Commitment issues in delegation process


Autoria(s): Pham, Quan; Reid, Jason F.; McCullagh, Adrian; Dawson, Edward
Data(s)

2008

Resumo

Delegation is a powerful mechanism to provide flexible and dynamic access control decisions. Delegation is particularly useful in federated environments where multiple systems, with their own security autonomy, are connected under one common federation. Although many delegation schemes have been studied, current models do not seriously take into account the issue of delegation commitment of the involved parties. In order to address this issue, this paper introduces a new mechanism to help parties involved in the delegation process to express commitment constraints, perform the commitments and track the committed actions. This mechanism looks at two different aspects: pre-delegation commitment and post-delegation commitment. In pre-delegation commitment, this mechanism enables the involved parties to express the delegation constraints and address those constraints. The post-delegation commitment phase enables those parties to inform the delegator and service providers how the commitments are conducted. This mechanism utilises a modified SAML assertion structure to support the proposed delegation and constraint approach.

Formato

application/pdf

Identificador

http://eprints.qut.edu.au/39773/

Publicador

Australian Computer Society Inc.

Relação

http://eprints.qut.edu.au/39773/2/39773.pdf

http://crpit.com/confpapers/CRPITV81Pham.pdf

Pham, Quan, Reid, Jason F., McCullagh, Adrian, & Dawson, Edward (2008) Commitment issues in delegation process. In Proceedings of the 6th Australasian Conference on Information Security, Australian Computer Society Inc., Wollongong, N.S.W.

Direitos

Copyright 2008 please consult the authors

Fonte

Faculty of Science and Technology; Information Security Institute

Palavras-Chave #080303 Computer System Security #Delegation #Commitment #SAML #Access Control #Federated Systems
Tipo

Conference Paper