL. ● ODRLc specify rights which are of may modality. ● All ODRLc licenses can be expressed in OSL.
OSL : Translation OSL to ODRLc ● Not all OSL expressions can be expressed in OSL. ● Difficult to identify which subset can be translated. ● Pragmatic approach : Pattern matching used (subid, repmax(n, Efst(ue))) to <count> expressions. ● Syntactic pattern matching requires obligations to be in an implicitly defined canonical form. Slight variations will result in a mismatch. ● Difficult and needs improvement.
Ponder October 2000 Strongly typed, Object Oriented Language. Used for Policy Specification. Policies does not clearly focus on Provisions and Obligations Strong focus on Policy Expression, Management and Organization with Roles and Relationships. Declarative language, leaves implementation for other programming languages.
Problems addressed by Ponder 1. Declare delegatable policies. 2. Support policies relating to large collection of objects, possibly millions. 3. Composite policies that group basic policies according to roles, organizational units, etc. 4. Analyze conflicting policies. 5. Simple extension of policies with Inheritance.
Ponder : Policy definition ● A policy is collection of one or many rules. ● Policy is defined as methods in interface definition language. Example:
Ponder : Policy type and instance ● Policy type is a template. ● A policy instance is derived from a Policy type, also can be defined directly. ● Instance defines the real policy. ● Policy Type and Policy Instance are analogous to Class and Object Instance in Object oriented languages.
Ponder : Policy Categorization ● Basic Policies Contains only policy elements, no children policies. ○ Authorization Policies ○ Obligation Policies ○ Refrain Policies ○ Delegation Policies ● Composite Policies Contains children policies. Main idea is organization. ○ Group, Roles, Relationships, Management Structures
Ponder : Obligation Policies Specify actions that must be performed on a set of target objects when an event occur. Example states that when Steven’s temperature exceeds 37 degrees, nurse takes two actions: first she administers analgesics followed by second manually recording his temperature.
Ponder : Composite Policies ● Simplify specification and organization of policies from small to large distributed systems. ● Provide a syntactic scope for child policies who share common declarations. Types ● Groups ● Roles ● Relationships ● Management Structures
Discussion Comparison of dedicated Usage Control Specification Language (OSL) to a general Policy Language (Ponder) in terms of: ● Syntax and semantics consideration ● Implementation ● Policy organization ● Ability to describe temporal conditions
Discussion : Syntax and Semantics OSL Formalized in Z, well defined syntax and semantics. XML representation available. Easy to understand. Ponder Well defined Syntax and Semantics. Not described on a Formal Language. Object oriented and declarative in nature, supports inheritance for re-use.
Discussion : Implementation OSL Representation on abstract level. Event names, Parameters have to be mapped to actual implementation. Pro - provide generalization, con - Extra effort for mapping. Ponder Although being declarative, it models the actual system more closely.
Discussion : Organization OSL Less concerned about organization and management. Focus is on expression of requirements than administration of policies. Main focus - Usage Control. Ponder Contains a lot of policy and resource management tasks in its specifications.
Discussion : Work with Temporal Conditions OSL Temporal conditions are one of the primary concerns as the norm of time steps as well as temporal operators: until, after, during along with other operators allow expressing complex time based conditions. Ponder Contains Timer library that allows to specify time-point events, repeated events based on duration and repeated events at specific time-points. Lacks the norm of time-steps to perform cardinal operations, eg: Movie can be viewed only 10 times.
Conclusion ● Main challenge : Usage control covers huge scope, develop a general purpose language that allows to express requirements of this huge scope. ● Different approaches found in the languages under study. ● Different factors affect language adoption : ease of expression, ease of implementation, generalization and ability to adapt to changes. ● OSL looks to be highly focussed in Usage Control and future developments should make it more feature rich, means wider adoption by the industry.
Questions?
More challenges Take care of ● Data roles : Owners, Carriers, Consumers ● Network and Medium of data flow ● Data types : Physical Object, Digital Object, etc ● Restriction Types : Permission, Restrictions ● Restriction Mechanisms : Preventive control mechanisms vs Observation mechanisms ● etc
Examples
ODRL formalization http://arxiv.org/pdf/cs.LO/0601085.pdf ODRL and MPEG-21 Translation http://odrl.net/workshop2004/paper/odrl-polo-paper.pdf

Empfohlen

Automatic document clustering
Automatic document clusteringAutomatic document clustering
Automatic document clusteringIAEME Publication
 
