In a paper based privilege management system, a resource owner (e.g. the Financial Director of a company, or the Computer Centre Manager) will sign a form to say that a particular person (the privilege holder) is allowed to use a particular resource in a particular way. E.g. The Financial Director may say that a Head of Department can sign orders up to the value of so many thousand Euros, or the Computer Centre Manager may sign a form authorising a user to use particular computing resources. Paper based systems may also support delegation, whereby a privilege holder is allowed to delegate the use of the resources currently under his control, to one or more other people. E.g. the Head of Department authorises a project manager to sign orders for his project up to a pre-determined sum.
The right in a position to exercise discretion in making decisions affecting others.
Its an Power in An Organization
It is a relationship between two individuals
Superior frames & transits decisions with the expectation that these will be accepted by the subordinate
Basic objective behind authority is to influence the behavior of subordinates
The delegate should act in his own name, not in yours
Then a full audit trail can be kept of who did what
The delegate should have limited authority
So that you can delegate a fraction of your powers
Er.Sartaj Singh Bajwa
Assigning and Delegating Privileges in Organisations Resource Owner “ I authorise this Privilege Holder to use this resource in the following ways” signed The Resource Owner Privilege Holder “ I delegate authority to this End User to use this resource in this limited way” signed The Privilege Holder End User (Privilege Holder) Assigns privilege to Delegates privilege to “ Can I use the Resource” Er.Sartaj Singh Bajwa