An Integrated Formal Approach to Usage Control

Abstract

Usage control enforcement is currently voluntary, due to a number of technical difficulties that cannot be addressed by means of purely cryptographic techniques. So, it is commonly argued that purely technical measures should be complemented by surveillance activities and sanctions prescribed by law. The effectiveness of such measures can-and should- be formally analyzed through game theoretic techniques. This paper introduces a framework that integrates both cryptographic techniques and a market model. We provide a first formal analysis of a simplified instance of the framework; it illustrates the integrated methodology and its potential applications, and raises some warnings about the effectiveness of naive approaches.