Author Obliged to Submit Paper before 4 July: Policies in an Enterprise Specification
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Obligation Monitoring in Policy Management
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
Nomad: A Security Model with Non Atomic Actions and Deadlines
CSFW '05 Proceedings of the 18th IEEE workshop on Computer Security Foundations
Obligation Policies: An Enforcement Platform
POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
Communications of the ACM - Privacy and security in highly dynamic systems
Modeling conversation policies using permissions and obligations
Autonomous Agents and Multi-Agent Systems
High Level Conflict Management Strategies in Advanced Access Control Models
Electronic Notes in Theoretical Computer Science (ENTCS)
Modeling contextual security policies
International Journal of Information Security
Revocation Schemes for Delegation Licences
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Negotiating and delegating obligations
Proceedings of the International Conference on Management of Emergent Digital EcoSystems
Formal enforcement and management of obligation policies
Data & Knowledge Engineering
Formal specification and management of security policies with collective group obligations
Journal of Computer Security
Hi-index | 0.00 |
The main aim of access control models is to provide means to simplify the management of the security policy, which is a fastidious and error-prone task. Supporting delegation is considered as an important mean to decentralize the administration and therefore to allow security policy to be more flexible and easier to manipulate. Our main contribution is the proposition of a unified model to the administration and delegation of obligations. Managing such delegations implies more requirements than managing traditional privileges delegation. In fact, delegating obligations may include two interpretations: the delegation of the obligation and the delegation of the responsibility related to this obligation. Therefore, it is important to deal with these two notions separately. Moreover, since delegating an obligation involves the delegation of sanctions, then the consent of the user who receives this delegation may be required in some cases. We address in this paper these requirements and we propose a formalism to deal with them.