Delegatable authorization program and its application

Chun Ruan*, Vijay Varadharajan, Yan Zhang

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

1 Citation (Scopus)

Abstract

Data protection is a significant issue in any secure information system. In this paper, we develop a decentralized authorization delegation model in which users can be delegated, granted or forbidden some access rights. This security model is formulated as an extended logic program which allows both negation as failure and classical negation. The stable model semantics is used to decide the users' access rights on data items. Under the proposed framework, conflicting problem is addressed and a promising resolution method is presented based on the underlying delegation relations and hierarchical structures of subjects, objects and access rights. The authorization inheritance are also supported in our model. Finally, as an application, we show how this framework can support different electronic consent models within the context of health care.

Original languageEnglish
Title of host publicationProceedings of the International Conference on Security and Management, SAM 2003
EditorsH.R. Arabnia, Y. Mun
Place of PublicationBerlin Heidelberg
Pages267-273
Number of pages7
Volume1
Publication statusPublished - 2003
Externally publishedYes
EventProceedings of the International Conference on Security and Management, SAM 2003 - Las vegas, NV, United States
Duration: 23 Jun 200426 Jun 2004

Other

OtherProceedings of the International Conference on Security and Management, SAM 2003
Country/TerritoryUnited States
CityLas vegas, NV
Period23/06/0426/06/04

Keywords

  • Access control
  • Authorization
  • Information security
  • Logic programming

Fingerprint

Dive into the research topics of 'Delegatable authorization program and its application'. Together they form a unique fingerprint.

Cite this