Text Classification, Sentiment Analysis, and Opinion Mining
Text Classification, Sentiment Analysis, and Opinion MiningText Classification, Sentiment Analysis, and Opinion Mining
Text Classification, Sentiment Analysis, and Opinion MiningFabrizio Sebastiani
 
Java unit 7
Java unit 7Java unit 7
Java unit 7Shipra Swati
 
Text Classification
Text ClassificationText Classification
Text ClassificationRAX Automation Suite
 
Text categorization
Text categorizationText categorization
Text categorizationShubham Pahune
 
[ppt]
[ppt][ppt]
[ppt]butest
 
AI: Logic in AI
AI: Logic in AIAI: Logic in AI
AI: Logic in AIDataminingTools Inc
 
Extraction Based automatic summarization
Extraction Based automatic summarizationExtraction Based automatic summarization
Extraction Based automatic summarizationAbdelaziz Al-Rihawi
 

Empfohlen

Automatic document clustering
Automatic document clusteringAutomatic document clustering
Automatic document clusteringIAEME Publication
 
Text Classification, Sentiment Analysis, and Opinion Mining
Text Classification, Sentiment Analysis, and Opinion MiningText Classification, Sentiment Analysis, and Opinion Mining
Text Classification, Sentiment Analysis, and Opinion MiningFabrizio Sebastiani
 
Java unit 7
Java unit 7Java unit 7
Java unit 7Shipra Swati
 
Text Classification
Text ClassificationText Classification
Text ClassificationRAX Automation Suite
 
Text categorization
Text categorizationText categorization
Text categorizationShubham Pahune
 
[ppt]
[ppt][ppt]
[ppt]butest
 
AI: Logic in AI
AI: Logic in AIAI: Logic in AI
AI: Logic in AIDataminingTools Inc
 
Extraction Based automatic summarization
Extraction Based automatic summarizationExtraction Based automatic summarization
Extraction Based automatic summarizationAbdelaziz Al-Rihawi
 
Sentiment analysis using naive bayes classifier
Sentiment analysis using naive bayes classifier Sentiment analysis using naive bayes classifier
Sentiment analysis using naive bayes classifier Dev Sahu
 
Session-Based Recommendations with Recurrent Neural Networks (Balazs Hidasi, ...
Session-Based Recommendations with Recurrent Neural Networks (Balazs Hidasi, ...Session-Based Recommendations with Recurrent Neural Networks (Balazs Hidasi, ...
Session-Based Recommendations with Recurrent Neural Networks (Balazs Hidasi, ...hyunsung lee
 
Intro to Deep Learning for Question Answering
Intro to Deep Learning for Question AnsweringIntro to Deep Learning for Question Answering
Intro to Deep Learning for Question AnsweringTraian Rebedea
 
RuleML2015: Rule Generalization Strategies in Incremental Learning of Disjunc...
RuleML2015: Rule Generalization Strategies in Incremental Learning of Disjunc...RuleML2015: Rule Generalization Strategies in Incremental Learning of Disjunc...
RuleML2015: Rule Generalization Strategies in Incremental Learning of Disjunc...RuleML
 
Text Summarization
Text SummarizationText Summarization
Text SummarizationPrabhakar Bikkaneti
 
Text summarization
Text summarization Text summarization
Text summarization prateek khandelwal
 
Classifying Text using CNN
Classifying Text using CNNClassifying Text using CNN
Classifying Text using CNNSomnath Banerjee
 
Document Summarization
Document SummarizationDocument Summarization
Document SummarizationPratik Kumar
 
Introduction To Applied Machine Learning
Introduction To Applied Machine LearningIntroduction To Applied Machine Learning
Introduction To Applied Machine Learningananth
 
A Multiscale Visualization of Attention in the Transformer Model
A Multiscale Visualization of Attention in the Transformer ModelA Multiscale Visualization of Attention in the Transformer Model
A Multiscale Visualization of Attention in the Transformer Modeltaeseon ryu
 
Ask Me Any Rating: A Content-based Recommender System based on Recurrent Neur...
Ask Me Any Rating: A Content-based Recommender System based on Recurrent Neur...Ask Me Any Rating: A Content-based Recommender System based on Recurrent Neur...
Ask Me Any Rating: A Content-based Recommender System based on Recurrent Neur...Claudio Greco
 
Learning deep structured semantic models for web search
Learning deep structured semantic models for web searchLearning deep structured semantic models for web search
Learning deep structured semantic models for web searchhyunsung lee
 
Text Classification with Lucene/Solr, Apache Hadoop and LibSVM
Text Classification with Lucene/Solr, Apache Hadoop and LibSVMText Classification with Lucene/Solr, Apache Hadoop and LibSVM
Text Classification with Lucene/Solr, Apache Hadoop and LibSVMlucenerevolution
 
