Proceedings Article10.1145/775412.775431
PBDM: a flexible delegation model in RBAC
Xinwen Zhang,Sejong Oh,Ravi Sandhu +2 more
- 02 Jun 2003
- pp 149-157
236
TL;DR: This paper proposes a flexible delegation model named Permission-based Delegation Model (PBDM), which is built on the well known RBAC96 model, and supports both role and permission level delegation, which provides great flexibility in authority management.
read more
Abstract: Role-based access control (RBAC) is recognized as an efficient access control model for large organizations. Most organizations have some business rules related to access control policy. Delegation of authority is among these rules. RBDM0 and RDM2000 models are recently published models for role-based delegation. They deal with user-to-user delegation. The unit of delegation in them is a role. But in many cases users may want to delegate a piece of permission from a role. This paper proposes a flexible delegation model named Permission-based Delegation Model (PBDM), which is built on the well known RBAC96 model. PBDM supports user-to-user and role-to-role delegations with features of multi-step delegation and multi-option revocation. It also supports both role and permission level delegation, which provides great flexibility in authority management. In PBDM, a security administrator specify the permissions that a user (delegator) has authority to delegate to others (delegatee), then the delegator creates one or more temporary delegation roles and assigns delegatees to particular roles. This gives us clear separation of security administration and delegation.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
•Posted Content
Scalable Role-based Access Control Using The EOS Blockchain.
TL;DR: This research proposes a scalable, flexible and auditable RBAC system using the EOS blockchain platform to meet the security requirements of organizations and shows that it outperforms existing blockchain platforms in terms of cost, latency, block generation time, contract execution time and throughput.
On a taxonomy of delegation
Quan Pham,Jason Reid,Adrian McCullagh,Ed Dawson +3 more
- 01 Jul 2010
TL;DR: This article presents a set of taxonomic criteria relevant to the concept of delegation and applies the taxonomy to a selection of significant delegation models published in the literature.
Delegation-Based Security Model for Web Services
Wei She,Bhavani Thuraisingham,I-Ling Yen +2 more
- 14 Nov 2007
TL;DR: This paper extends the basic security models and supports flexible delegation and evaluation-based access control and proposes a delegation-based security model to address all these issues.
20
Security analysis for temporal role based access control
Emre Uzun,Vijayalakshmi Atluri,Jaideep Vaidya,Shamik Sural,Anna Lisa Ferrara,Gennaro Parlato,P. Madhusudan +6 more
TL;DR: This paper proposes a suitable administrative model that governs changes to temporal policies of the Temporal RBAC, one of the extensions of Role Based Access Control, and proposes a security analysis strategy, that essentially decomposes the temporal security analysis problem into smaller and more manageable RBAC security analysis sub-problems.
Research on Usage Control Model with Delegation Characteristics Based on OM-AM Methodology
Zhiyong Zhang,Lin Yang,Qingqi Pei,Jianfeng Ma +3 more
- 18 Sep 2007
TL;DR: UCOND is an extension model of UCONABC in the aspect of delegation authorization, and it resolves the delegation question of Usage Control Model and specifies delegation procedure of an application for Digital Medium Resource Distribution System.
19
References
Role-based access control models
TL;DR: Why RBAC is receiving renewed attention as a method of security administration and review is explained, a framework of four reference models developed to better understandRBAC is described, and the use of RBAC to manage itself is discussed.
6.1K
The ARBAC97 model for role-based administration of roles
TL;DR: The motivation, intuition, and formal definition of a new role-based model for RBAC administration is described for the first time and this model is called ARBAC97 (administrative RBAC '97) and has three components: URA97 (user-role assignment '97), RPA97 (permission-role assignments '97, and RRA97) dealing with different aspects ofRBAC administration.
Framework for role-based delegation models
Ezedin Barka,Ravi Sandhu +1 more
- 11 Dec 2000
TL;DR: This work develops a framework for identifying interesting cases that can be used for building role-based delegation models by identifying the characteristics related to delegation, using these characteristics to generate possible delegation cases, and using a systematic approach to reduce the large number of cases into few useful cases.
A Role-Based Delegation Model and Some Extensions
Ezedin Barka,Ravi Sandhu +1 more
- 01 Jan 2000
TL;DR: This paper proposes a simple but practically useful model for delegation called RBDM0 (role-based delegation model zero), and explores some extensions to R BDM0 including issues of revocation, partial delegation, multiple step delegation, and delegation with hierarchical roles.
189
A rule-based framework for role based delegation
Longhua Zhang,Gail-Joon Ahn,Bei-Tseng Chu +2 more
- 01 May 2001
TL;DR: A role- based delegation model called RDM2000 (role-based delegation model 2000) is presented, which is an extension of RBDM0 by supporting hierarchical roles and multi-step delegation and a rule-based language for specifying and enforcing the policies based on RDM 2000 is introduced.
Related Papers (5)
Ezedin Barka,Ravi Sandhu +1 more
- 11 Dec 2000
Ezedin Barka,Ravi Sandhu +1 more
- 01 Jan 2000
Longhua Zhang,Gail-Joon Ahn,Bei-Tseng Chu +2 more
- 01 May 2001