• DocumentCode
    1961214
  • Title

    An Extended Permission-Based Delegation Authorization Model

  • Author

    Zhang, Zhikun ; Xiao, Jianguo ; Li, Hanyi ; Geng, Youping

  • Author_Institution
    Comput. Center, Peking Univ., Beijing
  • Volume
    3
  • fYear
    2008
  • fDate
    12-14 Dec. 2008
  • Firstpage
    696
  • Lastpage
    699
  • Abstract
    The characteristics of delegation are analyzed and defined in this paper, including time, totality, level, multi-delegation, agreement and revocation. Based on RBAC, an extended role and permission-based delegation model is redefined by separating delegate roles from original roles. Security administrators (SAs) and ordinary users have different functions and duties in the authorization and delegation. SAs only participate in the original authorization work, but ordinary users can engage in role assignment more actively. They can reassign permissions to roles. As a result the extended role and permission-based delegation model hold more flexibility in the complex application environment. The temporal constraints of delegation also imply the complexity of delegation revocation.
  • Keywords
    authorisation; extended permission-based delegation authorization model; role assignment; role-based access control; security administrators; Access control; Authorization; Business; Computer science; Government; Hospitals; Large-scale systems; Permission; Software engineering; Time factors; authorization; delegation; permission-based;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Science and Software Engineering, 2008 International Conference on
  • Conference_Location
    Wuhan, Hubei
  • Print_ISBN
    978-0-7695-3336-0
  • Type

    conf

  • DOI
    10.1109/CSSE.2008.983
  • Filename
    4722438
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1961214