|
Abstract : |
www.List.gmu.edu In Role-based Access control (RBAC) permissions are associated with roles and users are made members of roles thereby acquiring the associated permissions. User delegation in RBAC is the ability of one user (called the delegating user) who is a member of the delegated role to authorize another user (called the delegate user) to become a member of the delegated role. This paper proposes a simple but practically useful model for delegation called RBDM0 (role-based delegation model zero). The paper also explores some extensions to RBDM0 including issues of revocation, partial delegation, multiple step delegation, and delegation with hierarchical roles. 1, |
