Using XML to implement Attribute-Based Delegation

Author

Yunqing Fu ; Chunxiao Ye ; Ning Li ; Juan Lei

Author_Institution

College of Computer Science, Chongqing University, 400044, China

fYear

2006

fDate

6-9 Nov. 2006

Firstpage

1

Lastpage

5

Abstract

In existing information systems, a delegation means a user who can assign his/her permissions to someone. In these information systems, however, the delegation security depends entirely on delegations and system administrators, for delegation constraint in delegation is only a prerequisite role. This paper proposes an Attribute-Based Delegation Model (ABDM) with an extended delegation condition consisting of both delegation attribute expression (DAE) and delegation prerequisite role (CR). In ABDM, a delegator can restrict the delegatee candidates more strictly, thus relieves delegator and system administrator of security management workload in delegation. To implement ABDM in a web or distributed environment, XML is employed to represent all kinds of data used in delegation, such as user, permission, role, delegation attribute expression, prerequisite role and other delegation constraints. An implementation architecture of ABDM is also given in this paper.

Keywords

XML; attribute; delegation;

fLanguage

English

Publisher

iet

Conference_Titel

Wireless, Mobile and Multimedia Networks, 2006 IET International Conference on

Conference_Location

hangzhou, China

ISSN

0537-9989

Print_ISBN

0-86341-644-6

Type

conf

Filename

5195724