Role-Based Access Control Models
Computer
The ARBAC97 model for role-based administration of roles: preliminary description and outline
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
An Oracle implementation of the PRA97 model for permission-role assignment
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
Observations on the role life-cycle in the context of enterprise security management
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
The URA97 Model for Role-Based User-Role Assignment
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
How Role Based Access Control is Implemented in SESAME
WET-ICE '97 Proceedings of the 6th Workshop on Enabling Technologies on Infrastructure for Collaborative Enterprises
Information Technology and Management
Reference reconciliation in complex information spaces
Proceedings of the 2005 ACM SIGMOD international conference on Management of data
Information Sciences: an International Journal
Secure delegation for distributed object environments
COOTS'98 Proceedings of the 4th conference on USENIX Conference on Object-Oriented Technologies and Systems - Volume 4
Using time-stamp to improve the security of a chaotic maps-based key agreement protocol
Information Sciences: an International Journal
Fast S-box security mechanism research based on the polymorphic cipher
Information Sciences: an International Journal
A heterogeneous network access service based on PERMIS and SAML
EuroPKI'05 Proceedings of the Second European conference on Public Key Infrastructure
An extension of secure group communication using key graph
Information Sciences: an International Journal
Information Sciences: an International Journal
An efficient key assignment scheme for access control in a large leaf class hierarchy
Information Sciences: an International Journal
| Hi-index | 0.07 |
User authority delegation is granting or withdrawing access to computer-based information by entities that own and/or control that information. These entities must consider who should be granted access to specific information in the organization and determine reasonable authority delegation. Role Based Access Control (RBAC) delegation management, where user access authority is granted for the minimum resources necessary for users to perform their tasks, is not suitable for the actual working environment of an organization. Currently, RBAC implementations cannot correctly model inheritance and rules for different delegations are in conflict. Further, these systems require that user roles, positions, and information access be continuously and accurately updated, resulting in a manual, error-prone access delegation system. This paper presents a proposal for a new authority delegation model, which allows users to identify their own function-based delegation requirements as the initial input to the RBAC process. The conditions for delegations are identified and functions to implement these delegations are defined. The criteria for basic authority delegation, authentication and constraints are quantified and formulated for evaluation. An analysis of the proposed model is presented showing that this approach both minimizes errors in delegating authority and is more suitable for authority delegation administration in real organizational applications.