A Distributed Authorization System with Mobile Usage Control Policies

Distributed systems, such as the Cloud, are widely used forsolving large problems, because they provide big computational powerat a low cost. From the security point of view, distributed systems posenew challenges, because the applications running on the components ofthe system could cooperate to access the system?s resources. Hence, thesecurity support should consider all the accesses performed by the appli-cations run by the same user on distinct nodes of a distributed systemas the behaviour of that user. To address this problem, this paper pro-poses mobile usage control policies that, besides regulating the usage ofthe system resources, also define the exchange of some policy fragmentsamong the nodes of the distributed system. In this way, the usage of re-sources performed on one node of the distributed system affects the rightof accessing resources on other nodes of the system. A reference scenariowhere mobile usage control policies could be successfully adopted is theCloud environment.