ABSTRACT
Access delegation regulates the process that an authorized user transfer part or total of his/her permissions to another user who is otherwise not authorized to have such access. The reverse concept of access delegation is access revocation, which deprives a group of specific access permissions that were granted previously in delegation process. The objectives of delegation are to ask someone to finish a job or invite someone to participant a collaborative work. Access control systems should support access delegation to satisfy the requirement from real world, otherwise users may perceive security as a hindrance, especially in distributed or collaborative environment. In access delegation, a delegator is the inviter who grants some permissions to a invitee and a delegatee is the invitee who receive the permissions.
