16th Annual Computer Security Applications Conference
December 11-15, 2000
New Orleans, Louisiana

Framework for Role-Based Delegation Models

Ezedin S. Barka & Ravi S. Sandhu
Geore Mason University
United States

The basic idea behind delegation is that some active entity in a system delegates authority to another active entity to carry out some functions on behalf of the former. Delegation in computer systems can take many forms: human to human, human to machine, machine to machine, and perhaps even machine to human. In this paper we focuses on the human to human form of delegation using roles. As we will see there are many different ways in which role-based human-to-human delegation can occur. We develop a framework for identifying interesting cases that can be used for building role-based delegation models. This will be accomplished by identifying the characteristics related to delegation, using these characteristics to generate possible delegation cases, and using a systematic approach to reduce the large number of cases into few useful cases which can be used to build delegation models.

Read Paper Read Paper (in PDF)