Grammarly Meetup: Paraphrase Detection in NLP (PART 2) - Andriy Gryshchuk
Grammarly Meetup: Paraphrase Detection in NLP (PART 2) - Andriy GryshchukGrammarly Meetup: Paraphrase Detection in NLP (PART 2) - Andriy Gryshchuk
Grammarly Meetup: Paraphrase Detection in NLP (PART 2) - Andriy GryshchukGrammarly
 
Ask Me Any Rating: A Content-based Recommender System based on Recurrent Neur...
Ask Me Any Rating: A Content-based Recommender System based on Recurrent Neur...Ask Me Any Rating: A Content-based Recommender System based on Recurrent Neur...
Ask Me Any Rating: A Content-based Recommender System based on Recurrent Neur...Alessandro Suglia
 
Text summarization
Text summarizationText summarization
Text summarizationAkash Karwande
 
Tum seminar specification of usage control requirements
Tum seminar specification of usage control requirementsTum seminar specification of usage control requirements
Tum seminar specification of usage control requirementsBibek Shrestha
 
Design patterns for fun & profit - CoderCruise 2018
Design patterns for fun & profit - CoderCruise 2018Design patterns for fun & profit - CoderCruise 2018
Design patterns for fun & profit - CoderCruise 2018David Litvak Bruno
 
Object oriented software engineering concepts
Object oriented software engineering conceptsObject oriented software engineering concepts
Object oriented software engineering conceptsKomal Singh
 
Intro to Data Structure & Algorithms
Intro to Data Structure & AlgorithmsIntro to Data Structure & Algorithms
Intro to Data Structure & AlgorithmsAkhil Kaushik
 
VOC real world enterprise needs
VOC real world enterprise needsVOC real world enterprise needs
VOC real world enterprise needsIvan Berlocher
 
Keystone Summer School 2015: Mauro Dragoni, Ontologies For Information Retrieval
Keystone Summer School 2015: Mauro Dragoni, Ontologies For Information RetrievalKeystone Summer School 2015: Mauro Dragoni, Ontologies For Information Retrieval
Keystone Summer School 2015: Mauro Dragoni, Ontologies For Information RetrievalMauro Dragoni
 

Weitere ähnliche Inhalte

Was ist angesagt?

Sentiment analysis using naive bayes classifier
Sentiment analysis using naive bayes classifier Sentiment analysis using naive bayes classifier
Sentiment analysis using naive bayes classifier Dev Sahu
 
Session-Based Recommendations with Recurrent Neural Networks (Balazs Hidasi, ...
Session-Based Recommendations with Recurrent Neural Networks (Balazs Hidasi, ...Session-Based Recommendations with Recurrent Neural Networks (Balazs Hidasi, ...
Session-Based Recommendations with Recurrent Neural Networks (Balazs Hidasi, ...hyunsung lee
 
Intro to Deep Learning for Question Answering
Intro to Deep Learning for Question AnsweringIntro to Deep Learning for Question Answering
Intro to Deep Learning for Question AnsweringTraian Rebedea
 
RuleML2015: Rule Generalization Strategies in Incremental Learning of Disjunc...
RuleML2015: Rule Generalization Strategies in Incremental Learning of Disjunc...RuleML2015: Rule Generalization Strategies in Incremental Learning of Disjunc...
RuleML2015: Rule Generalization Strategies in Incremental Learning of Disjunc...RuleML
 
Classifying Text using CNN
Classifying Text using CNNClassifying Text using CNN
Classifying Text using CNNSomnath Banerjee
 
Document Summarization
Document SummarizationDocument Summarization
Document SummarizationPratik Kumar
 
Introduction To Applied Machine Learning
Introduction To Applied Machine LearningIntroduction To Applied Machine Learning
Introduction To Applied Machine Learningananth
 
A Multiscale Visualization of Attention in the Transformer Model
A Multiscale Visualization of Attention in the Transformer ModelA Multiscale Visualization of Attention in the Transformer Model
A Multiscale Visualization of Attention in the Transformer Modeltaeseon ryu
 
Ask Me Any Rating: A Content-based Recommender System based on Recurrent Neur...
Ask Me Any Rating: A Content-based Recommender System based on Recurrent Neur...Ask Me Any Rating: A Content-based Recommender System based on Recurrent Neur...
Ask Me Any Rating: A Content-based Recommender System based on Recurrent Neur...Claudio Greco
 
