Wang, Hua and Sun, Lili and Zhang, Yanchun and Cao, Jinli (2005) Authorization algorithms for the mobility of user-role relationship. In: ACSC 2005: 28th Australasian Computer Science Conference, 28 Jan-3 Feb 2005, Newcastle, Australia.
PDF (Published Version)
The mobility of user-role relationship is a new feature relative to their counterparts in user-role assignments. When an administrative role assigns a role to a user with a mobile membership, this allows the user to use the permissions of the role and to be further added other roles by administrators. Immobile membership grants the user the authority to use the permissions, but does not make the user eligible for further role assignment. Two types of problems may arise in user-role assignment with the mobility of user-role relationship. One is related to authorization granting process. When a role is granted to a user, this role may be in conflict with other roles of the user or together with this role; the user may have or derive a high level of authority. Another is related to authorization revocation. When a role is revoked from a user, the user may still have the role from other roles.
In this paper, we discuss granting and revocation models related to mobile and immobile memberships between users and roles, then provide proposed authorization granting, weak revocation and strong revocation algorithms that are based on relational algebra and operations. We also describe how to use the new algorithms with an anonymity scalable payment scheme. Finally, comparisons with other related work are made.
Statistics for this ePrint Item
|Item Type:||Conference or Workshop Item (Commonwealth Reporting Category E) (Paper)|
|Item Status:||Live Archive|
|Additional Information (displayed to public):||This paper appeared at 28th Australasian Computer Science Conference The University of Newcastle, Australia. Conferences in research and practice in information technology Vol. 38 V, Estivill-Castro, Ed. Reproduction for academic, non-for-profit purposes permitted provided this text is included.|
|Depositing User:||epEditor USQ|
|Faculty / Department / School:||Historic - Faculty of Sciences - Department of Maths and Computing|
|Date Deposited:||24 Feb 2010 11:31|
|Last Modified:||02 Jul 2013 22:34|
|Uncontrolled Keywords:||authorization; mobility; RBAC; user-role relationship|
|Fields of Research (FoR):||08 Information and Computing Sciences > 0802 Computation Theory and Mathematics > 080201 Analysis of Algorithms and Complexity
08 Information and Computing Sciences > 0806 Information Systems > 080608 Information Systems Development Methodologies
08 Information and Computing Sciences > 0803 Computer Software > 080303 Computer System Security
|Socio-Economic Objective (SEO):||E Expanding Knowledge > 97 Expanding Knowledge > 970108 Expanding Knowledge in the Information and Computing Sciences|
Actions (login required)
|Archive Repository Staff Only|