Title :
Data and access management using access tokens for delegating authority to persons and software
Author_Institution :
Yahoo! JAPAN Research, 9-7-1 Akasaka, Minato-ku, Tokyo 107-6211, Japan
Abstract :
Delegation of authority is an act whereby an entity delegates his or her rights to use personal information to another entity. It has most often been implemented in enterprise environments, but previous studies have focused little on the dynamic data and access management model or the design from a practical viewpoint. A data and access management model for the delegation of authority is proposed. In the proposed model, an access token that is an opaque string associated with authorized permission is issued and exchanged among users and entities across security domains. The framework enables fine-grained access control and permission assignment for delegated access by persons and software agents.
Keywords :
Authentication; Authorization; Data models; Mediation; Pensions; Planning; Access management; Access token; Delegation; Identity federation;
Conference_Titel :
Security and Cryptography (SECRYPT), 2011 Proceedings of the International Conference on
Conference_Location :
Seville, Spain
