Skip to Main Content
Usage control goes beyond traditional access control, addressing its limitations related to attribute mutability and continuous usage permission validation. The recently proposed UCONABC model establishes an underlying mathematical framework to deal with the new needs of security and control systems. That model was only described by a logic specification, and this paper proposes implementing it as an LALR(1) grammar, which is defined here. The proposed grammar is then used for representing common access and usage control scenarios, showing its expressiveness and usefulness. The proposed grammar is being incorporated into a file usage control mechanism implemented on a COTS operating system.