义务的委托

Proceedings Third International Workshop on Policies for Distributed Systems and Networks Pub Date : 2002-06-05 DOI:10.1109/POLICY.2002.1011290

A. Schaad, J. Moffett

{"title":"义务的委托","authors":"A. Schaad, J. Moffett","doi":"10.1109/POLICY.2002.1011290","DOIUrl":null,"url":null,"abstract":"Obligation policies are one main means of exercising control within an organisation. They specify the actions that some subject has to perform. The authority over these actions needs to be specified in authorisation policies. Current policy notations provide us with the needed structure to represent authorisations and obligations as policy objects for distributed systems management. They support the delegation of authorisations but not of obligations, yet there is a strong relationship between the two policy types, and the delegation of obligations needs to be supported as well, requiring the introduction of a new type of policy which we call a \"review\". This paper investigates the general principles underlying the delegation of policy objects, putting specific emphasis on the delegation of obligations. The Alloy specification language is used to specify and illustrate these principles. The main issues that are discussed are: the balance between authorisation and obligation policies; the source of obligations and reasons for their delegation; and the need for review policies to help control the delegation of obligations.","PeriodicalId":370124,"journal":{"name":"Proceedings Third International Workshop on Policies for Distributed Systems and Networks","volume":"72 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2002-06-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"43","resultStr":"{\"title\":\"Delegation of obligations\",\"authors\":\"A. Schaad, J. Moffett\",\"doi\":\"10.1109/POLICY.2002.1011290\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Obligation policies are one main means of exercising control within an organisation. They specify the actions that some subject has to perform. The authority over these actions needs to be specified in authorisation policies. Current policy notations provide us with the needed structure to represent authorisations and obligations as policy objects for distributed systems management. They support the delegation of authorisations but not of obligations, yet there is a strong relationship between the two policy types, and the delegation of obligations needs to be supported as well, requiring the introduction of a new type of policy which we call a \\\"review\\\". This paper investigates the general principles underlying the delegation of policy objects, putting specific emphasis on the delegation of obligations. The Alloy specification language is used to specify and illustrate these principles. The main issues that are discussed are: the balance between authorisation and obligation policies; the source of obligations and reasons for their delegation; and the need for review policies to help control the delegation of obligations.\",\"PeriodicalId\":370124,\"journal\":{\"name\":\"Proceedings Third International Workshop on Policies for Distributed Systems and Networks\",\"volume\":\"72 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2002-06-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"43\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings Third International Workshop on Policies for Distributed Systems and Networks\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/POLICY.2002.1011290\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings Third International Workshop on Policies for Distributed Systems and Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/POLICY.2002.1011290","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 43

摘要

义务政策是在组织内部实施控制的一种主要手段。它们指定了某些主体必须执行的动作。这些操作的权限需要在授权策略中指定。当前的策略符号为我们提供了将授权和义务表示为分布式系统管理的策略对象所需的结构。它们支持授权授权，但不支持义务授权，但这两种政策类型之间存在很强的关系，义务授权也需要得到支持，这就需要引入一种我们称之为“审查”的新政策类型。本文探讨了政策客体委托的一般原则，重点研究了义务委托。Alloy规范语言用于指定和说明这些原则。讨论的主要问题是:授权和义务政策之间的平衡;义务的来源和授权的理由;并需要审查政策，以帮助控制义务的授权。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Delegation of obligations

Obligation policies are one main means of exercising control within an organisation. They specify the actions that some subject has to perform. The authority over these actions needs to be specified in authorisation policies. Current policy notations provide us with the needed structure to represent authorisations and obligations as policy objects for distributed systems management. They support the delegation of authorisations but not of obligations, yet there is a strong relationship between the two policy types, and the delegation of obligations needs to be supported as well, requiring the introduction of a new type of policy which we call a "review". This paper investigates the general principles underlying the delegation of policy objects, putting specific emphasis on the delegation of obligations. The Alloy specification language is used to specify and illustrate these principles. The main issues that are discussed are: the balance between authorisation and obligation policies; the source of obligations and reasons for their delegation; and the need for review policies to help control the delegation of obligations.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings Third International Workshop on Policies for Distributed Systems and Networks

自引率

0.00%

发文量