Skip to main content
SpringerLink
Log in

An Extended Role-Based Access Control Model for Delegating Obligations

  • Conference paper
Trust, Privacy and Security in Digital Business (TrustBus 2009)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5695))

Abstract

The main aim of access control models is to provide means to simplify the management of the security policy, which is a fastidious and error-prone task. Supporting delegation is considered as an important mean to decentralize the administration and therefore to allow security policy to be more flexible and easier to manipulate. Our main contribution is the proposition of a unified model to the administration and delegation of obligations. Managing such delegations implies more requirements than managing traditional privileges delegation. In fact, delegating obligations may include two interpretations: the delegation of the obligation and the delegation of the responsibility related to this obligation. Therefore, it is important to deal with these two notions separately. Moreover, since delegating an obligation involves the delegation of sanctions, then the consent of the user who receives this delegation may be required in some cases. We address in this paper these requirements and we propose a formalism to deal with them.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ben-Ghorbel, M., Cuppens, F., Cuppens-Boulahia, N., Bouhoula, A.: Managing Delegation in Access Control Models. In: ADCOM (2007)

    Google Scholar 

  2. Ben-Ghorbel-Talbi, M., Cuppens, F., Cuppens-Boulahia, N., Bouhoula, A.: Revocation schemes for delegation licences. In: Chen, L., Ryan, M.D., Wang, G. (eds.) ICICS 2008. LNCS, vol. 5308, pp. 190–205. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  3. Bettini, C., Jajodia, S., Wang, X., Wijesekera, D.: Obligation Monitoring in Policy Management. In: POLICY (2002)

    Google Scholar 

  4. Cuppens, F., Cuppens-Boulahia, N., Sans, T.: Nomad: a Security Model with Non Atomic Actions and Deadlines. In: CSFW (2005)

    Google Scholar 

  5. Gama, P., Ferreira, P.: Obligation Policies: An Enforcement Platform. In: POLICY (2005)

    Google Scholar 

  6. Park, J., Sandhu, R.: The UCON ABC Usage Control Model. TISSEC 7(1) (2004)

    Google Scholar 

  7. Pretschner, A., Hilty, M., Basin, D.: Distributed Usage Control. Communications of the ACM (2006)

    Google Scholar 

  8. Cole, J., Derrick, J., Milosevic, Z., Raymond, K.: Author obliged to submit paper before 4 july: Policies in an enterprise specification. In: Sloman, M., Lobo, J., Lupu, E.C. (eds.) POLICY 2001. LNCS, vol. 1995, p. 1. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  9. Pacheco, O., Santos, F.: Delegation in a role-based organization. In: Lomuscio, A., Nute, D. (eds.) DEON 2004. LNCS, vol. 3065, pp. 209–227. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  10. Schaad, A., Moffett, J.D.: Delegation of Obligations. In: POLICY (2002)

    Google Scholar 

  11. Abou-El-Kalam, A., Benferhat, S., Miège, A., Baida, R.E., Cuppens, F., Saurel, C., Balbiani, P., Deswarte, Y., Trouessin, G.: Organization Based Access Control. In: POLICY (2003)

    Google Scholar 

  12. Cuppens, F., Cuppens, N.: Modeling Contextual Security Policies. IJIS 7 (2008)

    Google Scholar 

  13. Cuppens, F., Miège, A.: Administration Model for Or-BAC. CSSE 19(3) (2004)

    Google Scholar 

  14. Cuppens, F., Cuppens-Boulahia, N., Coma, C.: Multi-Granular Licences to Decentralize Security Administration. In: SSS/WRAS (2007)

    Google Scholar 

  15. Kagal, L., Finin, T.: Modeling Conversation Policies using Permissions and Obligations. JAAMAS 14(2) (2007)

    Google Scholar 

  16. Cuppens, F., Cuppens-Boulahia, N., Ben-Ghorbel, M.: High Level Conflict Management Strategies in Advanced Access Control Models. ENTCS 186 (2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institut TELECOM/Telecom Bretagne, 2 rue de la Châtaigneraie, 35576, Cesson Sévigné Cedex, France

    Meriam Ben-Ghorbel-Talbi, Frédéric Cuppens & Nora Cuppens-Boulahia

  2. SUP’COM Tunis, Route de Raoued Km 3.5, 2083, Ariana, Tunisie

    Meriam Ben-Ghorbel-Talbi & Adel Bouhoula

Authors
  1. Meriam Ben-Ghorbel-Talbi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Frédéric Cuppens
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Nora Cuppens-Boulahia
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Adel Bouhoula
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, Karlstad University, Universitetsgatan 2, 651 88, Karlstad, Sweden

    Simone Fischer-Hübner

  2. Laboratory of Information and Communication Systems Security, Department of Information and Communication Systems Engineering, University of the Aegean, 83200, Karlovassi, Samos, Greece

    Costas Lambrinoudakis

  3. Department of Management Information Systems, University of Regensburg, Universitätsstraße 31, 93053, Regensburg, Germany

    Günther Pernul

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Ben-Ghorbel-Talbi, M., Cuppens, F., Cuppens-Boulahia, N., Bouhoula, A. (2009). An Extended Role-Based Access Control Model for Delegating Obligations. In: Fischer-Hübner, S., Lambrinoudakis, C., Pernul, G. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2009. Lecture Notes in Computer Science, vol 5695. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03748-1_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-03748-1_13

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-03747-4

  • Online ISBN: 978-3-642-03748-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation