A generic model for delegation in security policies

Author

Abbassi, Ryma ; El Fatmi, Sihem Guemara

Author_Institution

Higher Sch. of Commun., Univ. of Carthage, Tunis, Tunisia

fYear

2009

fDate

3-6 Nov. 2009

Firstpage

1

Lastpage

8

Abstract

Delegation is the process whereby a user can assign his authorizations to another user. This feature is necessary in today´s communication networks principally because it allows the interaction between the entities composing such networks. This paper aims to give a first step toward a framework allowing to, formally, model delegation. Hence, we propose an extension of a previously proposed model by adding delegation and specially handling most of the delegation properties which we find in the literature. For this purpose, we model a delegation request based on two types: the grant and the transfer. We also propose an adapted verification process completing the delegation process. Finally, we discuss the revocation of delegations according to three schemes.

Keywords

authorisation; telecommunication networks; telecommunication security; adapted verification process; delegation; revocation; security policies; Access control; Authorization; Collaboration; Communication networks; Communication system security; Communications technology; Electrostatic precipitators; Explosions; Permission; Productivity; delegation; delegation policy; revocation; security policy; transfer;

fLanguage

English

Publisher

ieee

Conference_Titel

Communications and Networking, 2009. ComNet 2009. First International Conference on

Conference_Location

Hammamet

Print_ISBN

978-1-4244-5134-0

Electronic_ISBN

978-1-4244-5135-7

Type

conf

DOI

10.1109/COMNET.2009.5373559

Filename

5373559