{"title":"A comprehensive review of usage control frameworks","authors":"Ines Akaichi, Sabrina Kirrane","doi":"10.1016/j.cosrev.2024.100698","DOIUrl":null,"url":null,"abstract":"The sharing of data and digital assets in a decentralized settling is entangled with various legislative challenges, including, but not limited to, the need to adhere to legal requirements with respect to privacy and copyright. In order to provide more control to data and digital asset owners, usage control could be used to make sure that consumers handle data according to privacy, licenses, regulatory requirements, among others. However, considering that many of the existing usage control frameworks were designed to cater for different use cases (e.g., networking, operating systems, and industry 4.0), there is a need to better understand the existing proposals and how they compare to one another. In this paper, we provide a holistic overview of existing usage control frameworks and their support for a broad set of requirements. We systematically collect requirements that are routinely used to guide the development of usage control solutions, which are classified according to three broad dimensions: <ce:italic>specification</ce:italic>, <ce:italic>enforcement</ce:italic>, and <ce:italic>system</ce:italic>. We use these requirements to conduct a qualitative comparison of the most prominent usage control frameworks found in the literature. Finally, we identify existing gaps, challenges, and opportunities in the field of usage control in general, and in decentralized environments in particular.","PeriodicalId":48633,"journal":{"name":"Computer Science Review","volume":"106 1","pages":""},"PeriodicalIF":13.3000,"publicationDate":"2024-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Science Review","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1016/j.cosrev.2024.100698","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
The sharing of data and digital assets in a decentralized settling is entangled with various legislative challenges, including, but not limited to, the need to adhere to legal requirements with respect to privacy and copyright. In order to provide more control to data and digital asset owners, usage control could be used to make sure that consumers handle data according to privacy, licenses, regulatory requirements, among others. However, considering that many of the existing usage control frameworks were designed to cater for different use cases (e.g., networking, operating systems, and industry 4.0), there is a need to better understand the existing proposals and how they compare to one another. In this paper, we provide a holistic overview of existing usage control frameworks and their support for a broad set of requirements. We systematically collect requirements that are routinely used to guide the development of usage control solutions, which are classified according to three broad dimensions: specification, enforcement, and system. We use these requirements to conduct a qualitative comparison of the most prominent usage control frameworks found in the literature. Finally, we identify existing gaps, challenges, and opportunities in the field of usage control in general, and in decentralized environments in particular.
期刊介绍:
Computer Science Review, a publication dedicated to research surveys and expository overviews of open problems in computer science, targets a broad audience within the field seeking comprehensive insights into the latest developments. The journal welcomes articles from various fields as long as their content impacts the advancement of computer science. In particular, articles that review the application of well-known Computer Science methods to other areas are in scope only if these articles advance the fundamental understanding of those methods.