论文信息 - Access Control Model and Design for Delegation Using Authorization Tokens

Access Control Model and Design for Delegation Using Authorization Tokens

Delegation of authority is an act whereby an entity delegates his or her authority to use personal information to another entity. It has most often been implemented in enterprise environments, but previous studies have focused little on the dynamic data and access management model or the design from a practical viewpoint. An access control model and its design framework is described in which access tokens are used across security domains. The framework enables fine-grained access control with limited overhead for access management and permission assignment for delegated access.

Hidehito Gomi | Hidehito Gomi

[1] Jeff Hodges,et al. Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML) V2. 0 , 2001 .

[2] Akira Matsushita,et al. Capability-based delegation model in RBAC , 2010, SACMAT '10.

[3] Ravi S. Sandhu,et al. Framework for role-based delegation models , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).

[4] Elisa Bertino,et al. Fine-grained role-based delegation in presence of the hybrid role hierarchy , 2006, SACMAT '06.

[5] Ravi S. Sandhu,et al. Role-Based Access Control Models , 1996, Computer.

[6] Laurent Bussard,et al. Delegation of access rights in multi-domain service compositions , 2009 .

[7] John T. Kohl,et al. The Kerberos Network Authentication Service (V5 , 2004 .

[8] Akhil Kumar,et al. A fine-grained, controllable, user-to-user delegation method in RBAC , 2005, SACMAT '05.

[9] Butler W. Lampson,et al. SPKI Certificate Theory , 1999, RFC.

[10] Joan Feigenbaum,et al. Delegation logic: A logic-based approach to distributed authorization , 2003, TSEC.

[11] Roshan K. Thomas,et al. Models for coalition-based access control (CBAC) , 2002, SACMAT '02.

[12] Ravi S. Sandhu,et al. PBDM: a flexible delegation model in RBAC , 2003, SACMAT '03.