Role-Based Delegation Model/Hierarchical Roles (RBDM1)

Ezedin Barka, Ravi Sandhu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

71 Citations (Scopus)


The basic idea behind delegation is that some active entity in a system delegates authority to another active entity in order to carry out some functions on behalf of the former. User delegation in RBAC is the ability of one user (called the delegating user) who is a member of the delegated role to authorize another user (called the delegate user) to become a member of the delegated role. This paper introduces a new model, which we consider it to be an extension of RBDMO [BS2000]. The central contribution of this paper is to introduce a new model, referred to as RBDM1 (Role-Based Delegation Model/ Hierarchical Roles), that uses the details from RBDMO, which was described in the literature by barka and Sandhu [BS2000] to address the temporary delegation based on hierarchical roles. We formally defined a role-based delegation model based on hierarchical relationship between the roles involved. We also identified the different semantics that impact the can-delegate relation, we analyzed these semantics to determine which ones we consider as more appropriate in business today, thus allowed in our model, and provided a justification to why those selections are made

Original languageEnglish
Title of host publicationProceedings - 20th Annual Computer Security Applications Conference, ACSAC 2004
Number of pages9
Publication statusPublished - 2004
Event20th Annual Computer Security Applications Conference, ACSAC 2004 - Tucson, AZ, United States
Duration: Dec 6 2004Dec 10 2004

Publication series

NameProceedings - Annual Computer Security Applications Conference, ACSAC
ISSN (Print)1063-9527


Other20th Annual Computer Security Applications Conference, ACSAC 2004
Country/TerritoryUnited States
CityTucson, AZ

ASJC Scopus subject areas

  • Software
  • General Engineering


Dive into the research topics of 'Role-Based Delegation Model/Hierarchical Roles (RBDM1)'. Together they form a unique fingerprint.

Cite this