Abstract
We propose a novel framework for integrated access and resource usage control over standard clientserver interactions. Historically, access control has been developed without considering resource usage. Resource control has thus developed as an ad hoc server-centric set of mechanisms (e.g., file system quota, network bandwidth quote, etc.). We believe that resource usage control is strongly related to access control and so should be implemented using a unified, global enforcement framework. We introduce such a framework, where services have resource usage constraints and principals have resource usage histories. To access and use a service, a principal must have the appropriate access and sufficient resource usage rights when considering its usage history. Our framework is able to enforce global stateful policies, yet do not require changes to existing message-passing applications. We have built a prototype and used it to specify and enforce an example policy that includes role-based control and delegation. We applied our system to control access and resource usage for three different services, network, DNS, and SMB file systems, to demonstrate its effectiveness and wide applicability.