Applying the semantic Web layers to access control

The Semantic Web, also known as the Web of meaning, is considered the new generation of the Web. Its objective is to enable computers and people to work in cooperation. A requisite for this is encoding data in forms that make web contents (meaning, semantics) more understandable by algorithmic means. In this paper, we present the application of semantic Web concepts and technologies to the access control area. The Semantic Access Control Model (SAC) uses different layers of metadata to take advantage of the semantics of the different components relevant for the access decision. We have developed a practical application of this access control model based on a specific language, denominated Semantic Policy Language (SPL), for the description of access criteria. This work demonstrates how the semantic web concepts and its layers infrastructure may play an important role in many relevant fields, such as the case of access control and authorization fields.

[1]  José M. Troya,et al.  A secure solution for commercial digital libraries , 2003, Online Inf. Rev..

[2]  Milojko Jevtović Protection of computer networks , 2005 .

[3]  José M. Troya,et al.  A Semantic Approach for Access Control in Web Services , 2002, EuroWeb.

[4]  Teresa F. Lunt,et al.  A MAC Policy Framework for Multilevel Relational Databases , 1996, IEEE Trans. Knowl. Data Eng..

[5]  Simon S. Lam,et al.  Designing a distributed authorization service , 1998, Proceedings. IEEE INFOCOM '98, the Conference on Computer Communications. Seventeenth Annual Joint Conference of the IEEE Computer and Communications Societies. Gateway to the 21st Century (Cat. No.98.

[6]  Sabrina De Capitani di Vimercati,et al.  Access Control: Policies, Models, and Mechanisms , 2000, FOSAD.

[7]  Antonio Maña,et al.  XML-Based Distributed Access Control System , 2002, EC-Web.

[8]  Bhavani M. Thuraisingham,et al.  Guest Editors' Introduction to the Special Issue on Secure Database Systems Technology , 1996, IEEE Trans. Knowl. Data Eng..

[9]  José M. Troya,et al.  Integrating PMI services in CORBA applications , 2003, Comput. Stand. Interfaces.