Revocation Schemes for Delegation Licences

  • Meriam Ben-Ghorbel-Talbi
  • Frédéric Cuppens
  • Nora Cuppens-Boulahia
  • Adel Bouhoula
Conference paper

DOI: 10.1007/978-3-540-88625-9_13

Part of the Lecture Notes in Computer Science book series (LNCS, volume 5308)
Cite this paper as:
Ben-Ghorbel-Talbi M., Cuppens F., Cuppens-Boulahia N., Bouhoula A. (2008) Revocation Schemes for Delegation Licences. In: Chen L., Ryan M.D., Wang G. (eds) Information and Communications Security. ICICS 2008. Lecture Notes in Computer Science, vol 5308. Springer, Berlin, Heidelberg

Abstract

The paper presents revocation schemes in role-based access control models. We are particularly interested in two key issues: how to perform revocation and how to manage the revocation policy. We show how to deal with these two aspects in the delegation model based on the OrBAC formalism and its administration licence concept. This model provides means to manage several delegation types, such as the delegation or transfer of permissions and roles, multi-step delegation and temporary delegation. We state formally in this paper how to manage the revocation of these delegation schemes. Our model supports a wide spectrum of revocation dimensions such as propagation, dominance, dependency, automatic/user revocation, transfer revocation and role/permission revocation.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Meriam Ben-Ghorbel-Talbi
    • 1
    • 2
  • Frédéric Cuppens
    • 1
  • Nora Cuppens-Boulahia
    • 1
  • Adel Bouhoula
    • 2
  1. 1.Institut TELECOM/TELECOM BretagneCesson Sévigné CedexFrance
  2. 2.SUP’COM TunisArianaTunisie

Personalised recommendations