Browse > Article
http://dx.doi.org/10.3745/KIPSTC.2003.10C.3.265

A Study on The Delegation of Role in Role Based Access Control  

Lee, Hee-Kyu (한남대학교 대학원 컴퓨터공학과)
Lee, Jea-Kwang (한남대학교 컴퓨터공학과)
Publication Information
The KIPS Transactions:PartC / v.10C, no.3, 2003 , pp. 265-272 More about this Journal
Abstract
RBAC is an Access Control Mechanism for security administration of system resource and technique attracting in commercial fields because of reducing cost and complexity of security administration in large network. Many RBAC's research is progressive but several problems such as the delegation of role have been pointed out concerning the mechanism. It is necessary that a person's role delegate someone with reliability by reasons of a leave of absence, sick leave and the others. But the existing RBAC standards don't give definition of the delegation of roles. In this paper, we propose RBAC model that delegator can delegate subset of role and permission to a delegatee so that more efficient access control may be available.
Keywords
RBAC; Access Control; Role Delegation; Delegation;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 The Economic Impact of Role Based Access Control, Research Triangle Institute, NIST Planning Report02-01, 2002
2 John F. Barkley, Anthony V. Cincotta, David F. Ferraiolo, Serban Gavrilla and D. Richard Kuhn, 'Role Based Access Control for the World Wide Web,' 20th National Computer Security Conference, April, 1997
3 DAVID F. FERRAIOLO, RAVI SANDHU and SERBAN GAVRILA, 'Proposed NIST Standard for Role-Based Access Control,' ACM Transactions on Information and System Security, Vol.4, No.3, pp.224-274, August, 2001   DOI
4 Gavrila, S, Barkley, J, 'Formal specification for RBAC user/role and role relationship management,' In Proceedings of the Third ACM Workshop on Role Based Access Control, pp.81-90, 1998   DOI
5 CHANDRAMOULI, R. and SANDHU, R., 'Role-based access control features in commercial databasse management systems,' In Proceedings of the NIST-NSA National(USA) Computer Security Conference, 1998
6 박석, 심재훈, '역할기반 접근제어에 기초한 사용자 수준의 위임기법,' 정보보호학회논문지, 제10권 제3호, 2000   과학기술학회마을
7 노봉남, 최은복, '분산시스템에서 Z언어를 이용한 역할기반 접근제어 메커니즘', 정보처리학회논문지, 제8권 제2호., 2001   과학기술학회마을
8 FERRAIOLO, D and KUHN, R., 'Role-based access control,' Proceedings of the NIST-NSA National(USA) Computer Security Conference, 1992
9 Ferraiolo, D. and Kuhn, R., 'Role-based access control,' Proceedings of the NIST-NSA National(USA) Computer Security Conference, 1992
10 Longhua Zhang, Gail-Joon Ahn and Bei-Tseng Chu, 'A Rule Based Framework for Role-Based Delegation,' ACM Transactions on Information and System Security, 2001   DOI
11 Barkley John F. and Anthony V. Cincotta, 'Managing Role/Permission Relationships Using Object Access Types,' ACM, 1998   DOI
12 BREWER, D. and NASH, M., 'The Chinese wall security policy,' In Proceedings of the Symposium on Security and Privacy, IEEE Press, Los Alamitos, Calif., 1989   DOI
13 Jonathan D. Moffett, 'Control Principles and Role Hierarchies,' 3rd ACM Workshop on Role-Based Access Fairfax VA, 1998   DOI
14 김동규 외 3인, '역학기반 접근 오제에서 역할 계층에 따른 접근권한 상속의 표현', 정보처리학회논문지, 제7권, 제7호, 2000   과학기술학회마을