X-RDR: a role-based delegation processor for web-based information systems

Authors:
Shihyu Chou;Eric Jui-Lin Lu;Yi-Hui Chen
Affiliations:
Chung Hsing University, Taichung, Taiwan;Chaoyang University of Technology;Chaoyang University of Technology
Venue:
ACM SIGOPS Operating Systems Review
Year:
2005

Citing 18
Cited 0

Role-Based Access Control Models

Computer
Modern WISs

Communications of the ACM
Analysis and design of Web-based information systems

Selected papers from the sixth international conference on World Wide Web
Design and implementation of an access control processor for XML documents

Proceedings of the 9th international World Wide Web conference on Computer networks : the international journal of computer and telecommunications netowrking
A rule-based framework for role based delegation

SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
A fine-grained access control system for XML documents

ACM Transactions on Information and System Security (TISSEC)
ACM SIGAda Ada Letters

ACM SIGAda Ada Letters
Specifying and enforcing access control policies for XML document sources

World Wide Web
Securing XML Documents with Author-X

IEEE Internet Computing
Controlling Access to XML Documents

IEEE Internet Computing
XML-Based Distributed Access Control System

EC-WEB '02 Proceedings of the Third International Conference on E-Commerce and Web Technologies
The PERMIS X.509 role based privilege management infrastructure

Future Generation Computer Systems - Special section: Selected papers from the TERENA networking conference 2002
PBDM: a flexible delegation model in RBAC

Proceedings of the eighth ACM symposium on Access control models and technologies
Framework for role-based delegation models

ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
Integrating PMI services in CORBA applications

Computer Standards & Interfaces - CORBA: protocols, applications, process models and standards
A rule-based framework for role-based delegation and revocation

ACM Transactions on Information and System Security (TISSEC)
Applying the Semantic Web Layers to Access Control

DEXA '03 Proceedings of the 14th International Workshop on Database and Expert Systems Applications
Design and implementation of a fine-grained menu control processor for web-based information systems

Future Generation Computer Systems - Selected papers on theoretical and computational aspects of structural dynamical systems in linear algebra and control

Quantified Score

Hi-index	0.00

Visualization

Abstract

Although Web-based information systems (WISs) have been widely used by enterprises to accomplish business tasks through the Internet, there is little research on designing a flexible access control and delegation model for WISs. In this paper, we design a user-to-user and role-to-role delegation model (called X-RDR model) for WISs. The authorization and delegation policies are encoded in XML and the granularity of control can be as small as a text-field or button. Additionally, the proposed model supports single-step delegation, multi-step delegation, multiple delegation, partial delegation, separation of duties, and cascading revocation. A prototype was also implemented to demonstrate the feasibility of the proposed model.