Learning deep structured semantic models for web search
Learning deep structured semantic models for web searchLearning deep structured semantic models for web search
Learning deep structured semantic models for web searchhyunsung lee
 
Text Classification with Lucene/Solr, Apache Hadoop and LibSVM
Text Classification with Lucene/Solr, Apache Hadoop and LibSVMText Classification with Lucene/Solr, Apache Hadoop and LibSVM
Text Classification with Lucene/Solr, Apache Hadoop and LibSVMlucenerevolution
 
Grammarly Meetup: Paraphrase Detection in NLP (PART 2) - Andriy Gryshchuk
Grammarly Meetup: Paraphrase Detection in NLP (PART 2) - Andriy GryshchukGrammarly Meetup: Paraphrase Detection in NLP (PART 2) - Andriy Gryshchuk
Grammarly Meetup: Paraphrase Detection in NLP (PART 2) - Andriy GryshchukGrammarly
 
Ask Me Any Rating: A Content-based Recommender System based on Recurrent Neur...
Ask Me Any Rating: A Content-based Recommender System based on Recurrent Neur...Ask Me Any Rating: A Content-based Recommender System based on Recurrent Neur...
Ask Me Any Rating: A Content-based Recommender System based on Recurrent Neur...Alessandro Suglia
 

Was ist angesagt? (16)

Sentiment analysis using naive bayes classifier
Sentiment analysis using naive bayes classifier Sentiment analysis using naive bayes classifier
Sentiment analysis using naive bayes classifier
 
Session-Based Recommendations with Recurrent Neural Networks (Balazs Hidasi, ...
Session-Based Recommendations with Recurrent Neural Networks (Balazs Hidasi, ...Session-Based Recommendations with Recurrent Neural Networks (Balazs Hidasi, ...
Session-Based Recommendations with Recurrent Neural Networks (Balazs Hidasi, ...
 
Intro to Deep Learning for Question Answering
Intro to Deep Learning for Question AnsweringIntro to Deep Learning for Question Answering
Intro to Deep Learning for Question Answering
 
RuleML2015: Rule Generalization Strategies in Incremental Learning of Disjunc...
RuleML2015: Rule Generalization Strategies in Incremental Learning of Disjunc...RuleML2015: Rule Generalization Strategies in Incremental Learning of Disjunc...
RuleML2015: Rule Generalization Strategies in Incremental Learning of Disjunc...
 
Text Summarization
Text SummarizationText Summarization
Text Summarization
 
Text summarization
Text summarization Text summarization
Text summarization
 
Classifying Text using CNN
Classifying Text using CNNClassifying Text using CNN
Classifying Text using CNN
 
Document Summarization
Document SummarizationDocument Summarization
Document Summarization
 
Introduction To Applied Machine Learning
Introduction To Applied Machine LearningIntroduction To Applied Machine Learning
Introduction To Applied Machine Learning
 
A Multiscale Visualization of Attention in the Transformer Model
A Multiscale Visualization of Attention in the Transformer ModelA Multiscale Visualization of Attention in the Transformer Model
A Multiscale Visualization of Attention in the Transformer Model
 
Ask Me Any Rating: A Content-based Recommender System based on Recurrent Neur...
Ask Me Any Rating: A Content-based Recommender System based on Recurrent Neur...Ask Me Any Rating: A Content-based Recommender System based on Recurrent Neur...
Ask Me Any Rating: A Content-based Recommender System based on Recurrent Neur...
 
Learning deep structured semantic models for web search
Learning deep structured semantic models for web searchLearning deep structured semantic models for web search
Learning deep structured semantic models for web search
 
Text Classification with Lucene/Solr, Apache Hadoop and LibSVM
Text Classification with Lucene/Solr, Apache Hadoop and LibSVMText Classification with Lucene/Solr, Apache Hadoop and LibSVM
Text Classification with Lucene/Solr, Apache Hadoop and LibSVM
 
Grammarly Meetup: Paraphrase Detection in NLP (PART 2) - Andriy Gryshchuk
Grammarly Meetup: Paraphrase Detection in NLP (PART 2) - Andriy GryshchukGrammarly Meetup: Paraphrase Detection in NLP (PART 2) - Andriy Gryshchuk
Grammarly Meetup: Paraphrase Detection in NLP (PART 2) - Andriy Gryshchuk
 
Ask Me Any Rating: A Content-based Recommender System based on Recurrent Neur...
Ask Me Any Rating: A Content-based Recommender System based on Recurrent Neur...Ask Me Any Rating: A Content-based Recommender System based on Recurrent Neur...
Ask Me Any Rating: A Content-based Recommender System based on Recurrent Neur...
 
