OS-DRAM: a delegation administration model in a decentralized enterprise environment

Authors:
Changwoo Byun;Seog Park;Sejong Oh
Affiliations:
Department of Computer Science, Sogang University, Seoul, South Korea;Department of Computer Science, Sogang University, Seoul, South Korea;Department of Computer Science, Dankook University, Cheonan, South Korea
Venue:
WAIM '06 Proceedings of the 7th international conference on Advances in Web-Age Information Management
Year:
2006

Citing 9
Cited 0

Role-Based Access Control Models

Computer
Formal specification for role based access control user/role and role/role relationship management

RBAC '98 Proceedings of the third ACM workshop on Role-based access control
The ARBAC97 model for role-based administration of roles

ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The NIST model for role-based access control: towards a unified standard

RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
A model for role administration using organization structure

SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
PBDM: a flexible delegation model in RBAC

Proceedings of the eighth ACM symposium on Access control models and technologies
The ARBAC99 Model for Administration of Roles

ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Organization based access control

POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
A rule-based framework for role-based delegation and revocation

ACM Transactions on Information and System Security (TISSEC)

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper, we propose an effective delegation administration model using the organizational structure. From a user-level delegation point of view, previous delegation models built on the (Administrative) Role-Based Access Control model cannot present the best solution to security problems such as the leakage of information and the abuse of delegation in a decentralized enterprise environment. Thus, we propose a new integrated management model of administration role-based access control model and delegation policy, which is called the OS-DRAM. This defines the authority range in an organizational structure that is separated from role hierarchy and supports a clear criterion for user-level delegation administration. Consequently, the OS-DRAM supports a decentralized user-level delegation policy in which a regular user can freely delegate his/her authority to other users within a security officer's authority range with-out the security officer's intervention.