Toward Practical Authorization-dependent User Obligation Systems
Many authorization system models include some notion of obligation. Little attention has been given to user obliga tions that depend on and affect authorizations. However, to be usable, the system must ensure users have the authoriza tions they need when their obligations must be performed. Prior work in this area introduced accountability properties that ensure failure to fulfill obligations is not due to lack of required authorizations. That work presented inconclusive and purely theoretical results concerning the feasibility of maintaining accountability in practice. The results of the current paper include algorithms and performance analysis that support the thesis that maintaining accountability in a reference monitor is reasonable in many applications.
Obligations RBAC Policy Authorization Systems Account-ability
Murillo Pontual Omar Chowdhury William H. Winsborough Ting Yu Keith Irwin
The University of Texas at San Antonio North Carolina State University Winston-Salem State University
国际会议
北京
英文
180-191
2010-04-13(万方平台首次上网日期,不代表论文的发表时间)