Text summarization
Text summarizationText summarization
Text summarization
 

Ähnlich wie Specification of usage control requirement

Tum seminar specification of usage control requirements
Tum seminar specification of usage control requirementsTum seminar specification of usage control requirements
Tum seminar specification of usage control requirementsBibek Shrestha
 
Design patterns for fun & profit - CoderCruise 2018
Design patterns for fun & profit - CoderCruise 2018Design patterns for fun & profit - CoderCruise 2018
Design patterns for fun & profit - CoderCruise 2018David Litvak Bruno
 
Object oriented software engineering concepts
Object oriented software engineering conceptsObject oriented software engineering concepts
Object oriented software engineering conceptsKomal Singh
 
Intro to Data Structure & Algorithms
Intro to Data Structure & AlgorithmsIntro to Data Structure & Algorithms
Intro to Data Structure & AlgorithmsAkhil Kaushik
 
VOC real world enterprise needs
VOC real world enterprise needsVOC real world enterprise needs
VOC real world enterprise needsIvan Berlocher
 
Keystone Summer School 2015: Mauro Dragoni, Ontologies For Information Retrieval
Keystone Summer School 2015: Mauro Dragoni, Ontologies For Information RetrievalKeystone Summer School 2015: Mauro Dragoni, Ontologies For Information Retrieval
Keystone Summer School 2015: Mauro Dragoni, Ontologies For Information RetrievalMauro Dragoni
 
Introduction to object oriented language
Introduction to object oriented languageIntroduction to object oriented language
Introduction to object oriented languagefarhan amjad
 
Software_Engineering_Presentation (1).pptx
Software_Engineering_Presentation (1).pptxSoftware_Engineering_Presentation (1).pptx
Software_Engineering_Presentation (1).pptxArifaMehreen1
 
EDON: A Method for Building an Ontology as Software Artefact
EDON: A Method for Building an Ontology as Software ArtefactEDON: A Method for Building an Ontology as Software Artefact
EDON: A Method for Building an Ontology as Software ArtefactEmiliano Reynares
 
PERICLES Modelling Policies - Acting on Change 2016
PERICLES Modelling Policies - Acting on Change 2016PERICLES Modelling Policies - Acting on Change 2016
PERICLES Modelling Policies - Acting on Change 2016PERICLES_FP7
 
Bt8901 objective oriented systems1
Bt8901 objective oriented systems1Bt8901 objective oriented systems1
Bt8901 objective oriented systems1Techglyphs
 
ICT DBA3 09 0710 Model Data Objects.pdf
ICT DBA3 09 0710 Model Data Objects.pdfICT DBA3 09 0710 Model Data Objects.pdf
ICT DBA3 09 0710 Model Data Objects.pdfInfotech27
 
Preserving software workshop - Community engagement workshop
Preserving software workshop - Community engagement workshopPreserving software workshop - Community engagement workshop
Preserving software workshop - Community engagement workshopSoftware Sustainability Institute
 
POP vs OOP Introduction
POP vs OOP IntroductionPOP vs OOP Introduction
POP vs OOP IntroductionHashni T
 
A FILM SYNOPSIS GENRE CLASSIFIER BASED ON MAJORITY VOTE
A FILM SYNOPSIS GENRE CLASSIFIER BASED ON MAJORITY VOTEA FILM SYNOPSIS GENRE CLASSIFIER BASED ON MAJORITY VOTE
A FILM SYNOPSIS GENRE CLASSIFIER BASED ON MAJORITY VOTEijnlc
 
Object oriented software engineering
Object oriented software engineeringObject oriented software engineering
Object oriented software engineeringVarsha Ajith
 
Information Systems Analysis and Design Overview of OOAD, UML, and RUP
Information Systems Analysis and Design Overview of OOAD, UML, and RUP Information Systems Analysis and Design Overview of OOAD, UML, and RUP
Information Systems Analysis and Design Overview of OOAD, UML, and RUPDang Tuan
 
Investigating teachers' understanding of IMS Learning Design: Yes they can!
Investigating teachers' understanding of IMS Learning Design: Yes they can!Investigating teachers' understanding of IMS Learning Design: Yes they can!
Investigating teachers' understanding of IMS Learning Design: Yes they can!Michael Derntl
 

Ähnlich wie Specification of usage control requirement (20)

Tum seminar specification of usage control requirements
Tum seminar specification of usage control requirementsTum seminar specification of usage control requirements
Tum seminar specification of usage control requirements
 
