10141 Abstracts Collection -- Distributed Usage Control

From 06.04. to 09.04.2010, the Dagstuhl Seminar 10141 ``Distributed Usage Control \u27\u27 was held in Schloss Dagstuhl~--~Leibniz Center for Informatics. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available

The Security of Practical Two-Party RSA Signature Schemes

In a two-party RSA signature scheme, a client and server, each holding a share of an RSA decryption exponent $d$, collaborate to compute an RSA signature under the corresponding public key $N,e$ known to both. This primitive is of growing interest in the domain of server-aided password-based security, where the client\u27s share of $d$ is based on its password. To minimize cost, designers are looking at very simple, practical protocols based on the early ideas of Boyd, but their security is unclear. We analyze a class of these protocols. We suggest two notions of security for two-party signature schemes and provide proofs of security for the schemes in our class based on assumptions about RSA and the hash function underlying the scheme

Formal model and policy specification of usage control

The recent usage control model (UCON) is a foundation for next-generation access control models with distinguishing properties of decision continuity and attribute mutability. A usage control decision is determined by combining authorizations, obligations, and conditions, presented as UCON ABC core models by Park and Sandhu. Based on these core aspects, we develop a formal model and logical specification of UCON with an extension of Lamport's temporal logic of actions (TLA). The building blocks of this model include: (1) a set of sequences of system states based on the attributes of subjects, objects, and the system, (2) authorization predicates based on subject and object attributes, (3) usage control actions to update attributes and accessing status of a usage process, (4) obligation actions, and (5) condition predicates based on system attributes. A usage control policy is defined as a set of temporal logic formulas that are satisfied as the system state changes. A fixed set of scheme rules is defined to specify general UCON policies with the properties of soundness and completeness. We show the flexibility and expressive capability of this formal model by specifying the core models of UCON and some applications. © 2005 ACM

Immunotherapy in Autoimmune Diabetes

Autoimmune diabetes is a chronic autoimmune disease caused by the loss or selective destruction of the insulin-producing cells, called pancreatic beta cells. Damage to beta cells results in an absence or insufficient production of insulin produced by the body. Most cases of autoimmune diabetes have an autoimmune basis, and the immune system mistakenly attacks and destroys beta cells. The immune system plays a critical role in controlling the development of autoimmune diabetes. Over the past years there have been significant progress and an accumulation of scientific evidence for the concept of immunotherapy. Immunotherapy for the prevention and treatment of autoimmune diabetes has become the main focus of the research community. Three regimens of immunotherapy have been investigated: (1) Antigen-specific vaccines: Insulin-related molecules have attracted great interest in vaccine development, including the whole recombinant human GAD65 (rhGAD65) and the DiaPep277 peptide of HSP60. (2) Systemic immunomodulators: A large number of non–antigen-specific immunomodulators have been studied, including monoclonal anti-CD3 antibody, anti–CTLA-4 Ig, TNF-a, IFN-a, IL-1R antagonist, regulatory T cells, and dendritic cells. (3) Combination treatments: Combination therapies have the ability to enhance efficacy and will become the standard of care for autoimmune diabetes. Development of safe and efficient prevention of autoimmune diabetes is a general public health object in modern countries now. Although large numbers of preventive modalities including immunotherapy have been accomplished in animal models of autoimmune diabetes, prevention of human autoimmune diabetes remains indefinable. Genetic and environmental factors that control the relapsing-remitting course of β-cell destruction, terminating in complete insulin addiction are being determined. In the long run, initial prevention of islet autoimmunity will likely be the optimal approach to the prevention of autoimmune diabetes. However, environmental causes of islet autoimmunity need to be well stated. Modest predictive assessment of the existing genetic screening tools also means that the number of children requiring intervention will stay great, concerning the number of autoimmune diabetes cases prohibited. Nevertheless, combination treatments are more likely to be used for autoimmune diabetes. Primary systemic immunosuppression followed by antigen-specific induction of tolerance or islet regeneration is a sound approach

Common Representation of Information Flows for Dynamic Coalitions

We propose a formal foundation for reasoning about access control policies within a Dynamic Coalition, defining an abstraction over existing access control models and providing mechanisms for translation of those models into information-flow domain. The abstracted information-flow domain model, called a Common Representation, can then be used for defining a way to control the evolution of Dynamic Coalitions with respect to information flow