Skip to Main Content
In current trusted network connection (TNC) model, access decisions are generally made at the time of request but typically do not recognize ongoing controls for relative continuous access or for immediate revocation. We propose a new model named trusted network connection based on usage control (U-TNC), which combine TNC solutions with usage control (UCON) to achieve pre-authorization and ongoing-authorization network access control. Moreover, attribute mutability that deal with updates on related endpoint or resource/network attributes as a consequence of access have been presented. This property enable the system disconnect the endpoint whose attributes disagree with security policies in time, and is very important to invoke ongoing authorization. At the end, the paper shows how to use the model in e-commerce and gives a logic specification of the example.