Design patterns for fun & profit - CoderCruise 2018
Design patterns for fun & profit - CoderCruise 2018Design patterns for fun & profit - CoderCruise 2018
Design patterns for fun & profit - CoderCruise 2018
 
Object oriented software engineering concepts
Object oriented software engineering conceptsObject oriented software engineering concepts
Object oriented software engineering concepts
 
Intro to Data Structure & Algorithms
Intro to Data Structure & AlgorithmsIntro to Data Structure & Algorithms
Intro to Data Structure & Algorithms
 
VOC real world enterprise needs
VOC real world enterprise needsVOC real world enterprise needs
VOC real world enterprise needs
 
Keystone Summer School 2015: Mauro Dragoni, Ontologies For Information Retrieval
Keystone Summer School 2015: Mauro Dragoni, Ontologies For Information RetrievalKeystone Summer School 2015: Mauro Dragoni, Ontologies For Information Retrieval
Keystone Summer School 2015: Mauro Dragoni, Ontologies For Information Retrieval
 
PYTHON PPT.pptx
PYTHON PPT.pptxPYTHON PPT.pptx
PYTHON PPT.pptx
 
Introduction to object oriented language
Introduction to object oriented languageIntroduction to object oriented language
Introduction to object oriented language
 
Software_Engineering_Presentation (1).pptx
Software_Engineering_Presentation (1).pptxSoftware_Engineering_Presentation (1).pptx
Software_Engineering_Presentation (1).pptx
 
EDON: A Method for Building an Ontology as Software Artefact
EDON: A Method for Building an Ontology as Software ArtefactEDON: A Method for Building an Ontology as Software Artefact
EDON: A Method for Building an Ontology as Software Artefact
 
PERICLES Modelling Policies - Acting on Change 2016
PERICLES Modelling Policies - Acting on Change 2016PERICLES Modelling Policies - Acting on Change 2016
PERICLES Modelling Policies - Acting on Change 2016
 
Bt8901 objective oriented systems1
Bt8901 objective oriented systems1Bt8901 objective oriented systems1
Bt8901 objective oriented systems1
 
ICT DBA3 09 0710 Model Data Objects.pdf
ICT DBA3 09 0710 Model Data Objects.pdfICT DBA3 09 0710 Model Data Objects.pdf
ICT DBA3 09 0710 Model Data Objects.pdf
 
Preserving software workshop - Community engagement workshop
Preserving software workshop - Community engagement workshopPreserving software workshop - Community engagement workshop
Preserving software workshop - Community engagement workshop
 
Design_Patterns_Dr.CM.ppt
Design_Patterns_Dr.CM.pptDesign_Patterns_Dr.CM.ppt
Design_Patterns_Dr.CM.ppt
 
POP vs OOP Introduction
POP vs OOP IntroductionPOP vs OOP Introduction
POP vs OOP Introduction
 
A FILM SYNOPSIS GENRE CLASSIFIER BASED ON MAJORITY VOTE
A FILM SYNOPSIS GENRE CLASSIFIER BASED ON MAJORITY VOTEA FILM SYNOPSIS GENRE CLASSIFIER BASED ON MAJORITY VOTE
A FILM SYNOPSIS GENRE CLASSIFIER BASED ON MAJORITY VOTE
 
Object oriented software engineering
Object oriented software engineeringObject oriented software engineering
Object oriented software engineering
 
Information Systems Analysis and Design Overview of OOAD, UML, and RUP
Information Systems Analysis and Design Overview of OOAD, UML, and RUP Information Systems Analysis and Design Overview of OOAD, UML, and RUP
Information Systems Analysis and Design Overview of OOAD, UML, and RUP
 
Investigating teachers' understanding of IMS Learning Design: Yes they can!
Investigating teachers' understanding of IMS Learning Design: Yes they can!Investigating teachers' understanding of IMS Learning Design: Yes they can!
Investigating teachers' understanding of IMS Learning Design: Yes they can!
 

Kürzlich hochgeladen

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024SynarionITSolutions
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 

Kürzlich hochgeladen (20)

