Role-Based Delegation Model Using Available Time

Kyoung Ja Kim; Tae Mu Chang

Role-Based Delegation Model Using Available Time

Kyoung Ja Kim

Tae Mu Chang

The KIPS Transactions:PartC, Vol. 14, No. 1, pp. 65-72, Feb. 2007

10.3745/KIPSTC.2007.14.1.65, PDF Download:

Abstract

The existing RBAC models are not sufficient for managing delegations or separation of roles. Researches have been done on RBDM(Role Based Delegation Model) that deal with delegating role or permission to other users. In this paper, we divide the delegated roles into two groups: periodic and temporary delegation roles. When a role is delegated, a time period is assigned together, which is used to revoke the permission of delegated role automatically. In our model, the role of monotonic delegation by an original user can be revoked at any time in case of malicious use by the delegated user. The contribution of our model is that the malicious use of delegated role can be prohibited and security vulnerability in the role hierarchy due to role delegations can be alleviated. The proposed model, TRBDM(Time out Based RBDM) is analyzed and compared with the conventional models, such as RBDM0, RBDM1 and PBDM. Our model shows an advantage over other models in terms of security robustness.

Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from September 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.

Cite this article

[IEEE Style]

K. J. Kim and T. M. Chang, "Role-Based Delegation Model Using Available Time," The KIPS Transactions:PartC, vol. 14, no. 1, pp. 65-72, 2007. DOI: 10.3745/KIPSTC.2007.14.1.65.

[ACM Style]

Kyoung Ja Kim and Tae Mu Chang. 2007. Role-Based Delegation Model Using Available Time. The KIPS Transactions:PartC, 14, 1, (2007), 65-72. DOI: 10.3745/KIPSTC.2007.14.1.65.