Abstract
Delegation, from a technical point of view, is widely considered as a potential approach in addressing the problem of providing dynamic access control decisions in activities with a high level of collaboration, either within a single security domain or across multiple security domains. Although delegation continues to attract significant attention from the research community, presently, there is no published work that presents a taxonomy of delegation concepts and models. This paper intends to address this gap.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Atluri, V., Warner, J.: Supporting conditional delegation in secure workflow management systems. In: Proceedings of the 10th ACM symposium on Access control models and technologies (SACMAT 2005), Stockholm, Sweden, pp. 49–58 (2005)
Barka, E., Sandhu, R.: Role-Based Delegation Model - Hierarchical Roles (RBDM1). In: Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC 2004), pp. 396–404 (2004)
Botha, R.A., Eloff, J.H.P.: A framework for access control in workflow systems. Information Management & Computer Security 9(3), 126–133 (2001)
Chadwick, D.W., Otenko, A.: The PERMIS X.509 Role Based Privilege Management Infrastructure. In: Proceedings of the 7th ACM symposium on Access control models and technologies, Monterey, California, USA, pp. 135–140 (2002)
Chadwick, D.W., Otenko, S., Nguyen, T.A.: Adding support to XACML for dynamic delegation of authority in multiple domains. In: Leitold, H., Markatos, E.P. (eds.) CMS 2006. LNCS, vol. 4237, pp. 67–86. Springer, Heidelberg (2006)
Crampton, J., Khambhammettu, H.: Delegation in role-based access control. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189, pp. 174–191. Springer, Heidelberg (2006)
Crispo, B.: Delegation of responsibility. In: Christianson, B., Crispo, B., Harbison, W.S., Roe, M. (eds.) Security Protocols 1998. LNCS, vol. 1550, p. 626. Springer, Heidelberg (1999)
Gomi, H., Hatakeyama, M., Hosono, S., Fujita, S.: A delegation framework for federated identity management. In: Proceedings of the ACM Workshop on Digital Identity Management, pp. 94–103 (2005)
Lorch, M., Adams, D., Kafura, D., Koneni, M., Rathi, A., Shah, S.: The PRIMA System for Privilege Management, Authorization and Enforcement in Grid Environments. In: Proceedings of the 4th International Workshop on Grid Computing - Grid 2003, Phoenix, AR, USA (2003)
Pham, Q., McCullagh, A., Dawson, E.: Consistency of user attribute in federated systems. In: Lambrinoudakis, C., Pernul, G., Tjoa, A.M. (eds.) TrustBus. LNCS, vol. 4657, pp. 165–177. Springer, Heidelberg (2007)
Schaad, A.: A Framework for Organisational Control Principles. PhD Thesis, The University of York, York, England (2003)
Varadharajan, V.: Authentication in mobile distributed environment. In: Proceedings of the 7th IEE European Conference on Mobile and Personal Communications, pp. 173–188 (1993)
Varadharajan, V., Allen, P., Black, S.: An analysis of the proxy problem in distributed systems. In: Proceedings of the 1991 IEEE Symposium on Research in Security and Privacy, Oakland, CA, USA, pp. 255–275 (1991)
Zhang, L., Ahn, G.L., Chu, B.T.: A rule-based framework for role based delegation. In: Proceedings of the 6th ACM symposium on Access control models and technologies, Chantilly, VA, USA, pp. 153–162 (2001)
Zhang, X., Oh, S., Sandhu, R.: PBDM: a flexible delegation model in RBAC. In: Proceedings of the 8th ACM symposium on Access control models and technologies, Como, Italy, pp. 149–157 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 IFIP International Federation for Information Processing
About this paper
Cite this paper
Pham, Q., Reid, J., McCullagh, A., Dawson, E. (2009). On a Taxonomy of Delegation. In: Gritzalis, D., Lopez, J. (eds) Emerging Challenges for Security, Privacy and Trust. SEC 2009. IFIP Advances in Information and Communication Technology, vol 297. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-01244-0_31
Download citation
DOI: https://doi.org/10.1007/978-3-642-01244-0_31
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-01243-3
Online ISBN: 978-3-642-01244-0
eBook Packages: Computer ScienceComputer Science (R0)