Negotiating and delegating obligations
Proceedings of the International Conference on Management of Emergent Digital EcoSystems
Model-driven adaptive delegation
Proceedings of the 12th annual international conference on Aspect-oriented software development
Policy administration in tag-based authorization
FPS'12 Proceedings of the 5th international conference on Foundations and Practice of Security
Hi-index | 0.00 |
In the field of access control, delegation is an important aspect that is considered part of the administration mechanism. Thus, a comprehensive access control model must provide a flexible administration model to manage delegation and revocation. Unfortunately, to our best knowledge, there is no complete model for describing all delegation requirements for role-based access control. Therefore, proposed models are often extended to support new delegation or revocation characteristics, which is a complex task to manage and requires the redefinition of these models. Moreover, since delegation is modelled separately from administration, this requires the specification of a separate security policy to deal with delegation. In this paper, we describe a new delegation approach for extended role-based access control models. We show that our approach is flexible and is sufficient to deal with administration and delegation requirements in a homogeneous unified framework. Moreover, it provides means to express various delegation and revocation dimensions in a simple manner.