Browse > Article
http://dx.doi.org/10.3745/KIPSTC.2007.14-C.1.065

Role-Based Delegation Model Using Available Time  

Kim, Kyoung-Ja (세종대학교 컴퓨터공학과)
Chang, Tae-Mu (동국대학교 컴퓨터공학과)
Publication Information
The KIPS Transactions:PartC / v.14C, no.1, 2007 , pp. 65-72 More about this Journal
Abstract
The existing RBAC models are not sufficient for managing delegations or separation of roles. Researches have been done on RBDM(Role Based Delegation Model) that deal with delegating role or permission to other users. In this paper, we divide the delegated roles into two groups: periodic and temporary delegation roles. When a role is delegated, a time period is assigned together, which is used to revoke the permission of delegated role automatically. In our model, the role of monotonic delegation by an original user can be revoked at any time in case of malicious use by the delegated user. The contribution of our model is that the malicious use of delegated role can be prohibited and security vulnerability in the role hierarchy due to role delegations can be alleviated. The proposed model, T RBDM(Time out Based RBDM) is analyzed and compared with the conventional models, such as RBDM0, RBDM1 and PBDM. Our model shows an advantage over other models in terms of security robustness.
Keywords
Role Based Access Control(RBAC); Deleagtion Model;
Citations & Related Records
연도 인용수 순위
  • Reference
1 L. Zhang, Gail J. Ahn and B. Chu, A Rule Based Framework for Role Based Delegation and Revocation, ACM Transactions on Information and System Security (TISSEC) archive Volume 6, Issue 3, August, 2003   DOI
2 L. Hyun suk, K. Hyeog Man, and E. Young Ik, Reliable Cascaded Delegation Scheme for Mobile Agent Environments, WISA2003, Springer Verlag, Aug., 2003, pp.55-68
3 X. Zhang, S. Oh, and R. Sandhu, PBDM: A Flexible Delegation Model in RBAC, In SAC MAT 2003, 8th ACM Symposium on Access Control Models and Technologies, June 2-3, 2003   DOI
4 A. Zhand and Chu, A Rule Based Framework for Based Delegation. Proceeding of the $6^{th}$ ACM Symposium on Access Control Models and Technologies, Pages 153-162, Chantilly, VA, May 3-4, 2001   DOI
5 E. Barka and R. Sandhu. A Role Based Delegation Model and Some Extensions. Proceedings of 23rd National Information System Security Conference, pp.101-114, Baltimore, Oct. 16-19, 2000
6 A. Schaad, Detecting Conflicts in a Role based Delegation Model, Proceedings of the 17th Annual Conference on Computer Security Applications, p.l17, December, 10-14, 2001
7 R. Sandhu, J. Edward. Ciyne, L. Hal. Feinstein, and Charles E. Youman. Role Based access control models. IEEE Computer, 29(2):38-47, February, 1996   DOI   ScienceOn
8 O. Bandmann, M. Dam, B. Firozabadi, Constrained Delegation, Security and Privacy, 2002. Proceedings. 2002 IEEE Symposium on, pp.131-140, 2002   DOI
9 O Canovas, Antonio F. Gomez, Delegation in Distributed Systems: Challenges and Open Issues, In Proceedings of IEEE International Workshop on Database and Expert Systems Applications (DEXA '03) September, 2003   DOI
10 E. Barka, R. Sandhu, 'Role Based Delegation Model/Hierarchical Roles (RBDM1)', in Proceedings of 20th. Annual Computer Security Applications Conference, Tucson, AZ, USA, 2004   DOI
11 E. Barka and R. Sandhu. Framework for Role Based Delegation Models. In Proceedings of 16th Annual Computer Security Application conference, New Orleans, LA, December 11-15 2000, pp.168-176   DOI
12 L. HyungHyo, L. YoungLok, N. BongNam, A New Role Based Delegation Model Using Sub role Hierarchies, International Symposium on Computer and Information Sciences (ISCIS 2003) LNCS 2869 pp.811-818 November, 2003
13 R. Tamassia Danfeng Yao William H. Winsborough, Role Based Cascaded Delegation, SACMAT'04, June 2-4 2004   DOI
14 A. Quan Pham, Privilege Delegation and Revocation for Distributed Pervasive Computing Environments, Proceedings of the Second Australian Students' Computing Conference, 2004
15 A. Hagstorm, S. Jajodia, Framxesco Parisi presicce, Revocation a Classification. 2001 IEEE Computer Society Symposium on Research in Security and Privacy. Oakland. May 7-9, 2001