ids-specification icon indicating copy to clipboard operation
ids-specification copied to clipboard

Published 20 hours ago verified publisher icon International-Data-Spaces-Association

Relationship between Usage Control and Access Control

Open matgnt opened this issue 1 year ago • 8 comments

image

As a reminder to what we discussed during the sync call 2 weeks ago. Is Access Control really part of Usage Control?

Seems to appear in multiple documents, e.g. https://internationaldataspaces.org/wp-content/uploads/dlm_uploads/IDSA-Position-Paper-Data-Sovereignty-Requirements-Analysis-of-Manufacturing-Use-Cases.pdf Page 10.

It should be discussed whether:

"Usage control is an extension to traditional access control"

should be changed to:

"Usage control is an *addition* to traditional access control"

for more clarity. I think "extension could be still fine, if not the picture would direct into the idea that one was "contained in" the other.

matgnt avatar Mar 14 '23 09:03 matgnt

Hi, this concept evolved from some major publications in the area of usage control. The idea: Usage control takes access control and extends it to another security context (e.g., a machine outside of your organisation) or some other dimension such as time (use only for a week). The baseline is still an access control decision: May the user x access data item y with action z? This is why this is contained. Does this make sense? Can we somehow rephrase to make that more clear?

gbrost avatar Mar 21 '23 08:03 gbrost

Hi Gerd,

Usage control takes access control and extends it to another security context (e.g., a machine outside of your organisation)

that is an interesting point. If I try to apply this, would it mean that any kind of such usage policy is ONLY possible WITH some kind of technical enforcement? Or how would you describe usage policy (security context outside my own organization...) in case NO technical enforcement was possible?

matgnt avatar Mar 25 '23 15:03 matgnt

Hi Matthias,

I do agree. Without technical enforcement you have "just" a legal agreement in the best case. And indeed, technical enforcement is not trivial. This is also why we focus on Trusted Execution Environments so much from a security point of view. We did build systems based on Trusted Platform Modules, but reliably securing the full software stack is quite challenging.

With a working remote attestation mechanisms and TEEs you could have technical enforcement and a reliable way to prove f the deployed software artefact is what you expect.

gbrost avatar Mar 27 '23 06:03 gbrost

Without technical enforcement you have "just" a legal agreement in the best case.

And that would raise the question that I asked in #75

Would you say that such a 'legal agreement' is a license?

matgnt avatar Apr 03 '23 07:04 matgnt

I commented there. I fully agree with Peter.

gbrost avatar Apr 04 '23 07:04 gbrost

From a plain protocol perspective, this is not anything which needs to be specified by us here. However, we (the DSP working group) proposes to explain the relationship between Usage/Access/etc. Control to the policy/contract data object in the Best Practice document.

sebbader-sap avatar Oct 26 '23 08:10 sebbader-sap

Therefore, I propose to remove the "V1 pre-release" label @ssteinbuss

sebbader-sap avatar Oct 26 '23 08:10 sebbader-sap

Therefore, I propose to remove the "V1 pre-release" label @ssteinbuss

Ack, changed label from "V1 pre-release" to "Best Practices"

ssteinbuss avatar Nov 09 '23 07:11 ssteinbuss