Framework for role-based delegation models

The basic idea behind delegation is that some active entity in a system delegates authority to another active entity to carry out some functions on behalf of the former. Delegation in computer systems can take many forms: human to human, human to machine, machine to machine, and perhaps even machine to human. We focuses on the human to human form of delegation using roles. As we show, there are many different ways in which role-based human-to-human delegation can occur. We develop a framework for identifying interesting cases that can be used for building role-based delegation models. This is accomplished by identifying the characteristics related to delegation, using these characteristics to generate possible delegation cases, and using a systematic approach to reduce the large number of cases into few useful cases which can be used to build delegation models.

[1]  SandhuRavi,et al.  Role-based administration of user-role assignment: The URA97 model and its Oracle implementation , 1999 .

[2]  Ravi S. Sandhu,et al.  Rationale for the RBAC96 family of access control models , 1996, RBAC '95.

[3]  D. Richard Kuhn,et al.  Role-Based Access Control ( RBAC ) : Features and Motivations , 2014 .

[4]  Ravi Sandhu,et al.  A Role-Based Delegation Model and Some Extensions , 2000 .

[5]  Morrie Gasser,et al.  An architecture for practical delegation in a distributed system , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[6]  B. R. Badrinath,et al.  in Distributed Systems , 1991 .

[7]  Henry M. Gladney,et al.  Access control for large collections , 1997, TOIS.

[8]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[9]  Vijay Varadharajan,et al.  An analysis of the proxy problem in distributed systems , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[10]  Martín Abadi,et al.  A calculus for access control in distributed systems , 1991, TOPL.

[11]  Ravi S. Sandhu The typed access matrix model , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[12]  Jeffrey D. Ullman,et al.  Protection in operating systems , 1976, CACM.

[13]  David R. Kuhn,et al.  Role-Based Access Control (RBAC): Features and Motivations | NIST , 1995 .