|
|
计算机应用 2008
Dynamic authorization scheme based on delegation in distributed system
|
Abstract:
Concerning the authority in distributed environment for collaboration, a dynamic authorization scheme was presented based on delegation and RBAC model. The scheme supports partial role delegation, by expanding element sets of RBAC model, enlarging static authorization operations, and allowing the delegator to create temporary delegation roles and assign others (the delegatee) to the particular roles. The scheme was implemented by three-level frameworks, and the operating process about how to authorize dynamically in delegation model was described. The application shows that the scheme can adapt to distributed and dynamic environment, and follow the least privilege principle.
