A non-timestamped authorization model for data management systems
CCS '96 Proceedings of the 3rd ACM conference on Computer and communications security
A unified framework for enforcing multiple access control policies
SIGMOD '97 Proceedings of the 1997 ACM SIGMOD international conference on Management of data
ACM Transactions on Database Systems (TODS)
System R: relational approach to database management
ACM Transactions on Database Systems (TODS)
An authorization mechanism for a relational database system
ACM Transactions on Database Systems (TODS)
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
An Extended Authorization Model for Relational Databases
IEEE Transactions on Knowledge and Data Engineering
Framework for role-based delegation models
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Revocation Schemes for Delegated Authorities
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
A rule-based framework for role-based delegation and revocation
ACM Transactions on Information and System Security (TISSEC)
Removing permissions in the flexible authorization framework
ACM Transactions on Database Systems (TODS)
A fine-grained, controllable, user-to-user delegation method in RBAC
Proceedings of the tenth ACM symposium on Access control models and technologies
Formal specification of role-based security policies for clinical information systems
Proceedings of the 2005 ACM symposium on Applied computing
Towards secure information sharing using role-based delegation
Journal of Network and Computer Applications - Special issue: Network and information security: A computational intelligence approach
Revocation Schemes for Delegation Licences
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Protecting Information Sharing in Distributed Collaborative Environment
Advanced Web and NetworkTechnologies, and Applications
Modelling task delegation for human-centric eGovernment workflows
Proceedings of the 10th Annual International Conference on Digital Government Research: Social Networks: Making Connections between Citizens, Data and Government
A Lightweight Delegated Privileges Revocation Scheme Based on Coding
Proceedings of the 2005 conference on Applied Public Key Infrastructure: 4th International Workshop: IWAP 2005
Delegating revocations and authorizations in collaborative business environments
Information Systems Frontiers
Collaboration for human-centric eGovernment workflows
WISE'07 Proceedings of the 2007 international conference on Web information systems engineering
Delegating revocations and authorizations
BPM'07 Proceedings of the 2007 international conference on Business process management
A model for distribution and revocation of certificates
ICGT'10 Proceedings of the 5th international conference on Graph transformations
Dynamics in delegation and revocation schemes: a logical approach
DBSec'11 Proceedings of the 25th annual IFIP WG 11.3 conference on Data and applications security and privacy
Revocation scheme for PMI based upon the tracing of certificates chains
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part IV
Delegation in role-based access control
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Secure and efficient information sharing in multi-university E-Learning environments
ICWL'07 Proceedings of the 6th international conference on Advances in web based learning
Comprehensive two-level analysis of role-based delegation and revocation policies with UML and OCL
Information and Software Technology
| Hi-index | 0.00 |
Abstract: In an ownership-based framework for access control, with the possibility of granting access and administrative rights, chains of granted accesses will form. This is a comprehensive study of the problem of revoking such rights, and on the impact different revocation schemes may have on the chains. Three main revocation characteristics are identified: the extent of the revocation to other grantees (propagation), the effect on other grants to the same grantee (dominance), and the permanence of the negation of rights (resilience). A classification is devised using these three dimensions. The different schemes thus obtained are described, and compared to other models from the literature.