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 

Specification of usage control requirement

  • 1. Specification of Usage Control Requirements Bibek Shrestha bibek.shrestha@tum.de
  • 2. Table of Contents 1. 2. 3. 4. 5. 6. 7. Usage Control? Obligation Specification Language (OSL) Brief introduction to another Policy Language : Ponder. Comparison between OSL and Ponder. Analysis: compare OSL to other security languages Conclusion. Questions.
  • 3. Concerns for data distribution Once data is distributed, control is limited. Concerns for Data Providers: Privacy, Intellectual Property, Data Security, Data Sender and Receiver need to agree to conditions.
  • 4. Conditions for data distribution Data distribution on two grounds Conditions that should already satisfy before data is given to a receiver : Provisions and Conditions on future use of data : Obligations Usage Control deals with Obligations
  • 5. What is Usage Control? Usage Control deals with who and how, must or must not, allowed or not allowed, to use the data after distribution. Encompasses Specification of conditions and control enforcement mechanisms
  • 6. Usage control requirements Existing literature on notions of Usage Control. But, Separately studied, Closed source implementations, Not defined precisely, Lack of holistic system model for Usage Control.
  • 7. Focus Specification of conditions Not into: control enforcement mechanisms Languages Reviewed Usage Control Specific: Obligation Specification Language (OSL) Another Policy Language Policy
  • 8. Obligation Specification Language does: Analysis of policies If set of mechanisms enforces a given policy? Is a policy free of contradiction? General purpose specification language for Usage Control Combine "must" and "may" modality Example: Allows DRM mechanisms for enforcing privacy policies Interoperability between different DRM Mechanisms and give a formal semantics to these languages
  • 9. Obligation Specification Language First order linear temporal logic Formalized in 'Z'
  • 10. OSL : Time Steps and Traces Policies act upon a long period of time, which is divided into discrete time portions called time steps. A trace is the combination of these time steps as a whole. At each time step of a trace, multiple events can happen.
  • 11. OSL : Events EventDecl Example: { (play, usage, {(object, ObjID), (device, DevID)}), (backup, usage, {(object, ObjID), (device, DevID)}), } ● Used interchangeably with action. ● Has (name, type {parameter set}) ● Event type can be either usage (usage of data) or other (signalling or messaging or similar events) ● Parameters specify extra details about the event (Eg: data item the event is performed on, etc)
  • 12. OSL : Indexed Events An event can be as long as one or more TimeSteps. Efst - Indexed event with index start Eall - All indexed events with index ongoing Eall 1st ongoing ongoing ongoing ongoing start Efst ...
  • 13. OSL : Time Steps and Traces (Alice, repmax(5, Efst((play, {(object, mov)})))) mov can be played for 5 times at max (Alice, repmax(5, Eall((play, {(object, mov)})))) mov must not be played more than 5 time steps Note the difference with the first example
  • 14. OSL : Obligation formula { (Alice, permitonlyevname({play, backup}, {(object, mov)})), (Alice, repmax(5, Eall((play, {(object, mov)})))), (Alice, repmax(1, Efst((backup, {(object, mov)})))), } Each line is an obligation formula ( SubjectID x Φ ) Obligation formula are of two different forms: 1. Action Requirements (Mandatory Actions) 2. Usage Restrictions (Prohibiting Conditions)
  • 15. OSL : Conditions in obligation formula Circumstances under which the usage restrictions or action requirements apply.
  • 16. OSL : Operators (Informal Description) Logical Operators: not(x), and(x,y), or(x,y), implies(x,y) Eg: (Alice, not( Efst( (play, {Object, song.mp3}) ) )) Temporal Operators: until(x,y), after(n,x), during(n,x), within(n,x) Eg: (Alice, after( 5, Efst(...) ) ) Cardinality Operators: replim(i,m,n,x), repuntil(n,x,y), repmax(n,x) Eg: (Alice, replim(20, 5, 30, Efst ((playCommercial , {(stream, s)}))) ) Permit Operators: permitonlyevname(es,ps), permitonlyparam(pv,pn,es,ps) Eg: (Alice, permitonlyevname({play, backup}, {(object, mov)}))
  • 17. OSL : Syntax and Example OSLPolicy = {EventDecl} x {OblFormula} OblFormula = SubjectID x Φ Example OSLPolicy ({ (play, usage, {(object, ObjID), (device, DevID)}), (backup, usage, {(object, ObjID), (device, DevID)}), }, { (Alice, permitonlyevname({play, backup}, {(object, mov)})), (Alice, repmax(5, Eall((play, {(object, mov)})))), (Alice, repmax(1, Efst((backup, {(object, mov)})))), }
  • 18. OSL : Translation from OSL to RELs ● OSL supports must and may modalities. ● OSL more expressive than other RELs like XrML and ODRL ● Translation from OSL to ODRL and viceversa done. Why? Three main reasons: 1. Give semantics to XrML, ODRL or any other RELs. 2. Intermediate translation language between RELs. 3. Utilize enforcement mechanisms existing for RELs.
