Role-Based Access Control Models
Computer
Towards a more complete model of role
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
ACM Transactions on Database Systems (TODS)
An authorization mechanism for a relational database system
ACM Transactions on Database Systems (TODS)
Complexity and expressive power of logic programming
ACM Computing Surveys (CSUR)
An authorization model for temporal and derived data: securing information portals
ACM Transactions on Information and System Security (TISSEC)
A model of OASIS role-based access control and its support for active security
ACM Transactions on Information and System Security (TISSEC)
Resolving Conflicts in Authorization Delegations
ACISP '02 Proceedings of the 7th Australian Conference on Information Security and Privacy
PBDM: a flexible delegation model in RBAC
Proceedings of the eighth ACM symposium on Access control models and technologies
The ARBAC99 Model for Administration of Roles
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Framework for role-based delegation models
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
A rule-based framework for role-based delegation and revocation
ACM Transactions on Information and System Security (TISSEC)
Role-based cascaded delegation
Proceedings of the ninth ACM symposium on Access control models and technologies
Fidelis: a policy-driven trust management framework
iTrust'03 Proceedings of the 1st international conference on Trust management
Fine-grained role-based delegation in presence of the hybrid role hierarchy
Proceedings of the eleventh ACM symposium on Access control models and technologies
Delegation in the role graph model
Proceedings of the eleventh ACM symposium on Access control models and technologies
RBAC administration in distributed systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Commitment issues in delegation process
AISC '08 Proceedings of the sixth Australasian conference on Information security - Volume 81
On the Security of Delegation in Access Control Systems
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Graph-based delegation authorization in workflow
CCDC'09 Proceedings of the 21st annual international conference on Chinese control and decision conference
Refinement for administrative policies
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
Capability-based delegation model in RBAC
Proceedings of the 15th ACM symposium on Access control models and technologies
IBM Journal of Research and Development
Intrusion-tolerant fine-grained authorization for Internet applications
Journal of Systems Architecture: the EUROMICRO Journal
Greedy algorithm for least privilege in RBAC model
COCOA'11 Proceedings of the 5th international conference on Combinatorial optimization and applications
Discretionary capability confinement
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Delegation in role-based access control
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Comprehensive two-level analysis of role-based delegation and revocation policies with UML and OCL
Information and Software Technology
MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
A model for trust-based access control and delegation in mobile clouds
DBSec'13 Proceedings of the 27th international conference on Data and Applications Security and Privacy XXVII
| Hi-index | 0.00 |
This paper addresses the issues surrounding user-to-user delegation in RBAC. We show how delegations can be incorporated into the RBAC model in a simple and straightforward manner. A special feature of the model is that it allows fine-grained control over what rights a user wishes to delegate as opposed to delegation at the role level where all the rights of a role must be delegated. In addition, the model provides a rich set of controls regarding further delegations of a right, generic constraints that further control delegations, and an innovative model for revocations. Properties of both delegation and revocation are discussed, and our work is compared with other related research.