A rule-based language with functions and sets
ACM Transactions on Database Systems (TODS)
Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
A calculus for access control in distributed systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
Role-Based Access Control Models
Computer
Access control for large collections
ACM Transactions on Information Systems (TOIS)
Rationale for the RBAC96 family of access control models
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
A role-based access control model and reference implementation within a corporate intranet
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
A rule-based framework for role based delegation
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
A model of OASIS role-based access control and its support for active security
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Role-based authorization constraints specification
ACM Transactions on Information and System Security (TISSEC)
A role-based delegation framework for healthcare information systems
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Advanced ColdFusion 4 Application Development with CDROM
Advanced ColdFusion 4 Application Development with CDROM
Certified ColdFusion Developer Study Guide
Certified ColdFusion Developer Study Guide
Framework for role-based delegation models
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
A Logic-based Knowledge Representation for Authorization with Delegation
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Decentralized Trust Management
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
A Practically Implementable and Tractable Delegation Logic
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
A composite rbac approach for large, complex organizations
Proceedings of the ninth ACM symposium on Access control models and technologies
X-RDR: a role-based delegation processor for web-based information systems
ACM SIGOPS Operating Systems Review
Access control in collaborative systems
ACM Computing Surveys (CSUR)
A fine-grained, controllable, user-to-user delegation method in RBAC
Proceedings of the tenth ACM symposium on Access control models and technologies
Formal specification of role-based security policies for clinical information systems
Proceedings of the 2005 ACM symposium on Applied computing
Fine-grained role-based delegation in presence of the hybrid role hierarchy
Proceedings of the eleventh ACM symposium on Access control models and technologies
Delegation in the role graph model
Proceedings of the eleventh ACM symposium on Access control models and technologies
Towards secure information sharing using role-based delegation
Journal of Network and Computer Applications - Special issue: Network and information security: A computational intelligence approach
RBAC administration in distributed systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Commitment issues in delegation process
AISC '08 Proceedings of the sixth Australasian conference on Information security - Volume 81
On the Security of Delegation in Access Control Systems
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Towards the development of privacy-aware systems
Information and Software Technology
Revocation Schemes for Delegation Licences
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Research on Dynamic Delegation Model
WI-IAT '08 Proceedings of the 2008 IEEE/WIC/ACM International Conference on Web Intelligence and Intelligent Agent Technology - Volume 03
International Journal of Computer Integrated Manufacturing
Modelling task delegation for human-centric eGovernment workflows
Proceedings of the 10th Annual International Conference on Digital Government Research: Social Networks: Making Connections between Citizens, Data and Government
Delegating revocations and authorizations in collaborative business environments
Information Systems Frontiers
A flexible delegation processor for web-based information systems
Computer Standards & Interfaces
A Mechanism for Identity Delegation at Authentication Level
NordSec '09 Proceedings of the 14th Nordic Conference on Secure IT Systems: Identity and Privacy in the Internet Age
Injecting a permission-based delegation model to secure web-based workflow systems
ISI'09 Proceedings of the 2009 IEEE international conference on Intelligence and security informatics
Refinement for administrative policies
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
Collaboration for human-centric eGovernment workflows
WISE'07 Proceedings of the 2007 international conference on Web information systems engineering
Delegating revocations and authorizations
BPM'07 Proceedings of the 2007 international conference on Business process management
Apply measurable risk to strengthen security of a role-based delegation supporting workflow system
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
A persistent data tracking mechanism for user-centric identity governance
Identity in the Information Society
Detection of anomalous insiders in collaborative environments via relational analysis of access logs
Proceedings of the first ACM conference on Data and application security and privacy
xDAuth: a scalable and lightweight framework for cross domain access control and delegation
Proceedings of the 16th ACM symposium on Access control models and technologies
Delegation in a distributed healthcare context: a survey of current approaches
ISC'06 Proceedings of the 9th international conference on Information Security
OS-DRAM: a delegation administration model in a decentralized enterprise environment
WAIM '06 Proceedings of the 7th international conference on Advances in Web-Age Information Management
XML-Based revocation and delegation in a distributed environment
EDBT'04 Proceedings of the 2004 international conference on Current Trends in Database Technology
A task-oriented access control model for WfMS
ISPEC'05 Proceedings of the First international conference on Information Security Practice and Experience
Delegation in role-based access control
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
ShareEnabler: policy-driven access management for ad-hoc collaborative sharing
EDBT'06 Proceedings of the 2006 international conference on Current Trends in Database Technology
International Journal of Information Management: The Journal for Information Professionals
Comprehensive two-level analysis of role-based delegation and revocation policies with UML and OCL
Information and Software Technology
OSDM: an organizational supervised delegation model for RBAC
ISC'12 Proceedings of the 15th international conference on Information Security
A model for trust-based access control and delegation in mobile clouds
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
Analysis of TRBAC with dynamic temporal role hierarchies
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
Mining Deviations from Patient Care Pathways via Electronic Medical Record System Audits
ACM Transactions on Management Information Systems (TMIS) - Special Issue on Informatics for Smart Health and Wellbeing
Policy-driven role-based access management for ad-hoc collaboration
Journal of Computer Security
| Hi-index | 0.00 |
Delegation is the process whereby an active entity in a distributed environment authorizes another entity to access resources. In today's distributed systems, a user often needs to act on another user's behalf with some subset of his/her rights. Most systems have attempted to resolve such delegation requirements with ad-hoc mechanisms by compromising existing disorganized policies or simply attaching additional components to their applications. Still, there is a strong need in the large, distributed systems for a mechanism that provides effective privilege delegation and revocation management. This paper describes a rule-based framework for role-based delegation and revocation. The basic idea behind a role-based delegation is that users themselves may delegate role authorities to others to carry out some functions authorized to the former. We present a role-based delegation model called RDM2000 (role-based delegation model 2000) supporting hierarchical roles and multistep delegation. Different approaches for delegation and revocation are explored. A rule-based language for specifying and enforcing policies on RDM2000 is proposed. We describe a proof-of-concept prototype implementation of RDM2000 to demonstrate the feasibility of the proposed framework and provide secure protocols for managing delegations. The prototype is a web-based application for law enforcement agencies allowing reliable delegation and revocation. The future directions are also discussed.