Towards a more complete model of role
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
A rule-based framework for role based delegation
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
PBDM: a flexible delegation model in RBAC
Proceedings of the eighth ACM symposium on Access control models and technologies
Framework for role-based delegation models
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
A Model for Attribute-Based User-Role Assignment
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
| Hi-index | 0.00 |
Delegation constraint of current delegation models is mostly delegation prerequisite conditions. In these models, delegation security fully depends on delegator and security administrator. In many cases, we need a more secured delegation with a strict constraint. This paper proposes an Attribute-Based-Delegation-Model (ABDM) with an extended delegation constraint. The delegation constraint in ABDM includes delegation attribute expression (DAE) and delegation prerequisite conditions. In ABDM, delegatee must satisfy delegation constraint (especially DAE) when assigned to a delegation role. With this delegation constraint, delegator can restrict the candidate of delegatee more strictly. ABDM relieves the security management effort of delegator and security administrator in delegation. ABDM also supports two new types of delegations: decided-delegatee and undecided-delegatee.