The Community for Technology Leaders
Green Image
Issue No. 10 - October (2011 vol. 23)
ISSN: 1041-4347
pp: 1569-1582
He Wang , The University of Western Ontario, London
Sylvia L. Osborn , The University of Western Ontario, London
ABSTRACT
Delegation in access control is used to deal with exceptional circumstances, when a regular user is unable to perform their normal job and delegates all or part of it to others. These situations can be anticipated and built into the security design as static delegation; however, unforseen circumstances can still occur requiring dynamic delegation to be specified at runtime. This paper presents both static and dynamic delegation in the context of the Role Graph Model. To properly capture runtime events, we add sessions to the RGM. We then introduce session-oriented, dynamic delegation, a new concept in RBAC models, using an edge-labeling method. Constraints applicable to both static and dynamic delegation are examined.
INDEX TERMS
Access controls, security, integrity, and protection.
CITATION
He Wang, Sylvia L. Osborn, "Static and Dynamic Delegation in the Role Graph Model", IEEE Transactions on Knowledge & Data Engineering, vol. 23, no. , pp. 1569-1582, October 2011, doi:10.1109/TKDE.2010.205
98 ms
(Ver )