Implementation of Role-Based Delegation Model / Flat Roles ( RBDM 0 )

In the information security arena, one of the most interesting and promising techniques proposed is Role-Based Access Control (RBAC). In the last few years, much work has been done in the definition and implementation of RBAC. However, so far the concept of delegation in RBAC has not been studied. The basic idea behind delegation is that some active entity i n a system delegates authority to another active entity in order to carry out some functions on behalf of the former. User delegation in RBAC is the ability of one user (called the delegating user) who is a member of the delegated role to authorize another user (called the delegate user) to become a member of the delegated role. This paper extends a series of simple but practically useful models for delegation, described in the literature by Barka and Sandhu [3], and starts the development of a scheme of prototype implementation in order to validate these models. More specifically, this paper reviews the most recent Role-Based Access Control (RBAC) Implementations, analyzes the implementation techniques used in other forms of delegations (other than the human-to-human delegation), and designes and develops prototype implementations of user-to-user role delegation based on the Role-Based Delegation Models, in flat roles (RBDM0), and in hierarchical roles (RBDM1).