Abstract
The rapid increase on the circulation of data over the web has highlighted the need for distributed storage of Internet-accessible information due to the rapid increase on the circulation of data over the web. Thus, access control mechanisms should also be distributed in order to protect them effectively. A recent idea in the access control theory is the delegation and revocation of rights, i.e. the passing over of one clients rights to the other and vice versa. Here, we propose an XML-based distributed delegation module which can be integrated into a distributed role-based access control mechanism protecting networks. The idea of X.509v3 certificates is used for the transfer of authorization information referring to a client. The modules are XML-based and all of the associated data structures are expressed through Document Type Definitions (DTDs).
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Barka, E., Sandhu, R.: Framework for Role-Based Delegation Models. In: Proc. 16th Annual Computer Security Applications Conference, pp. 168–176 (2000)
Barkaand, E., Sandhu, R.: A role-based Delegation Model and Some Extensions. In: Proc. 23rd National Information Systems Security Conference (2000)
Dai, J., Alves-Foss, J.: Certificate Based Authorization Simulation System. In: Proc. 25th Annual Int. Computer Software and Applications Conference, pp. 190–195 (2001)
Goh, C., Baldwin, A.: Towards a more Complete Model of Role. In: Proc. 3rd ACM Workshop on Role-Based Access, pp. 55–61 (1998)
Herzberg, A., Mass, Y., Mihaeli, L., Naor, D., Ravid, Y.: Access Control Meets Public Key In-frastructure, Or: Assigning Roles to Strangers. In: Proc. Symposium on Security and Privacy, pp. 2–14 (2000)
Linn, J., Nystrom, M.: Attribute Certification. An Enabling Technology for Delegation and Role-Based Control in Distributed Environments. In: Proc. 4th ACM Workshop on Role-based access control, pp. 121–130 (1999)
Michiardiand, P., Molva, R.: Inter-domain authorization and delegation for business-to-business e-commerce. In: Proc. 1st E-business and E-work Conference (2002)
Moyer, M.J., Ahamad, M.: Generalized Role-Based Access Control. In: Proc. IEEE 21st Int. Conference on Distributed Computing Systems, pp. 391–398 (2001)
Na, S., Cheon, S.: Role Delegation in Role-Based Access Control. In: Proc. 5th ACM Workshop on Role-Based Access Control, pp. 39–44 (2000)
Park, J.S., Sandhu, R.: Binding identities and attributes using digitally signed certificates. In: Proc. 16th Annual Computer Security Applications Conference, pp. 120–127 (2000)
Sandhu, R.S., Coyne, E.J., Feinstein, H.L.: Role-Based Access Control Models. IEEE Computer 29(2), 38–47 (1996)
Zhang, L., Ahn, G.-J., Chu, B.-T.: A Rule-based Framework for Role-Based Delegation and Revocation. ACM Trans. on Information and System Security 6(3), 404–441 (2003)
Zhang, X., Oh, S., Sandhu, R.: PBDM: A Flexible Delegation Model in RBAC. In: Proc. 8th Symposium on Access Control Models and Technologies, pp. 149–157 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Stoupa, K., Vakali, A., Li, F., Tsoukalas, I. (2004). XML-Based Revocation and Delegation in a Distributed Environment. In: Lindner, W., Mesiti, M., Türker, C., Tzitzikas, Y., Vakali, A.I. (eds) Current Trends in Database Technology - EDBT 2004 Workshops. EDBT 2004. Lecture Notes in Computer Science, vol 3268. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30192-9_29
Download citation
DOI: https://doi.org/10.1007/978-3-540-30192-9_29
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-23305-3
Online ISBN: 978-3-540-30192-9
eBook Packages: Computer ScienceComputer Science (R0)