A Usage Constrained Role-Based Delegation Model

Compared with traditional DAC and MAC models, Role-Based Access Control(RBAC) model can provide better flexibility and scalability, and is now days the best and most popular access control model.In current role-based system,security officers handle assignments of users to roles.However,fully depending on this functionality may increase management efforts in a large-scale,highly distributed environment because of the continuous involvement from security officers.The emerging technology of role-based delegation provides a means for implementing RBAC in a fully distributed environment with empower of individual users. Currently,there are some models that extend RBAC model to support role delegation.However,their supports for constraints on the usage of delegated roles are very limited.First of all, the characteristic of the three forms of role-based delegation models are analyzed and compared systematically in this thesis using the criteria of delegation granularity, delegation depth, delegation policy and revocation;the differences, advantages, disadvantages and deficiency of delegation role constraints of different models are elucidated as well. Then, we discussed the characteristic of role-based delegation model, analyzed the possible delegation cases using human to human form of delegation and got the conclusion that delegation is temporary and the temporary constraints of role-based delegation is required. Meanwhile, we extended the RBDMO proposed by E. Barka and proposed UCRBDM, which implement time and frequency constraints using role delegation tickets. In addition, we defined the execution model of UCRBDM and proved the uniqueness of the execution model when role delegation ticket set and user role request sequence are given, and the correctness and feasibility of the model are also be proved through an execution model example. Finally, we discussed the management of role delegation ticket set such as adding/deleting the role delegation tickets in the role delegation ticket set. We defined the add/delete function and proved that only one role delegation ticket will be applied in the role request in the execution model.