Arnab, Alapan and Hutchison, Andrew (2007) Persistent Access Control: A Formal Model for DRM, Proceedings of Seventh ACM Workshop on Digital Rights Management (ACM-DRM), held in conjunction with CCS 2007, the Thirteenth ACM Conference on Computer and Communications Security, 29 October 2007, Alexandria, Virginia, USA, ACM.
Other
lirel.zip Download (0B) |
|
PDF
acmdrm07-arnab.pdf Download (297kB) |
Abstract
Digital rights management (DRM) can be considered to be a mechanism to enforce access control over a resource without considering its location. There are currently no formal models for DRM, although there has been some work in analysing and formalising the interpretation of access control rules in DRM systems. A formal model for DRM is essential to provide specific access control semantics that are necessary for creating interoperable, unambiguous implementations. In this paper, we discuss how DRM differs as an access control model to the three well known traditional access control models -- DAC, MAC and RBAC, and using these existing approaches motivate a set of requirements for a formal model for DRM. Thereafter, we present a formal description of LiREL, a rights expression language that is able to express access control policies and contractual agreement in a single use license. Our motivation with this approach is to identify the different components in a license contract and define how these components interact within themselves and with other components of the license. A formal notation allows for an uniform and unambiguous interpretation and implementation of the access control policies.
Item Type: | Conference paper |
---|---|
Additional Information: | This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published (will be published) in The Proceedings of the 7th ACM DRM Workshop, Co-Located with ACM-CCS 2007, Alexandria, Virginia, USA. |
Uncontrolled Keywords: | Rights Expression Languages, REL, Access Control |
Subjects: | Social and professional topics > Professional topics > Management of computing and information systems Software and its engineering > Software organization and properties > Contextual software domains > Operating systems |
Date Deposited: | 29 Aug 2007 |
Last Modified: | 10 Oct 2019 15:34 |
URI: | http://pubs.cs.uct.ac.za/id/eprint/411 |
Actions (login required)
View Item |