Towards a logical formalization of responsibility
Proceedings of the 6th international conference on Artificial intelligence and law
Formal Characterizations of Active Databases: Part II
DOOD '97 Proceedings of the 5th International Conference on Deductive and Object-Oriented Databases
Author Obliged to Submit Paper before 4 July: Policies in an Enterprise Specification
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Obligation Monitoring in Policy Management
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
Cassandra: Flexible Trust Management, Applied to Electronic Health Records
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Obligation Policies: An Enforcement Platform
POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
Communications of the ACM - Privacy and security in highly dynamic systems
On the modeling and analysis of obligations
Proceedings of the 13th ACM conference on Computer and communications security
Modeling contextual security policies
International Journal of Information Security
Consent-Based Workflows for Healthcare Management
POLICY '08 Proceedings of the 2008 IEEE Workshop on Policies for Distributed Systems and Networks
An Extended Role-Based Access Control Model for Delegating Obligations
TrustBus '09 Proceedings of the 6th International Conference on Trust, Privacy and Security in Digital Business
A delegation model for extended RBAC
International Journal of Information Security
Analysis of privacy and security policies
IBM Journal of Research and Development
Hi-index | 0.00 |
In this paper, we describe a security model where users are allowed to control their obligations partially or totally, depending on the security policy. The main motivation of our work is to design more flexible systems that take into account users' requirements in order to avoid obligation violations and therefore sanctions. In our model, users are able to negotiate or delegate their obligations in the case of incapacity to fulfill them. This is an important aspect to be considered, since it is common that, at work or in everyday life, a user may need to negotiate the fulfillment of a given obligation, or also need the help of others to perform a task on his/her behalf. This may be due to several reasons such as absence, vacation, conflict of interest, lack of time, of resource, of competence or simply for the sake of efficiency. In our model, we propose an approach to deal with the negotiation and the delegation of obligations based on the concept of contexts.