カンファレンス (国際) Data and Access Management Using Access Tokens for Delegating Authority to Persons and Software

Hidehito Gomi

The International Conference on Security and Cryptography (SECRYPT 2011)


Delegation of authority is an act whereby an entity delegates his or her rights to use personal information to another entity. It has most often been implemented in enterprise environments, but previous studies have focused little on the dynamic data and access management model or the design from a practical viewpoint. A data and access management model for the delegation of authority is proposed. In the proposed model, an access token that is an opaque string associated with authorized permission is issued and exchanged among users and entities across security domains. The framework enables fine-grained access control and permission assignment for delegated access by persons and software agents.