论文信息 - Using Semantic Web Technologies to Specify Constraints of RBAC

Using Semantic Web Technologies to Specify Constraints of RBAC

Role-based access control (RBAC) models have generated a great interest in the security community as a powerful and generalized approach to security management. One of important aspects in RBAC is constraints that constrain what components in RBAC are allowed to do. There are lots of research have been achieved to specify constraints for secure system developers. However more work is need urgently to met requirements for interoperability of machine and people understandable constraints specification in open and distributed environment. In this paper we propose another approach to specify constraints using Semantic Web technologies. The Web Ontology Language (OWL) specification of basic RBAC components and constraints are described in detail.

Lin Jian | Wu Di | Zhu Miaoliang | Dong Yabo

[1] Trent Jaeger,et al. An access control model for simplifying constraint expression , 2000, CCS.

[2] Vijay Varadharajan,et al. Tower: A Language for Role Based Access Control , 2001, POLICY.

[3] Jean Bacon,et al. A model of OASIS role-based access control and its support for active security , 2001, TSEC.

[4] Ravi S. Sandhu,et al. Role-Based Access Control Models , 1996, Computer.

[5] L. Stein,et al. OWL Web Ontology Language - Reference , 2004 .

[6] James A. Hendler,et al. The Semantic Web" in Scientific American , 2001 .

[7] Pingzhi Fan,et al. Proceedings of the 5th international conference on Parallel and Distributed Computing: applications and Technologies , 2004 .