A Secure and Flexible Method of Permission Delegation Between Different Account Types

User management systems face several security issues in access control while dealing with different user account types. Providing distinct users with required access rights demands more control and supervision. The majority of the proposed works focus on the attribute or group membership delegation, which can have severe consequences. On the other hand, those that cover permission delegation miss a proper revocation method. This study aims to fill this security gap in access management systems. Applying a security level-based approach to both users and permissions, as well as grouping them into different categories based on security requirements, decrease administrative workload while increasing functionality. Proposed delegation model has been supported with a proper revocation algorithm.