  • 19. OSL : Translation ODRLc to OSL ● A subset of Open Digital Rights Language (ODRL) called ODRLcompact (ODRLc) chosen that does not include concepts outside the scope of OSL. ● ODRLc specify rights which are of may modality. ● All ODRLc licenses can be expressed in OSL.
  • 20. OSL : Translation OSL to ODRLc ● Not all OSL expressions can be expressed in OSL. ● Difficult to identify which subset can be translated. ● Pragmatic approach : Pattern matching used (subid, repmax(n, Efst(ue))) to <count> expressions. ● Syntactic pattern matching requires obligations to be in an implicitly defined canonical form. Slight variations will result in a mismatch. ● Difficult and needs improvement.
  • 21. Ponder October 2000 Strongly typed, Object Oriented Language. Used for Policy Specification. Policies does not clearly focus on Provisions and Obligations Strong focus on Policy Expression, Management and Organization with Roles and Relationships. Declarative language, leaves implementation for other programming languages.
  • 22. Problems addressed by Ponder 1. Declare delegatable policies. 2. Support policies relating to large collection of objects, possibly millions. 3. Composite policies that group basic policies according to roles, organizational units, etc. 4. Analyze conflicting policies. 5. Simple extension of policies with Inheritance.
  • 23. Ponder : Policy definition ● A policy is collection of one or many rules. ● Policy is defined as methods in interface definition language. Example:
  • 24. Ponder : Policy type and instance ● Policy type is a template. ● A policy instance is derived from a Policy type, also can be defined directly. ● Instance defines the real policy. ● Policy Type and Policy Instance are analogous to Class and Object Instance in Object oriented languages.
  • 25. Ponder : Policy Categorization ● Basic Policies Contains only policy elements, no children policies. ○ Authorization Policies ○ Obligation Policies ○ Refrain Policies ○ Delegation Policies ● Composite Policies Contains children policies. Main idea is organization. ○ Group, Roles, Relationships, Management Structures
  • 26. Ponder : Obligation Policies Specify actions that must be performed on a set of target objects when an event occur. Example states that when Steven’s temperature exceeds 37 degrees, nurse takes two actions: first she administers analgesics followed by second manually recording his temperature.
  • 27. Ponder : Composite Policies ● Simplify specification and organization of policies from small to large distributed systems. ● Provide a syntactic scope for child policies who share common declarations. Types ● Groups ● Roles ● Relationships ● Management Structures
  • 28. Discussion Comparison of dedicated Usage Control Specification Language (OSL) to a general Policy Language (Ponder) in terms of: ● Syntax and semantics consideration ● Implementation ● Policy organization ● Ability to describe temporal conditions
  • 29. Discussion : Syntax and Semantics OSL Formalized in Z, well defined syntax and semantics. XML representation available. Easy to understand. Ponder Well defined Syntax and Semantics. Not described on a Formal Language. Object oriented and declarative in nature, supports inheritance for re-use.
  • 30. Discussion : Implementation OSL Representation on abstract level. Event names, Parameters have to be mapped to actual implementation. Pro - provide generalization, con - Extra effort for mapping. Ponder Although being declarative, it models the actual system more closely.
  • 31. Discussion : Organization OSL Less concerned about organization and management. Focus is on expression of requirements than administration of policies. Main focus - Usage Control. Ponder Contains a lot of policy and resource management tasks in its specifications.
  • 32. Discussion : Work with Temporal Conditions OSL Temporal conditions are one of the primary concerns as the norm of time steps as well as temporal operators: until, after, during along with other operators allow expressing complex time based conditions. Ponder Contains Timer library that allows to specify time-point events, repeated events based on duration and repeated events at specific time-points. Lacks the norm of time-steps to perform cardinal operations, eg: Movie can be viewed only 10 times.
  • 33. Conclusion ● Main challenge : Usage control covers huge scope, develop a general purpose language that allows to express requirements of this huge scope. ● Different approaches found in the languages under study. ● Different factors affect language adoption : ease of expression, ease of implementation, generalization and ability to adapt to changes. ● OSL looks to be highly focussed in Usage Control and future developments should make it more feature rich, means wider adoption by the industry.
  • 35. More challenges Take care of ● Data roles : Owners, Carriers, Consumers ● Network and Medium of data flow ● Data types : Physical Object, Digital Object, etc ● Restriction Types : Permission, Restrictions ● Restriction Mechanisms : Preventive control mechanisms vs Observation mechanisms ● etc
  • 37. ODRL formalization http://arxiv.org/pdf/cs.LO/0601085.pdf ODRL and MPEG-21 Translation http://odrl.net/workshop2004/paper/odrl-polo-paper.pdf