Role Delegation for a Distributed, Unified RBAC/MAC*

The day-today operations of corporations and government agencies rely on inter-operating legacy, COTs, databases, clients, servers, etc., which are brought together into a distributed environment running middleware (e.g., CORBA, JINI, DCOM, etc.). Both access control and security assurance within these distributed applications is paramount. Of particular concern is the delegation of authority, where an authorized individual (not the security officer) may delegate all or part of his/her authority to another individual, increasing security risk. The ability of an authorized individual to operate in a manner akin to a security officer, without oversight, must be carefully considered. This paper explores the definition and inclusion of role delegation into an existing distributed, unified role-based/mandatory access-control (RBAC/MAC) security model and enforcement framework. The RBAC/MAC model/framework controls access to software APIs to limit, by role, which users (clients) can access which parts of APIs, constrained by time, classification, and data values. This paper uses the RBAC/MAC model/enforcement framework as a context for a detailed examination of role delegation, including: the general characteristics of role delegation; the incorporation of role-delegation into the RBAC/MAC security model; and, the impact of role delegation on security assurance at design and run times.