TY - GEN
T1 - Role-Based Delegation Model/Hierarchical Roles (RBDM1)
AU - Barka, Ezedin
AU - Sandhu, Ravi
PY - 2004
Y1 - 2004
N2 - The basic idea behind delegation is that some active entity in a system delegates authority to another active entity in order to carry out some functions on behalf of the former. User delegation in RBAC is the ability of one user (called the delegating user) who is a member of the delegated role to authorize another user (called the delegate user) to become a member of the delegated role. This paper introduces a new model, which we consider it to be an extension of RBDMO [BS2000]. The central contribution of this paper is to introduce a new model, referred to as RBDM1 (Role-Based Delegation Model/ Hierarchical Roles), that uses the details from RBDMO, which was described in the literature by barka and Sandhu [BS2000] to address the temporary delegation based on hierarchical roles. We formally defined a role-based delegation model based on hierarchical relationship between the roles involved. We also identified the different semantics that impact the can-delegate relation, we analyzed these semantics to determine which ones we consider as more appropriate in business today, thus allowed in our model, and provided a justification to why those selections are made
AB - The basic idea behind delegation is that some active entity in a system delegates authority to another active entity in order to carry out some functions on behalf of the former. User delegation in RBAC is the ability of one user (called the delegating user) who is a member of the delegated role to authorize another user (called the delegate user) to become a member of the delegated role. This paper introduces a new model, which we consider it to be an extension of RBDMO [BS2000]. The central contribution of this paper is to introduce a new model, referred to as RBDM1 (Role-Based Delegation Model/ Hierarchical Roles), that uses the details from RBDMO, which was described in the literature by barka and Sandhu [BS2000] to address the temporary delegation based on hierarchical roles. We formally defined a role-based delegation model based on hierarchical relationship between the roles involved. We also identified the different semantics that impact the can-delegate relation, we analyzed these semantics to determine which ones we consider as more appropriate in business today, thus allowed in our model, and provided a justification to why those selections are made
UR - http://www.scopus.com/inward/record.url?scp=21644471547&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=21644471547&partnerID=8YFLogxK
U2 - 10.1109/CSAC.2004.31
DO - 10.1109/CSAC.2004.31
M3 - Conference contribution
AN - SCOPUS:21644471547
SN - 0769522521
T3 - Proceedings - Annual Computer Security Applications Conference, ACSAC
SP - 396
EP - 404
BT - Proceedings - 20th Annual Computer Security Applications Conference, ACSAC 2004
T2 - 20th Annual Computer Security Applications Conference, ACSAC 2004
Y2 - 6 December 2004 through 10 December 2004
ER -