The UCON ABC usage control model

In this paper, we introduce the family of UCON ABC models for usage control (UCON), which integrate Authorizations (A), oBligations (B), and Conditions (C) . We call these core models because they address the essence of UCON, leaving administration, delegation, and other important but second-order issues for later work. The term usage control is a generalization of access control to cover authorizations, obligations, conditions, continuity (ongoing controls), and mutability. Traditionally, access control has dealt only with authorization decisions on users' access to target resources. Obligations are requirements that have to be fulfilled by obligation subjects for allowing access. Conditions are subject and…