Organization based access control
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Revocation Schemes for Delegated Authorities
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
A rule-based framework for role-based delegation and revocation
ACM Transactions on Information and System Security (TISSEC)
Role-Based Delegation Model/ Hierarchical Roles (RBDM1)
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Flexible and Manageable Delegation of Authority in RBAC
AINAW '07 Proceedings of the 21st International Conference on Advanced Information Networking and Applications Workshops - Volume 02
Managing Delegation in Access Control Models
ADCOM '07 Proceedings of the 15th International Conference on Advanced Computing and Communications
A Delegation-Based Workflow Access Control Model
ISDPE '07 Proceedings of the The First International Symposium on Data, Privacy, and E-Commerce
Modeling contextual security policies
International Journal of Information Security
An Extended Role-Based Access Control Model for Delegating Obligations
TrustBus '09 Proceedings of the 6th International Conference on Trust, Privacy and Security in Digital Business
An efficient access control based on role attributes in service oriented environments
Proceedings of the 6th International Conference on Ubiquitous Information Management and Communication
Policy administration in tag-based authorization
FPS'12 Proceedings of the 5th international conference on Foundations and Practice of Security
Hi-index | 0.00 |
The paper presents revocation schemes in role-based access control models. We are particularly interested in two key issues: how to perform revocation and how to manage the revocation policy. We show how to deal with these two aspects in the delegation model based on the OrBAC formalism and its administration licence concept. This model provides means to manage several delegation types, such as the delegation or transfer of permissions and roles, multi-step delegation and temporary delegation. We state formally in this paper how to manage the revocation of these delegation schemes. Our model supports a wide spectrum of revocation dimensions such as propagation, dominance, dependency, automatic/user revocation, transfer revocation and role/permission revocation.