Towards secure information sharing using role-based delegation

Journal of Network and Computer Applications

Volumn 30, Issue 1, 2007, Pages 42-59

  Ahn, Gail Joon ^a   Mohan, Badrinath ^a   Hong, Seng Phil ^b  

^a UNIVERSITY OF NORTH CAROLINA AT CHARLOTTE   (United States)

^b Korea Advanced Institute of Science and Technology (KAIST)   (South Korea)

Author keywords

Delegation; Information sharing; Role based

Indexed keywords

COMPUTATION THEORY; COMPUTER ARCHITECTURE; RESOURCE ALLOCATION; RISK ASSESSMENT; STRATEGIC PLANNING;

AUTHORIZED PERSONNEL; DELEGATION FRAMEWORK; DIGITAL INFORMATION; INFORMATION SHARING;

INFORMATION DISSEMINATION;

EID: 33750534177     PISSN: 10848045     EISSN: 10958592     Source Type: Journal    
DOI: 10.1016/j.jnca.2005.08.004     Document Type: Article

References (24)

1. Abadi M., Burrows M., Lampson B., and Plotkin G. A calculus for access control in distributed systems. ACM Trans Programming Languages Systems 15 4 (1993) 706-734
2. Ahn G-J, Sandhu R. Role-based authorization constraints specification. ACM Trans Inf System Security 2003;3(4):207-26.
3. Ahn G-J, Zhang L, Shin D, Chu B. Authorization management for role-based collaboration. In: IEEE international conference on system, man and cybernetic (SMC2003); Washington, DC, October 2003. p. 4128-214.
4. Barka E, Sandhu R. A role-based delegation model and some extensions. In: Proceedings of the 16th annual computer security application conference; Sheraton, New Orleans. December 11-15, 2000a.
5. Barka E, Sandhu R. Framework for role-based delegation model. In: Proceedings of the 23rd national information systems security conference; Baltimore, MD, October 16-19, 2000b. p. 101-14.
6. Bertino E., Ferrari E., and Atluri V. The specification and enforcement of authorization constraints in workflow management systems. ACM Trans Inf System Security 2 1 (1999) 65-104
7. Bertino E., Jajodia S., and Samarati P. A flexible authorization mechanism for relational data management systems. ACM Trans Inf Systems 17 2 (1999) 101-140
8. Blaze M., Feigenbaum J., and Lacy J. Decentralized trust management. Proceedings of the 1996 IEEE symposium on security and privacy (May 1996) 164-173
9. Candea G., and Fox A. Using dynamic mediation to integrate COTS entities in a ubiquitous computing environment. Proceedings of the second international symposium on handheld and ubiquitous computing (2000)
10. Ferraiolo D.F., Barkley J.F., and Kuhn D.R. A role based access control model and reference implementation within a corporate intranet. ACM Trans Inf System Security 2 1 (1999)
11. Gasser M, McDermott E. An architecture for practical delegation in a distributed system. In: Proceedings of the IEEE computer society symposium on research in security and privacy; Oakland, CA, May 7-9, 1990.
12. Godo L., Puyol-Gruart J., Sabater J., Torra V., Barrufet P., and Fàbregas X. A multi-agent system approach for monitoring the prescription of restricted use of antibiotics. Artif Intell Med 27 3 (2003) 259-282
13. Goldberg I., Gribble S.D., Wagner D., and Brewer E.A. The Ninja jukebox. Proceedings of the second USENIX symposium on internet technologies and systems (USITS-99) (1999)
14. Gribble, SD, et al. The Ninja architecture for robust Internet-scale systems and services. Comput Networks 2001.
15. Hagstrom A, Jajodia S, Presicce FP, Wijesekera D. Revocations-a classification. In: Proceedings of the 14th IEEE computer security foundations workshop; Nova Scotia, Canada, June 2001. p. 44-58.
16. Kagal L, Finin T, Joshi A. Trust-based security in pervasive computing environments. IEEE Comput 2001. p. 2-5.
17. Lupu E., and Sloman M. A policy based role object model. Proceedings of the first IEEE international enterprise distributed object computing workshop (EDOC'97) (1997)
18. Myers BA, Stiel H, Gargiulo R. Collaboration using multiple PDAs connected to a PC. In: Proceedings of the CSCW'98: ACM conference on computer-supported cooperative work; Seattle, WA, November 14-18, 1998. p. 285-294.
19. The Pittsburgh Pebbles PDA Project. Available at www.cs.cmu.edu/∼pebbles; 2004
20. Sandhu R.S., Coyne E.J., Feinstein H.L., and Youman C.E. Role-based access control models. IEEE Comput 29 2 (1996) 38-47
21. Sandhu R., Bhamidipati V., and Munawer Q. The ARBAC97 model for role-based administration of roles. ACM Trans Inf System Security 2 1 (1999)
22. Shin D, Ahn G-J, Cho S. Role-based EAM using X.509 attribute certificate. In: Proceedings of the sixteenth annual IFIP WG 11.3 working conference on data and application security; King's College, University of Cambridge, UK, July 29-31, 2002. p. 285-94.
23. Zhang L, Ahn G-J, Chu B. A rule-based framework for role-based delegation and revocation. ACM Trans Inf System Security 2003;6(3):404-41.
24. ITU-T Recommendation X.509. Information technology: open systems interconnection-the directory: public-key and attribute certificate frameworks, ISO/IEC 9594-8, 2001.