A Rule-Based Framework for Role-Based Delegation and Revocation

ACM Transactions on Information and System Security

Volumn 6, Issue 3, 2003, Pages 404-441

  Zhang, Longhua ^a   Ahn, Gail Joon ^a   Chu, Bei Tseng ^a  

^a University of North Carolina at Charlotte   (United States)

Author keywords

access control; delegation; Management; revocation; Role; rule based; Security

Indexed keywords

EID: 3042684910     PISSN: 10949224     EISSN: 15577406     Source Type: Journal    
DOI: 10.1145/937527.937530     Document Type: Article

References (29)

1. Abadi, M., Burrows, M., Lampson, B., Plotkin, G., 1993. A calculus for access control in distributed systems.ACM Trans. Program. Lang. Syst. 15, 4(Sept.), 706-734.
2. Abiteboul, S., Grumbach, S., 1991. A rule-based language with functions and sets.ACM Trans. Database Syst. 16, 1-30.
3. Ahn, G., Sandhu, R., 2000. Role-based authorization constraints specification.ACM Transactions on Information and System Security 3, 4, ACM (November) 207-226.
4. Aura, T., 1999. Distributed access-rights management with delegation certificates.Security Internet programming. J. Vitec and C. Jensen Eds. Springer, Berlin, 211-235.
5. Barka, E., Sandhu, R., 2000. A role-based delegation model and some extensions. In Proceedings of 16th Annual Computer Security Application Conference, Sheraton New Orleans, December 11-15, 2000a.
6. Barka, E., Sandhu, R., 2000. Framework for role-based delegation model. In Proceedings of 23rd National Information Systems Security Conference, Baltimore, October 16-19, 2000b, 101-114.
7. Bhamidipati, V., Sandhu, R., 2000. Push Architectures for USER ROLE assignment. In Proceedings of 23rd National Information Systems Security Conference, Baltimore, October 16-19, 2000, 89-100.
8. Blaze, M., Feigenbaum, J., Lacy, J., 1996. Decentralized trust management.IEEE Symposium on Security and Privacy. Oakland, CA. May 1996.
9. Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A., 1999. The role of trust management in distributed system security.Security Internet Programming. J. Vitec and C. Jensen, eds. Springer, Berlin, 185-210.
10. Ferraiolo, D., Barkley, J., Kuhn, D. R., 1999. A role-based access control model and reference implementation within a corporate intranet.ACM Transactions on Information and System Security 2, 1(February), 34-64.
11. Ferraiolo, D., Cugini, J., Kuhn, D. R., 1995. Role-based access control (RBAC): features and Motivations. In Proceedings of 11th Annual Computer Security Application Conference. New Orleans, LA, December 11-15 1995, 241.
12. Forta, B., (ed), 1998.Nate Weiss. Advanced ColdFusion 4.0 Application Development. MacMillan Company.
13. Forta, B., (ed). 2001.Certified ColdFusion Developer Study Guide. 1st edn. Macromedia Press.
14. Gasser, M., Mcdermott, E., 1990. An architecture for practical delegation a distributed system.IEEE Computer Society Symposium on Research in Security and Privacy. Oakland, CA, May 7-9, 1990.
15. Gladney, H. M., 1997. Access control for large collections.ACM Transactions on Information Systems 15, 2(April), 154-194.
16. Hagstrom, A., Jajodia, S., Presicce, F. P., Wijesekera, D., 2001. Revocations-a classification. In Proceedings of 14th IEEE Computer Security Foundations Workshop, Nova Scotia, Canada, June 2001, 44-58.
17. Hayton, R., Bacon, J., Moody, K., 1998. OASIS: access control in an open, distributed environment. In Proceedings of 1998 IEEE Symposium on Security and Privacy. Oakland, CA, May 3-6. IEEE Computer Society Press, Los Alamitos, CA, 3-14.
18. Jajodia, S., Samarati, P., Subrahmanian, V. S., 1997. A Logical language for expressing authorizations.IEEE Symposium on Security and Privacy. May 1997.
19. Lampson, B. W., Abadi, M., Burrows, M. L., Wobber, E., 1992. Authentication in distributed systems: theory and practice.ACM Transactions on Computer Systems 10, 4, 265-310, November 1992.
20. Li, N., Feigenbaum, J., Grosof, B. N., 1999. A logic-based knowledge representation for authorization with delegation (extended abstract). In Proceeding 12th intl. IEEE Computer Security Foundations Workshop, (extended version is IBM Research Report RC 21492).
21. Li, N., Grosof, B. N., 2000. A practically implementation and tractable delegation logic.IEEE Symposium on Security and Privacy. May 2000.
22. Liebrand, M., Ellis, H. J., Phillips, C., Ting, T. C., 2002. Role delegation for a distributed, unified RBAC/MAC. In Proceedings of Sixteenth Annual IFIP WG 11.3 Working Conference on Data and Application Security King's College, University of Cambridge, UK July 29-31, 2002.
23. Linn, J., Nystrom, M., 1999. Attribute certification: an enabling technology for delegation and role-based controls in distributed environments.ACM Workshop on Role-Based Access Control 121-130.
24. Sandhu, R., 1997. Rational for the RBAC96 family of access control models. In Proceedings of 1st ACM Workshop on Role-based Access Control.
25. Sandhu, R., Bhamidipati, V., Munawer, O., 1999. The ARBAC97 model for role-based administration of roles.ACM Transactions on Information and System Security 2, 1(February), 105-135.
26. Sandhu, R., Coyne, E., Feinstein, H., Youman, C., 1996. Role-based access control model.IEEE Computer 29, 2(February).
27. Yao, W., Moody, K., Bacon, J., 2001. A model of OASIS role-based access control and its support for active security. In Proceedings of ACM Symposium on Access Control Models and Technologies (SACMAT), Chantilly, VA, May 3-4, 2001, 171-181.
28. Zhang, L., Ahn, G., Chu, B., 2001. A Rule-based framework for role-based delegation. In Proceedings of ACM Symposium on Access Control Models and Technologies (SACMAT 2001), Chantilly, VA, May 3-4, 2001 153-162.
29. Zhang, L., Ahn, G., Chu, B., 2002. A role-based delegation framework for healthcare information systems. In Proceedings of ACM Symposium on Access Control Models and Technologies (SACMAT2002). Monterey, CA, June 3-4, 2002, 125-134.