Reasoning about dynamic delegation in role based access control systems

Chun Ruan, Vijay Varadharajan

    Research output: Chapter in Book / Conference PaperConference Paperpeer-review

    1 Citation (Scopus)

    Abstract

    ![CDATA[This paper proposes a logic based framework that supports dynamic delegation for role based access control systems in a decentralised environment. It allows delegation of administrative privileges for both roles and access rights between roles. We have introduced the notion of trust in delegation and have shown how extended logic programs can be used to express and reason about roles and their delegations with trust degrees, roles' privileges and their propagations, delegation depth as well as conflict resolution. Furthermore, our framework is able to enforce various role constraints such as separation of duties, role composition and cardinality constraints. The proposed framework is flexible and provides a sound basis for specifying and evaluating sophisticated role based access control policies in decentralised environments.]]
    Original languageEnglish
    Title of host publicationProceedings of the 16th International Conference on Database Systems for Advanced Applications (DASFAA 2011): Hong Kong, China, 22-25 April 2011
    PublisherSpringer
    Pages239-253
    Number of pages15
    ISBN (Print)9783642201486
    DOIs
    Publication statusPublished - 2011
    EventDASFAA (Conference : Database systems) -
    Duration: 22 Apr 2011 → …

    Publication series

    Name
    ISSN (Print)0302-9743

    Conference

    ConferenceDASFAA (Conference : Database systems)
    Period22/04/11 → …

    Fingerprint

    Dive into the research topics of 'Reasoning about dynamic delegation in role based access control systems'. Together they form a unique fingerprint.

    Cite this