OSDM: an organizational supervised delegation model for RBAC

Authors:
Nezar Nassr;Nidal Aboudagga;Eric Steegmans
Affiliations:
Dept. of Computer Science and Engineering, Katholieke Universiteit Leuven, Leuven, Belgium;SecureICT, Belgium;Dept. of Computer Science and Engineering, Katholieke Universiteit Leuven, Leuven, Belgium
Venue:
ISC'12 Proceedings of the 15th international conference on Information Security
Year:
2012

Citing 17
Cited 0

Role-Based Access Control Models

Computer
The uses of role hierarchies in access control

RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
An authorization mechanism for a relational database system

ACM Transactions on Database Systems (TODS)
Protection in operating systems

Communications of the ACM
A rule-based framework for role based delegation

SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Authorization and Revocation in Object-Oriented Databases

IEEE Transactions on Knowledge and Data Engineering
User Group Structures in Object-Oriented Database Authorization

Proceedings of the IFIP WG11.3 Working Conference on Database Security VII
PBDM: a flexible delegation model in RBAC

Proceedings of the eighth ACM symposium on Access control models and technologies
Framework for role-based delegation models

ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
A rule-based framework for role-based delegation and revocation

ACM Transactions on Information and System Security (TISSEC)
Organization Design

Management Science
Decentralized authorization in a database system

VLDB '79 Proceedings of the fifth international conference on Very Large Data Bases - Volume 5
Delegation in role-based access control

International Journal of Information Security
Capability-based delegation model in RBAC

Proceedings of the 15th ACM symposium on Access control models and technologies
A framework for modeling organization structure in role engineering

PARA'04 Proceedings of the 7th international conference on Applied Parallel Computing: state of the Art in Scientific Computing
Delegation in role-based access control

ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
ROAC: a role-oriented access control model

WISTP'12 Proceedings of the 6th IFIP WG 11.2 international conference on Information Security Theory and Practice: security, privacy and trust in computing systems and ambient intelligent ecosystems

Quantified Score

Hi-index	0.00

Visualization

Abstract

The dynamic nature of operations in organizations has led to an interest in roles and permissions delegation to enable a seamless continuity of business. Delegation involves assigning a given set of access rights from one user to another. In existing role delegation models, delegation is often authorized and controlled by a relation that specifies who can delegate to whom. The usage of such relations in delegation models has some disadvantages; such as complexity of maintenance, error proneness, inconsistencies and inabilities to define some organizational policies related to delegation. In this paper, we propose a new delegation model that depends on organizational lines of authority to authorize and control delegation. The main advantages of this approach are that it simplifies the management of delegation authorization and complies with organizational behavior. Furthermore, it eliminates inconsistencies related to changes to roles and permissions.