The objective of this research is to define a set of techniques and tools for the specification and monitoring of allowed data sharing in distributed organizations. The usage control policies can be related to the risk level computed by means of several factors. The tools developed will be also used for information sharing techniques related to cyber-crime prevention and forensics aspects of data management aligned to the European cyber-security directive and associated EU policies and regulatory requirements and recommendations.
Modern interconnected systems of systems, such as the Internet of Things (IoT), demand the presence of access and usage control mechanisms which will be able to manage the right of access to the corresponding services, and the plethora of information being generated in a daily basis. The Usage Control (UCON) model offers the means for fine-grained dynamic control of access to specific resources, by monitoring and evaluating the attributes defined within a dedicated security policy. However, a number of improvements can be introduced to the standard model regarding the simplification of the policy writing, but also the improvement of run-time efficiency and scalability. In this article, we discuss the limitations of the original UCON, and propose suitable enhancements for their remediation. Specifically, a risk aggregation framework is proposed to be added to the existing architecture, for dynamic role allocation and service grouping management, in order to improve the scalability, and run-time efficiency of the existing model.