A SCHEME AND CONCEPT FOR LIMITED INHERITANCE OF PRIVILEGES IN A USER HIERARCHY

User hierarchy is a critical issue in the access control policy for in formation protection systems. The conventional user hierarchy structur e utilized over the past decades is discussed. Within this user hierar chy structure, a user is permitted to access all of the files of other users who are below him in the user hierarchy. However, this relation ship is not suitable for the following situation; users desire to keep some permissions of files private to themselves and free from access from superior users. In this paper, we shall propose a new user privil ege hierarchy to represent the relationship of limited inheritance. Fu rthermore, we also provide an effective and dynamic method that can pr ocure the relationships and the inheritable privileges among users in the user privilege hierarchy. (C) 1998 Elsevier Science Inc. All right s reserved.