Conventional authorization mechanisms provide actors with permissions to act, without the actor ever incurring any obligations as a result of executing the permitted action. There exist, however, many situations where system integrity requires that certain actions always be followed by others, within some reasonable time frame. The authors propose an extension to conventional authorization which allows the explicit association of obligations with permissions, and enforces them. It is demonstrated that the extended mechanism can be used to support and enforce several general types of control policies and integrity constraints which are otherwise difficult or impossible to support.
|Original language||English (US)|
|Title of host publication||Proceedings - International Conference on Software Engineering|
|Number of pages||11|
|State||Published - Dec 1 1985|
All Science Journal Classification (ASJC) codes