Fine-grained role-based delegation in presence of the hybrid role hierarchy

Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

Volumn 2006, Issue , 2006, Pages 81-90

  Joshi, James B D ^a   Bertino, Elisa ^b  

^a UNIVERSITY OF PITTSBURGH   (United States)

^b PURDUE UNIVERSITY   (United States)

Author keywords

Access control; Delegation; Hybrid hierarchy; Role based

Indexed keywords

HIERARCHICAL SYSTEMS; INFORMATION RETRIEVAL; SECURITY OF DATA; SEMANTICS;

DELEGATION; FINE GRAINED ACCESS CONTROL POLICIES; HYBRID HIERARCHY; ROLE BASED ACCESS CONTROL MODELS;

COMPUTER NETWORKS;

EID: 33748044645     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1133058.1133071     Document Type: Conference Paper

References (27)

1. [Atl05] V. Atluri, J. Warner, Supporting Conditional Delegation in Secure Workflow Management Systems, ACM Symposium on Access Control Models and Technologies, Sweden, Jun 1-3, 2005.
2. [Bar00] E. Barka and R. Sandhu, A Role-Based Delegation Model and Some Extensions, Proc. of 23rd National Information Systems Security Conference, Dec, 2000.
3. [Bar05] E. Barka and R. Sandhu, Role-Based Delegation Models/Hierarchical Roles, Proc Annual Computer Security Application Conference. 2004.
4. [Fer93] D. F. Ferraiolo, D. M. Gilbert, and N Lynch. An Examination of Federal and Commercial Access Control Policy Needs. In Proceedings of NISTNCSC National Computer Security Conference, pages 107-116, Baltimore, MD, September 20-23 1993.
5. [Fer01] D. F. Ferraiolo, R. Sandhu, S. Gavrila, D. Richard Kuhn, R. Chandramouli. Proposed NIST Standard for Role-based Access Control. ACM Transactions on Information and System Security (TISSEC) Volume 4, Issue 3, August 2001.
6. [Gas90] M. Gasser, E. McDermott, An Architecture for practical Delegation in a Distributed System, 1990 IEEE Computer Society Symposium on Research in Security and Privacy. May, 1990.
7. [Giu97] L. Giuri. Role-based access control: A natural approach. In Proceedings of the 1st ACM Workshop on Role-Based Access Control. ACM, 1997.
8. [Goh98] C. Goh and A. Baldwin, Towards a more Complete Model of Role, Proc. of 3rd ACM Workshop on Role-Based Access Control. October, 1998.
9. [Jos01a] J. B. D. Joshi, A. Ghafoor, W. Aref, E. H. Spafford. Digital Government Security Infrastructure Design Challenges. IEEE Computer, Vol. 34, No. 2, February 2001, pages 66-72.
10. [Jos01b] J. B. D. Joshi, W. G. Aref, A. Ghafoor and E. H. Spafford. Security models for web-based applications. Communications of the ACM, 44, 2 (Feb. 2001), pages 38-72.
11. th ACM Symposium on Access Control Models and Technologies. Monterey, CA, June 3-4, 2002.
12. [Jos03] J. B. D. Joshi, E. Bertino, A. Ghafoor. Hybrid Temporal Role Hierarchies in GTRBAC. Submitted to ACM Transactions on Information and System Security.
13. [Jos05] J. B. D. Joshi, E. Bertino, U. Latif, A. Ghafoor. Generalized Temporal Role Based Access Control Model. IEEE Transactions on Knowledge and Data Engineering, Vol 17, No. 1 pages 4-23, Jan, 2005.
14. [Liu04] R.W.C. Lui and L.C.K. Hui, A Model for Delegation of Accountability, IASTED International Conference on Software Engineering, SE 2004.
15. [Mof90] J. D. Moffett, Delegation of Authority Using Domain Based Access Rules, PhD Thesis. Dept of Computing, Imperial College, University of London. 1990.
16. [Nag98] N. Nagaratnam, D. Lea, Secure Delegation for Distributed Object Environments, USENIX Conference on Object Oriented Technologies and Systems. April, 1998.
17. [Osb00] S. Osborn, R. Sandhu, Q. Munawer. Configuring Role-based Access Control to Enforce Mandatory and Discretionary Access Control Policies. ACM Transactions on Information and System Security, 3(2):85-106, May 2000.
18. [San96a] R. Sandhu, E. J. Coyne, H. L. Feinstein, C. E. Youman. Role-Based Access Control Models. IEEE Computer 29(2): 38-47, IEEE Press, 1996
19. [San96b] R. Sandhu. Role Hierarchies and Constraints for Lattice-based Access Controls. In E. Bertino, H. Kurth, G. Martella, and E. Montolivo Eds., Computer Security - Esorics'96, LNCS N. 1146, Rome, Italy, 1996, pages 65-79.
20. [San98] R. Sandhu, Role Activation Hierarchies, 3rd ACM Workshop on Role-Bused Access Fairfax VA, 1998.
21. [San99] R. Sandhu, V. Bhamidipati and Q. Munawer, The ARBAC97 Model for Role-Based Administration of Roles, ACM Transactions on Information and System Security, Volume 2, Number 1, February, 1999.
22. [Sha04] B. Shafiq, J. B. D. Joshi, E. Bertino, A. Ghafoor, Secure Interoperation in a Multi-Domain Environment Employing RBAC Policies, Submitted to IEEE Transactions on Knowledge and Data Engineering (2004).
23. [Ste87] L. A. Stein, Delegation Is Inheritance, Proc. Of Object-Oriented Programming Systems, Languages, and Applications (OOPSLA '87). October, 1987.
24. [Tho97] R. K. Thomas. Team Based Access Control (TBAC): A Primitive for Applying Role-based Access Controls in Collaborative Environments. ACM Proceedings of the second ACM workshop on Role-based access control Fairfax., Nov, 1997.
25. [Wai05] J. Wainer, A. Kumar, A Fine-grained, Controllable, User-to-user Delegation Method in RBAC, ACM Symposium on Access Control Models and Technologies, Sweden, Jun 1-3, 2005.
26. [Zha03a] X. Zhang, S. Oh and R. Sandhu, PBDM: A Flexible Delegation Model in RBAC, SACMAT 2003.
27. [Zha03b] L. Zhang, G. Ahn, and B. Chu, A rule-based Framework for Role-Based Delegation, ACM Transactions on Information and Systems Security, Vol 6, No. 3, August 2003, Pages 404-4.