ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
X-RDR: a role-based delegation processor for web-based information systems
Full text PdfPdf (1.48 MB)
Source ACM SIGOPS Operating Systems Review archive
Volume 39 ,  Issue 1  (January 2005) table of contents
Pages: 4 - 21  
Year of Publication: 2005
ISSN:0163-5980
Authors
Shihyu Chou  Chung Hsing University, Taichung, Taiwan
Eric Jui-Lin Lu  Chaoyang University of Technology
Yi-Hui Chen  Chaoyang University of Technology
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 1,   Downloads (12 Months): 20,   Citation Count: 0
Additional Information:

abstract   references   index terms   collaborative colleagues  

Tools and Actions: Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1044552.1044553
What is a DOI?

ABSTRACT

Although Web-based information systems (WISs) have been widely used by enterprises to accomplish business tasks through the Internet, there is little research on designing a flexible access control and delegation model for WISs. In this paper, we design a user-to-user and role-to-role delegation model (called X-RDR model) for WISs. The authorization and delegation policies are encoded in XML and the granularity of control can be as small as a text-field or button. Additionally, the proposed model supports single-step delegation, multi-step delegation, multiple delegation, partial delegation, separation of duties, and cascading revocation. A prototype was also implemented to demonstrate the feasibility of the proposed model.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Scott W. Ambler. Mapping Objects to Relational Databases. Ronin International, 2000. available at http://www.AmbySoft.com/mappingObjects.pdf.
 
2
E. Barka , R. Sandhu, Framework for role-based delegation models, Proceedings of the 16th Annual Computer Security Applications Conference, p.168, December 11-15, 2000
 
3
Ezedin Barka and Ravi Sandhu. A role-based delegation model and some extensions. In Proceeding of 23rd National Information Systems Security Conference, December 2000.
 
4
Elisa Bertino, Barbara Carminati, and Elena Ferrari. XML security. Technical Report 2, Information Security Technical Report, 2001.
 
5
Elisa Bertino , Silvana Castano , Elena Ferrari , Marco Mesiti, Specifying and enforcing access control policies for XML document sources, World Wide Web, v.3 n.3, p.139-151, 2000  [doi>10.1023/A:1019289831564]
 
6
Elisa Bertino , Silvana Castano , Elena Ferrari, Securing XML Documents with Author-X, IEEE Internet Computing, v.5 n.3, p.21-31, May 2001  [doi>10.1109/4236.935172]
7
David W. Chadwick , Alexander Otenko, The PERMIS X.509 role based privilege management infrastructure, Proceedings of the seventh ACM symposium on Access control models and technologies, June 03-04, 2002, Monterey, California, USA  [doi>10.1145/507711.507732]
 
8
David W. Chadwick , Alexander Otenko, The PERMIS X.509 role based privilege management infrastructure, Future Generation Computer Systems, v.19 n.2, p.277-289, February 2003  [doi>10.1016/S0167-739X(02)00153-X]
 
9
Ernesto Damiani , Sabrina de Capitani di Vimercati , Stefano Paraboschi , Pierangela Samarati, Design and implementation of an access control processor for XML documents, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.33 n.1-6, p.59-75, June 2000
 
10
Ernesto Damiani , Pierangela Samarati , Sabrina De Capitani di Vimercati , Stefano Paraboschi, Controlling Access to XML Documents, IEEE Internet Computing, v.5 n.6, p.18-28, November 2001  [doi>10.1109/4236.968827]
11
Ernesto Damiani , Sabrina De Capitani di Vimercati , Stefano Paraboschi , Pierangela Samarati, A fine-grained access control system for XML documents, ACM Transactions on Information and System Security (TISSEC), v.5 n.2, p.169-202, May 2002  [doi>10.1145/505586.505590]
 
12
Javier López , Antonio Maña , Juan J. Ortega , José M. Troya , Mariemma I. Yagüe, Integrating PMI services in CORBA applications, Computer Standards & Interfaces, v.25 n.4, p.391-409, August 2003  [doi>10.1016/S0920-5489(03)00010-2]
 
13
Javier Lopez , Antonio Mana , Mariemma Inmaculada Yagüe del Valle, XML-Based Distributed Access Control System, Proceedings of the Third International Conference on E-Commerce and Web Technologies, p.203-213, September 02-06, 2002
 
14
Eric Jui-Lin Lu , Rai-Fu Chen, Design and implementation of a fine-grained menu control processor for web-based information systems, Future Generation Computer Systems, v.19 n.7, p.1105-1119, October 2003  [doi>10.1016/S0167-739X(03)00108-0]
 
15
Eric Jui-Lin Lu and Yi-Hui Chen. A flexible delegation processor for web-based information systems. Technical Report CYUT-IM-TR-2003-012, Department of Information Management, Chaoyang University of Technology, December 2003.
16
Hermann Maurer, Modern WISs, Communications of the ACM, v.41 n.7, p.114-115, July 1998  [doi>10.1145/278476.282756]
 
17
Guillermo Navarro, Babak Sadighi Firozabadi, Erik Rissanen, and Joan Borrell. Constrained delegation in XML-based access control and digital rights management standards. In CNIS03, Special Session on Architectures and Languages for Digital Rights Management and Access Control, December 2003.
 
18
Ravi S. Sandhu , Edward J. Coyne , Hal L. Feinstein , Charles E. Youman, Role-Based Access Control Models, Computer, v.29 n.2, p.38-47, February 1996  [doi>10.1109/2.485845]
 
19
Kenji Takahashi , Eugene Liang, Analysis and design of Web-based information systems, Selected papers from the sixth international conference on World Wide Web, p.1167-1180, September 1997, Santa Clara, California, United States
 
20
Mariemma I. Yagüe , Antonio Maña , Javier López , José M. Troya, Applying the Semantic Web Layers to Access Control, Proceedings of the 14th International Workshop on Database and Expert Systems Applications, p.622, September 01-05, 2003
21
Longhua Zhang , Gail-Joon Ahn , Bei-Tseng Chu, A rule-based framework for role based delegation, Proceedings of the sixth ACM symposium on Access control models and technologies, p.153-162, May 2001, Chantilly, Virginia, United States  [doi>10.1145/373256.373289]
22
Longhua Zhang , Gail-Joon Ahn , Bei-Tseng Chu, A rule-based framework for role-based delegation and revocation, ACM Transactions on Information and System Security (TISSEC), v.6 n.3, p.404-441, August 2003  [doi>10.1145/937527.937530]
23
Xinwen Zhang , Sejong Oh , Ravi Sandhu, PBDM: a flexible delegation model in RBAC, Proceedings of the eighth ACM symposium on Access control models and technologies, June 02-03, 2003, Como, Italy  [doi>10.1145/775412.775431]

INDEX TERMS

Primary Classification:
  H. Information Systems
  H.2 DATABASE MANAGEMENT
      H.2.2 Physical Design
          Subjects: Access methods

Additional Classification:
  H. Information Systems
  H.3 INFORMATION STORAGE AND RETRIEVAL
      H.3.5 On-line Information Services
          Subjects: Web-based services

  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS
      K.6.5 Security and Protection (D.4.6, K.4.2)
          Subjects: Authentication


General Terms:
Design, Performance, Security


Keywords:
WIS, XML, delegation, granular access control

Collaborative Colleagues:
Shihyu Chou: colleagues
Eric Jui-Lin Lu: colleagues
Yi-Hui Chen: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player