This paper reasons on usage control in Data Grids. First, we present a usage-based Grid authorization architecture using the functional components of the currents Grids, and consider the advantages of using Semantic Grid techologies for the specification of UCON subjects and objects. Then, we analyse the formal requirements for an enforcing mechanism of UCON policies, using the KAOS requirements engineering methodology with a bottom-up approach. To do it, we provide an abstract specification of an enforcement mechanism. Then, we prove that this specification is sound and complete showing formally that it can enforce all the policies pertaining to the Sandhu’s UCON authorization sub-models. Using the rigorous requirement engineering methodology of KAOS, we derive for each sub-model the operational requirements, showing that each one can be enforced by the specification previously provided.
|Publication status||Published - 17 Jun 2008|