Commitment issues in delegation process
Data(s) |
2008
|
---|---|
Resumo |
Delegation is a powerful mechanism to provide flexible and dynamic access control decisions. Delegation is particularly useful in federated environments where multiple systems, with their own security autonomy, are connected under one common federation. Although many delegation schemes have been studied, current models do not seriously take into account the issue of delegation commitment of the involved parties. In order to address this issue, this paper introduces a new mechanism to help parties involved in the delegation process to express commitment constraints, perform the commitments and track the committed actions. This mechanism looks at two different aspects: pre-delegation commitment and post-delegation commitment. In pre-delegation commitment, this mechanism enables the involved parties to express the delegation constraints and address those constraints. The post-delegation commitment phase enables those parties to inform the delegator and service providers how the commitments are conducted. This mechanism utilises a modified SAML assertion structure to support the proposed delegation and constraint approach. |
Formato |
application/pdf |
Identificador | |
Publicador |
Australian Computer Society Inc. |
Relação |
http://eprints.qut.edu.au/39773/2/39773.pdf http://crpit.com/confpapers/CRPITV81Pham.pdf Pham, Quan, Reid, Jason F., McCullagh, Adrian, & Dawson, Edward (2008) Commitment issues in delegation process. In Proceedings of the 6th Australasian Conference on Information Security, Australian Computer Society Inc., Wollongong, N.S.W. |
Direitos |
Copyright 2008 please consult the authors |
Fonte |
Faculty of Science and Technology; Information Security Institute |
Palavras-Chave | #080303 Computer System Security #Delegation #Commitment #SAML #Access Control #Federated Systems |
Tipo |
Conference Paper |