A Role-Based Delegation Model and Some Extensions
نویسندگان
چکیده
In Role-based Access control (RBAC) permissions are associated with roles and users are made members of roles thereby acquiring the associated permissions. User delegation in RBAC is the ability of one user (called the delegating user) who is a member of the delegated role to authorize another user (called the delegate user) to become a member of the delegated role. This paper proposes a simple but practically useful model for delegation called RBDM0 (role-based delegation model zero). The paper also explores some extensions to RBDM0 including issues of revocation, partial delegation, multiple step delegation, and delegation with hierarchical roles.
منابع مشابه
A Petri-net based modeling tool, for analysis and evaluation of computer systems
Petri net is one of the most popular methods in modeling and evaluation of concurrent and event-based systems. Different tools have been created to support modeling and simulation of different extensions of Petri net in different applications. Each tool supports some extensions and some features. In this work a Petri net based modeling and evaluation tool is presented that not only supports dif...
متن کاملPrivacy Preserving Dynamic Access Control Model with Access Delegation for eHealth
eHealth is the concept of using the stored digital data to achieve clinical, educational, and administrative goals and meet the needs of patients, experts, and medical care providers. Expansion of the utilization of information technology and in particular, the Internet of Things (IoT) in eHealth, raises various challenges, where the most important one is security and access control. In this re...
متن کاملDetecting Conflicts in a Role-Based Delegation Model
The RBAC96 access control model has been the basis for extensive work on role-based constraint specification and role-based delegation. However, these practical extensions can also lead to conflicts at compile and run-time. We demonstrate, following a rule-based, declarative approach, how conflicts between specified Separation of Duty constraints and delegation activities can be detected. This ...
متن کاملFramework for Role-based Delegation Models
FRAMEWORK FOR ROLE-BASED DELEGATION MODELS Ezedin S. Barka, Ph.D. George Mason University, 2002 Dissertation Director: Dr. Ravi S. Sandhu The basic idea behind delegation is that some active entity in a system delegates authority to another active entity in order to carry out some functions on behalf of the former. Delegation can take many forms: human to human, human to machine, machine to mac...
متن کاملA Flexible Role-Based Delegation Model with Dynamic Delegation Role Structure
As information systems became widely used by organizations and enterprises, resource sharing and collaboration of work have been pervasive. As a natural way to realize this, delegation has become the routine rather than the exception. However, traditional delegation models have encountered various issues in meeting the growing and diverse requirements. Some of them fail to provide sufficient de...
متن کامل