A fine-grained, controllable, user-to-user delegation method in RBAC

Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

Volumn , Issue , 2005, Pages 59-66

  Wainer, Jacques ^a   Kumar, Akhil ^b  

^a UNIVERSITY OF CAMPINAS   (Brazil)

^b PENNSYLVANIA STATE UNIVERSITY   (United States)

Author keywords

Access control; Delegation; RBAC; Revocation

Indexed keywords

CONSTRAINT THEORY; RESEARCH;

ACCESS CONTROL; DELEGATION; RBAC; REVOCATION;

CONTROL SYSTEM ANALYSIS;

EID: 30644480988     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1063979.1063991     Document Type: Conference Paper

References (18)

1. Vijayalakshmi Atluri and Avigdor Gal. An authorization model for temporal and derived data: securing information portals. ACM Trans. Inf. Syst. Secur., 5(1):62-94, 2002.
2. Jean Bacon, Ken Moody, and Walt Yao. A model of OASIS role-based access control and its support for active security. ACM Trans. Inf. Syst. Secur., 5(4):492-540, 2002.
3. Ezedin S. Barka and Ravi Sandhu. Framework for role-based delegation models. In 16th Annual Computer Security Applications Conference, December 2000. http://www.acsac.org/2000/abstracts/34.html.
4. Ezedin S. Barka and Ravi Sandhu. A role-based delegation model and some extensions. In 23rd National Information Systems Security Conference, October 2000. http://csrc.nist.gov/nissc/2000/proceedings/papers/021.pdf.
5. Evgeny Dantsin, Thomas Eiter, Georg Gottlob, and Andrei Voronkov. Complexity and expressive power of logic programming. ACM Comput. Surv., 33(3):374-425, 2001.
6. Ronald Fagin. On an authorization mechanism. ACM Trans. Database Syst., 3(3):310-319, 1978.
7. Cheh Goh and Adrian Baldwin. Towards a more complete model of role. In RBAC '98: Proceedings of the third ACM workshop on Role-based, access control, pages 55-62. ACM Press, 1998.
8. Patricia P. Griffiths and Bradford W. Wade. An authorization mechanism for a relational database system. ACM Transactions on Database Systems (TODS), 1(3):242-255, 1976.
9. Asa Hagstrom, Sushil Jajodia, Francesco Parisi-Presicce, and Duminda Wijesekera. Revocations - a classification. In CSFW '01: Proceedings of the 14th IEEE Workshop on Computer Security Foundations, page 44. IEEE Computer Society, 2001.
10. JongSoon Park. YoungLok Lee, HyungHyo Lee, and BongNam Noh. A role-based delegation model using role hierarchy supporting restricted permission inheritance. In Proceedings of the International Conference on Security and Management. SAM '03, pages 294-302. CSREA Press, 2003.
11. Chun Ruan and Vijay Varadharajan. Resolving conflicts in authorization delegations. In 7th Australian Conference on Information Security and Privacy, volume 2384 of Lecture Notes in Computer Science, pages 271-285. Springer, 2002.
12. R Sandhu, E. Coyne, H. Feinstem, and C. Yournan. Role-based access control models. IEEE Computer, 29(2):38-47, 1996.
13. Ravi Sandhu and Qamar Munawer. The ARBAC99 model for administration of roles. In Annual Computer Security Applications Conference, 1999.
14. Roberto Tamassia. Danfeng Yao, and William H. Winsborough. Role-based cascaded delegation. In Proceedings of the 9th ACM Symposium on Access Control Models and Technologies, pages 146-155. ACM, 2004.
15. Jacques Wainer. Paulo Barthehness. and Akhil Kumar. WRBAC - a workflow security model incorporating controlled overriding of constraints. International Journal of Cooperative Information Systems, 12(4):455-486, 2003.
16. Walt Yao. Fidelis: A policy-driven trust management framework. In Trust Management. First International Conference, iTrust, volume 2692 of Lecture Notes in Computer Science, pages 301-317. Springer, 2003.
17. Longlma Zhang. Gail-Joon Ahn. and Bei-Tseng Chu. A rule-based framework for role-based delegation and revocation. ACM Trans. Inf. Syst. Secur., 6(3):404-441, 2003.
18. Xinwen Zhaug. Sejong Oh. and Ravi Sandhu. PBDM:a flexible delegation model in RBAC. In SACMAT '03: Proceedings of the eighth ACM symposium on Access control models and technologies, pages 149-157. ACM Press, 2003.