Skip to content


  1. Profile and Progress
  2. Overview
  3. Scope
  4. Problem Description
  5. Objectives
  6. Methodology
  7. History of Usage Control Platformization
  8. Conceptual Diagrams
  9. Design Specific Stack
  10. Required Skills

Profile and Progress

My R&D theme is greatly influenced by the work I had been doing at SERG. The description clearly points out the contributions and efforts that are associated with my interests and activities.

I have been incorporating and using Discretionary Access Control, Mandatory Access Control (MAC specifically SELinux) and Trusted Computing in the Openmoko platform. Dbus based framework is utilized to provide an application runtime for multiple owners’ service and resources constraints’ regulation and enforcement. Originally a usage control component had been developed as an interpreter (PDP)  to decide enforcement at application layer. Now it is being extended as a platform wide PDP and an actuator/event-handler, which evaluates constraints and instructs other security agents and enforcers (e.g. measurement agents) accordingly. Qemuarm and Neo FreeRunner were my client machines, while web application frameworks were assumed to abstract the security management for usage control framework to reduce complexity in the first place.

Some of our research work had progressed from web services to a more challenging cloud based usage model for combining the server side reference monitor semantics more clearly and effectively for a complex real world use case. Our work also provided strong feedback to related community efforts as well.

The EASIP project at SERG also uses the concept of constraint based usage control framework to extend the user experience for runtime management of conflict resolution with dynamic constraints. Scholars have made related contributions as well.

The EASIP approach is an experiment limited in a way where server side runtime constraint management is not considered. Therefore it lacks dynamic rights management to satisfy the possible manageability with flexibility that has been demonstrated in a recent refereed work where rights management is automated with model driven engineering. This way a flexible runtime management can be implemented with suitable infrastructural enhancements.

As a matter of fact extending with both platforms seems to be a good point as MDA based approach can be proven with sophistication. Personally I continue with the Trusted Computing, DAC, Dbus and SELinux based runtime enhancements, while EASIP extends the Android Runtime’s enforcement capabilities. Mandatory Access Control at the Native OS level is quite similar in nature.

Using Dbus is advantageous as the approach can be easily implemented and ported to multiple platforms for experimentation, while Android based approach attracts the research and commercial community but at the same time it is difficult to incorporate the usage control framework in it. The basic hurdle is the more layered architecture of Android’s application framework, which constrains the in-depth enforcement of usage control.

After porting, configuring and evaluation experiments we have moved to implement the security features and mechanisms in a well formed platform, service and application framework in a client-server model.

Back to top


Security management in information societies is becoming extremely challenging where the resources are open and ubiquitous. The policies of the classified object changes with it’s usage depending on the environment and it’s internal states. A classified object might have multiple stakeholders, with varying amount of rights over it all along it’s life-cycle. The relationships of stakeholders with objects is of our prime interest, where the object will be used, derived and distributed.

Our contributions include classification of entities like stakeholders and objects, while concentrating on the specification of policy by the stakeholder for objects’ usage. This enables us to design and develop in an emulated environment, where these high level specifications transform to platform independent usage and administrative policies and administer the usage policy and constraints on specified end user devices. We focus on resources for the mobile platforms, using the Python/dbus based runtime for prototyping. Our foundation work and experiments are available for the OpenMoko platform. The later work will be provided as free and open source as soon as the prototypes are brought into working conditions.

Back to top


Trusted Computing, Usage Control, Mandatory Access Control, Pubic Key Infrastructure with Automated Configuration and Policy Management make up the technological scope for my research and development activities. My use cases are based on Mobile Platforms, Web Services and Cloud Computing oriented business and usage models. The integral part of my study and experimentation is focused on how to provide a generic framework for semantically integrated and programmed security of shared resources in cross-context and cross-domain services.

Back to top

Problem Description

Trust & authorization policies are mostly specific to their application and they are isolated due to limited application scope. This results in systems that do not naturally support cross context and platform semantics. This makes the deployment of evolving services very complex and fragile, which does not exactly increase the trustworthiness of the resulting system.

The analysis of the needs and proposed solutions for each of these isolated contexts shows that each solution provider actually tries to solve the same problem, and that they roughly follow the same learning curve, making similar but slightly different design decisions, etc., which mainly originates from an insufficiently open and inflexible core architecture.

Usage Control Platformization for Mobile Platforms takes care of exactly this problem, and requires an architecture, which is context and platform neutral/independent.

Back to top


The main challenge is to guarantee the semantically correct interpretation and implementation of data protection regulation, while sharing, accessing and using information processing services and providing required enhancements. These are essential elements of trust required for various stakeholders.

Back to top


  1. Identify the security and control mechanisms
  2. Converge semantics and administration of these mechanisms for usage control
  3. Identify short-comings and induce useful abstractions
  4. Propose and develop the required abstractions and indirections with middleware/framework
  5. Prototype with use case as a proof of concept

Note: Steps 3, 4 and 5 are repetitive in nature to reduce complexity and add more technological details step-wise.
Back to top

Where did Usage Control Platformization come from?

In 2007 we collaborated with Dr. Xinwen Zhang (pioneered the UCON model) of Samsung Information Systems America (SISA) to propose research prototypes for trusted computing and usage control using formal methods and example implementations. Usage control is a term where server side and client side reference monitors collaborate to enforce usage constraints on objects/data that is released from server to client for some particular set of usage activities. The term platformization means to enable the platform to manage mediated usage control between the stakeholders where resources are shared.

We used SELinux and TPM emulator as our first security kernel for a health care scenario. This work was called “Usage control platformization using trustworthy SELinux”. This work was later patented by SISA.

In our ICT R&D funded projects we used different techniques to prove the validity of the concept and its application for COTS.

Back to top

Conceptual Diagrams

Following diagrams demonstrates the big picture of my R&D objectives.

Back to top

Design Specific Software Stack

  • Boot loader
  • initrd – ram disk for loading LKM required at pre-boot
  • Kernel
  • Package manager
  • Dbus IPC middleware to enable the framework
  • ssl/tls libs, utils, openCA and openXPKI
  • SELinux utils and libs
  • TSS  and TPM emulator
  • ecryptfs
  • usage control middleware for administering automated management tasks using a global interpreter and the following measurement, enforcement and management agents:
    • Storage
    • Measurement
    • Reporting
    • Verification
    • Enforcement
  • TC aware application
  • Puppet Configuration Management tools
  • Cloud computing and mobile infrastructure utilized by the application services as a platform

Back to top

Required Skills

  • C/C++
  • Java or Python
  • Shell scripting
  • Mobile platforms and toolchains
  • Re-engineering Public/Private clouds and client mobile platforms
  • Model Driven Configuration Management
%d bloggers like this: