Skip to main content
SpringerLink
Log in

Towards Session-Aware RBAC Delegation: Function Switch

  • Conference paper
Data Privacy Management and Autonomous Spontaneous Security (DPM 2012, SETOP 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7731))

  • 1150 Accesses

Abstract

This paper shows how to extend RBAC sessions with dynamic aspects to deal with user switch. Users can authenticate using their functions which will create a dynamic session and automatically activate a set of privileges associated with this function. A dynamic session can be joined, leaved, restarted and reused by authorized users. Moreover, a user can switch the session to another user in order to continue the task by preserving the working context. We discuss in this paper how to manage users privileges in the dynamic session and how to deal with the switch mechanism.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Autrel, F., Cuppens, F., Cuppens, N., Coma, C.: MotOrBAC 2: A Security Policy Tool. In: SARSSI (2008)

    Google Scholar 

  2. Autrel, F., Cuppens-Boulahia, N., Cuppens, F.: Reaction Policy Model Based on Dynamic Organizations and Threat Context. In: Gudes, E., Vaidya, J. (eds.) Data and Applications Security 2009. LNCS, vol. 5645, pp. 49–64. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  3. Ben-Ghorbel-Talbi, M., Cuppens, F., Cuppens-Boulahia, N., Bouhoula, A.: An Extended Role-Based Access Control Model for Delegating Obligations. In: Fischer-Hübner, S., Lambrinoudakis, C., Pernul, G. (eds.) TrustBus 2009. LNCS, vol. 5695, pp. 127–137. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  4. Ben-Ghorbel-Talbi, M., Cuppens, F., Cuppens-Boulahia, N., Bouhoula, A.: A Delegation Model for Extended RBAC. The International Journal of Information Security (IJIS) 9(3) (June 2010)

    Google Scholar 

  5. Crampton, J., Khambhammettu, H.: Delegation in Role-Based Access Control. International Journal of Information Security (September 2008)

    Google Scholar 

  6. Cuppens, F., Cuppens-Boulahia, N.: Modeling Contextual Security Policies. International Journal of Information Security 7(4) (2008)

    Google Scholar 

  7. Cuppens, F., Cuppens-Boulahia, N., Miège, A.: Inheritance hierarchies in the Or-BAC Model and application in a network environment. In: FCS (2004)

    Google Scholar 

  8. Cuppens, F., Cuppens-Boulahia, N., Nuadi, M.: Smatch Model: Extending RBAC Sessions in Virtualization Environment. In: ARES (2011)

    Google Scholar 

  9. Cuppens, F.C., Cuppens-Boulahia, N., Coma, C.: Multi-Granular Licences to Decentralize Security Administration. In: SSS/WRAS (2007)

    Google Scholar 

  10. El-Rakaiby, Y., Cuppens, F., Cuppens-Boulahia, N.: From Contextual Permission to Dynamic Pre-Obligation. In: ARES (2010)

    Google Scholar 

  11. Elrakaiby, Y., Cuppens, F., Cuppens-Boulahia, N.: Formal enforcement and management of obligation policies. Data & Knowledge Engineering (2011)

    Google Scholar 

  12. EYEOS, http://www.eyeos.org/

  13. Hasebe, K., Mabuchi, M., Matsushita, A.: Capability-Based Delegation Model in RBAC. In: SACMAT (2010)

    Google Scholar 

  14. Ray, I., Toahchoodee, M.: A Spatio-temporal Access Control Model Supporting Delegation for Pervasive Computing Applications. In: Furnell, S.M., Katsikas, S.K., Lioy, A. (eds.) TrustBus 2008. LNCS, vol. 5185, pp. 48–58. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  15. Sandhu, R., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-Based Access Control Models. IEEE Computer 29(2), 38–47 (1996)

    Article  Google Scholar 

  16. Schaad, A., Moffett, J.D.: Delegation of Obligations. In: POLICY (2002)

    Google Scholar 

  17. Oh, S., Park, S.: Task-Role-based Access Control Model. Information Systems 28 (2003)

    Google Scholar 

  18. Ullman, J.D.: Principles of Database and Knowledge-Base Systems: Volume II: The New Technologies. W. H. Freeman & Co., New York (1990)

    Google Scholar 

  19. Yao, L., Kong, X., Xu, Z.: A Task-Role Based Access Control Model With Multi-Constraints. In: NCM (2008)

    Google Scholar 

  20. Zhang, L., Luo, L., Zhang, L., Geng, T., Yue, Z.: Task-Role-Based Access Control in Application on MIS. In: APSCC (2006)

    Google Scholar 

  21. Zhang, X., Oh, S., Sandhu, R.: Pbdm: A Flexible Delegation Model in RBAC. In: SACMAT (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institut TELECOM/Télécom Bretagne, 2, rue de la Châtaigneraie, 35576, Cesson-Sévigné, France

    Meriam Ben Ghorbel-Talbi, Frédéric Cuppens & Nora Cuppens-Boulahia

  2. SWID, 5 Square du Chêne Germain, 35510, Cesson-Sévigné, France

    Nora Cuppens-Boulahia & Stéphane Morucci

Authors
  1. Meriam Ben Ghorbel-Talbi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Frédéric Cuppens
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Nora Cuppens-Boulahia
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Stéphane Morucci
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Università degli Studi Roma Tre, Largo San Leonardo Murialdo, 1, 00146, Rome, Italy

    Roberto Di Pietro

  2. Universitat Politècnica de Catalunya, c. Jordi Girona 1-3, 08034, Barcelona, Spain

    Javier Herranz

  3. Università degli Studi di Milano, Via Bramante, 65, 26013, Milan, Italy

    Ernesto Damiani

  4. University of Luxembourg, rue Alphonse Weicker, 4, 2721, Luxembourg, Luxembourg

    Radu State

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Ghorbel-Talbi, M.B., Cuppens, F., Cuppens-Boulahia, N., Morucci, S. (2013). Towards Session-Aware RBAC Delegation: Function Switch. In: Di Pietro, R., Herranz, J., Damiani, E., State, R. (eds) Data Privacy Management and Autonomous Spontaneous Security. DPM SETOP 2012 2012. Lecture Notes in Computer Science, vol 7731. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35890-6_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-35890-6_21

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-35889-0

  • Online ISBN: 978-3-642-35890-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation