|
| | | |
Commitment Issues in Delegation Process
Pham, Q., Reid, J., McCullagh, A. and Dawson, E.
Delegation is a powerful mechanism to provide flexible
and dynamic access control decisions. Delegation is
particularly useful in federated environments where
multiple systems, with their own security autonomy, are
connected under one common federation. Although many
delegation schemes have been studied, current models do
not seriously take into account the issue of delegation
commitment of the involved parties. In order to address
this issue, this paper introduces a new mechanism to help
parties involved in the delegation process to express
commitment constraints, perform the commitments and
track the committed actions. This mechanism looks at two
different aspects: pre-delegation commitment and postdelegation
commitment. In pre-delegation commitment,
this mechanism enables the involved parties to express the
delegation constraints and address those constraints. The
post-delegation commitment phase enables those parties
to inform the delegator and service providers how the
commitments are conducted. This mechanism utilises a
modified SAML assertion structure to support the
proposed delegation and constraint approach. |
Cite as: Pham, Q., Reid, J., McCullagh, A. and Dawson, E. (2008). Commitment Issues in Delegation Process. In Proc. Sixth Australasian Information Security Conference (AISC 2008), Wollongong, NSW, Australia. CRPIT, 81. Brankovic, L. and Miller, M., Eds. ACS. 27-38. |
(from crpit.com)
(local if available)
|
|