06. – 09. April 2010, Dagstuhl-Seminar 10141

Distributed Usage Control


Sandro Etalle (TU Eindhoven, NL)
Alexander Pretschner (KIT – Karlsruher Institut für Technologie, DE)
Ravi S. Sandhu (The University of Texas – San Antonio, US)
Marianne Winslett (University of Illinois – Urbana-Champaign, US)

Auskunft zu diesem Dagstuhl-Seminar erteilt

Dagstuhl Service Team


Dagstuhl Seminar Proceedings DROPS
Programm des Dagstuhl-Seminars [pdf]


In general, access control defines who may access which data, and under which circumstances. A good access control system is at the base of every process which handles confidential information. As an extension to access control, usage control is about defining and enforcing how data may or may not be handled after it has been accessed (e.g., "do not disseminate," "delete after thirty days," "notify me when accessed," “use only for scientific purposes.”) Usage control is particularly relevant when it comes to privacy, protection of trade secrets or intellectual property, digital rights management, and auditing/compliance in the context of regulatory frameworks. Usage control is hence both relevant for society and economics.

While there is a pressing need for usage control, existing solutions are partial – e.g., via access control mechanisms – and often specialized. The problem is particularly challenging in distributed environments where servers, which give away data, can neither see nor control what clients do with the data after their reception. In this setting, enforcement can be accomplished in one of two ways: by ensuring that policies are not violated, or by detecting and reporting violations, online or off-line. These two approaches apply in different technological environments, and they apply to different underlying trust and business models.

With about 50 attendants, the Dagstuhl seminar on Distributed Usage Control has had an overwhelming response to the invitations that were sent out. One noteworthy characteristics of the seminar was its multidisciplinary nature. Security is not only technical; it is a multidisciplinary field that has legal, regulatory and societal aspects too. This makes security research particularly challenging. This Dagstuhl seminar had a technical core, but sparked discussions also from neighboring fields, in particular a plethora of issues related to privacy. This gave rise to three days of lively discussion, with a regular interleaving of general agreements and disagreements.

In sum, the seminar enjoyed a somewhat unexpected focus on privacy-related issues and intense discussions on the general subject of security research and its connection or disconnection with real-world problems. To the surprise of some, there continues to be disagreement on whether 100% security is a desirable goal, even though it is unlikely to be reached, or if pragmatic considerations including cost, feasibility, usability, innovation and fun should rather lead to a risk-based approach that aims at imperfect security, and if the community shouldn’t strive to understand what the risks are, and what imperfect security really is.


  • Security / Cryptology
  • Software Engineering
  • Operating Systems


  • Data protection
  • Privacy
  • Access control
  • Usage control
  • Security policies
  • Trust
  • Trusted computing
  • Compliance
  • DRM
  • Information flow


In der Reihe Dagstuhl Reports werden alle Dagstuhl-Seminare und Dagstuhl-Perspektiven-Workshops dokumentiert. Die Organisatoren stellen zusammen mit dem Collector des Seminars einen Bericht zusammen, der die Beiträge der Autoren zusammenfasst und um eine Zusammenfassung ergänzt.


Download Übersichtsflyer (PDF).


Es besteht weiterhin die Möglichkeit, eine umfassende Kollektion begutachteter Arbeiten in der Reihe Dagstuhl Follow-Ups zu publizieren.

Dagstuhl's Impact

Bitte informieren Sie uns, wenn eine Veröffentlichung ausgehend von
Ihrem Seminar entsteht. Derartige Veröffentlichungen werden von uns in der Rubrik Dagstuhl's Impact separat aufgelistet  und im Erdgeschoss der Bibliothek präsentiert.