{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:43:22Z","timestamp":1750308202785,"version":"3.41.0"},"reference-count":21,"publisher":"Association for Computing Machinery (ACM)","issue":"1","license":[{"start":{"date-parts":[[2005,1,1]],"date-time":"2005-01-01T00:00:00Z","timestamp":1104537600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["SIGOPS Oper. Syst. Rev."],"published-print":{"date-parts":[[2005,1]]},"abstract":"<jats:p>Although Web-based information systems (WISs) have been widely used by enterprises to accomplish business tasks through the Internet, there is little research on designing a flexible access control and delegation model for WISs. In this paper, we design a user-to-user and role-to-role delegation model (called X-RDR model) for WISs. The authorization and delegation policies are encoded in XML and the granularity of control can be as small as a text-field or button. Additionally, the proposed model supports single-step delegation, multi-step delegation, multiple delegation, partial delegation, separation of duties, and cascading revocation. A prototype was also implemented to demonstrate the feasibility of the proposed model.<\/jats:p>","DOI":"10.1145\/1044552.1044553","type":"journal-article","created":{"date-parts":[[2005,11,7]],"date-time":"2005-11-07T19:28:32Z","timestamp":1131391712000},"page":"4-21","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["X-RDR"],"prefix":"10.1145","volume":"39","author":[{"given":"Shihyu","family":"Chou","sequence":"first","affiliation":[{"name":"Chung Hsing University, Taichung, Taiwan"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Eric Jui-Lin","family":"Lu","sequence":"additional","affiliation":[{"name":"Chaoyang University of Technology"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yi-Hui","family":"Chen","sequence":"additional","affiliation":[{"name":"Chaoyang University of Technology"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2005,1]]},"reference":[{"key":"e_1_2_1_1_1","volume-title":"Ronin International","author":"Ambler Scott W.","year":"2000","unstructured":"Scott W. Ambler . Mapping Objects to Relational Databases . Ronin International , 2000 . available at http:\/\/www.AmbySoft.com\/mappingObjects.pdf. Scott W. Ambler. Mapping Objects to Relational Databases. Ronin International, 2000. available at http:\/\/www.AmbySoft.com\/mappingObjects.pdf."},{"key":"e_1_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.5555\/784591.784743"},{"key":"e_1_2_1_3_1","volume-title":"Proceeding of 23rd National Information Systems Security Conference","author":"Barka Ezedin","year":"2000","unstructured":"Ezedin Barka and Ravi Sandhu . A role-based delegation model and some extensions . In Proceeding of 23rd National Information Systems Security Conference , December 2000 . Ezedin Barka and Ravi Sandhu. A role-based delegation model and some extensions. In Proceeding of 23rd National Information Systems Security Conference, December 2000."},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1023\/A:1019289831564"},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/4236.935172"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/507711.507732"},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0167-739X(02)00153-X"},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1016\/S1389-1286(00)00053-0"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/4236.968827"},{"key":"e_1_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/505586.505590"},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0920-5489(03)00010-2"},{"key":"e_1_2_1_13_1","first-page":"203","volume-title":"XML-based distributed access control system. In third International Conference on E-Commerce and Web Technologies (ECWeb'02)","author":"Lopez Javier","year":"2002","unstructured":"Javier Lopez , Antonio Mana , and Mariemma I. Yague . XML-based distributed access control system. In third International Conference on E-Commerce and Web Technologies (ECWeb'02) , pages 203 -- 213 , September 2002 . Javier Lopez, Antonio Mana, and Mariemma I. Yague. XML-based distributed access control system. In third International Conference on E-Commerce and Web Technologies (ECWeb'02), pages 203--213, September 2002."},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0167-739X(03)00108-0"},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/278476.282756"},{"key":"e_1_2_1_17_1","volume-title":"Special Session on Architectures and Languages for Digital Rights Management and Access Control","author":"Navarro Guillermo","year":"2003","unstructured":"Guillermo Navarro , Babak Sadighi Firozabadi , Erik Rissanen , and Joan Borrell . Constrained delegation in XML-based access control and digital rights management standards. In CNIS03 , Special Session on Architectures and Languages for Digital Rights Management and Access Control , December 2003 . Guillermo Navarro, Babak Sadighi Firozabadi, Erik Rissanen, and Joan Borrell. Constrained delegation in XML-based access control and digital rights management standards. In CNIS03, Special Session on Architectures and Languages for Digital Rights Management and Access Control, December 2003."},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/2.485845"},{"key":"e_1_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.5555\/283554.283388"},{"key":"e_1_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.5555\/942790.942921"},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/373256.373289"},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/937527.937530"},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/775412.775431"}],"container-title":["ACM SIGOPS Operating Systems Review"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1044552.1044553","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1044552.1044553","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T16:25:06Z","timestamp":1750263906000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1044552.1044553"}},"subtitle":["a role-based delegation processor for web-based information systems"],"short-title":[],"issued":{"date-parts":[[2005,1]]},"references-count":21,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2005,1]]}},"alternative-id":["10.1145\/1044552.1044553"],"URL":"https:\/\/doi.org\/10.1145\/1044552.1044553","relation":{},"ISSN":["0163-5980"],"issn-type":[{"type":"print","value":"0163-5980"}],"subject":[],"published":{"date-parts":[[2005,1]]},"assertion":[{"value":"2005-01-01","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}