A calculus for access control in distributed systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
A non-timestamped authorization model for data management systems
CCS '96 Proceedings of the 3rd ACM conference on Computer and communications security
Rationale for the RBAC96 family of access control models
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Supporting relationships in access control using role based access control
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
ACM Transactions on Database Systems (TODS)
A role-based delegation framework for healthcare information systems
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
XSLT Programmer's Reference
WISE '02 Proceedings of the 3rd International Conference on Web Information Systems Engineering
Framework for role-based delegation models
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
ADC '03 Proceedings of the 14th Australasian database conference - Volume 17
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Revocation Schemes for Delegated Authorities
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
A Consumer Scalable Anonymity Payment Scheme with Role-Based Access Control
WISE '01 Proceedings of the Second International Conference on Web Information Systems Engineering (WISE'01) Volume 1 - Volume 1
A rule-based framework for role-based delegation and revocation
ACM Transactions on Information and System Security (TISSEC)
A Global Ticket-Based Access Scheme for Mobile Users
Information Systems Frontiers
A Role-Based Framework for Business Process Modeling
HICSS '05 Proceedings of the Proceedings of the 38th Annual Hawaii International Conference on System Sciences (HICSS'05) - Track 1 - Volume 01
A Flexible Payment Scheme and Its Role-Based Access Control
IEEE Transactions on Knowledge and Data Engineering
A framework for role-based group deligation in distributed environments
ACSC '06 Proceedings of the 29th Australasian Computer Science Conference - Volume 48
Access Control and Authorization Constraints for WS-BPEL
ICWS '06 Proceedings of the IEEE International Conference on Web Services
Access control in collaborative commerce
Decision Support Systems
Version management in the business process change context
BPM'07 Proceedings of the 5th international conference on Business process management
Achieving secure and flexible M-services through tickets
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Understanding motivations for Internet use in distance education
IEEE Transactions on Education
Hi-index | 0.00 |
Efficient collaboration allows organizations and individuals to improve the efficiency and quality of their business activities. Delegations, as a signif icant approach, may occur as workflow collabora tions, supply chain collaborations, or collaborative commerce. Role-based delegation models have been used as flexible and efficient access management for collaborative business environments. Delegation revocations can provide significant functionalities for the models in business environments when the delegated roles or permissions are required to get back. However, problems may arise in the revocation process when one user delegates user U a role and another user delegates U a negative authorization of the role. This paper aims to analyse various role-based delegation revocation features through examples. Revocations are categorized in four dimensions: Dependency, Resilience, Propagation and Dominance. According to these dimensions, sixteen types of revocations exist for specific requests in collaborative business environments: DependentWeakLocalDelete, Dependent WeakLocalNegative, DependentWeakGlobalDelete, DependentWeakGlobalNegative, IndependentWeak LocalDelete, IndependentWeakLocalNegative, Inde pendentWeakGlobalDelete, IndependentWeakGlobal Negative, and so on. We present revocation delegating models, and then discuss user delegation authorization and the impact of revocation operations. Finally, comparisons with other related work are discussed.