摘要
Although Web-based information systems (WISs) have been widely used by enterprises to accomplish business tasks through the Internet, there is little research on designing a flexible access control and delegation model for WISs. In this paper, we design a user-to-user and role-to-role delegation model (called X-RDR model) for WISs. The authorization and delegation policies are encoded in XML and the granularity of control can be as small as a text-field or button. Additionally, the proposed model supports single-step delegation, multi-step delegation, multiple delegation, partial delegation, separation of duties, and cascading revocation. A prototype was also implemented to demonstrate the feasibility of the proposed model.
| 原文 | 英語 |
|---|---|
| 頁(從 - 到) | 4-21 |
| 頁數 | 18 |
| 期刊 | Operating Systems Review (ACM) |
| 卷 | 39 |
| 發行號 | 1 |
| DOIs | |
| 出版狀態 | 已出版 - 2005 |
| 對外發佈 | 是 |