Access restrictions to and with description logic web ontologies

Access restrictions are essential in standard information systems and became an issue for ontologies in the following two aspects. Ontologies can represent explicit and implicit knowledge about an access policy. For this aspect we provided a methodology to represent and systematically complete role-based access control policies. Orthogonally, an ontology might be available for limited reading access. Independently of a specific ontology language or reasoner, we provided a lattice-based framework to assign labels to an ontology’s axioms and consequences. We looked at the problems to compute and repair one or multiple consequence labels and to assign a query-based access restriction. An empirical evaluation has shown that the algorithms perform well in practical scenarios with large-scale ontologies.

[1]  Simon Schenk On the Semantics of Trust and Caching in the Semantic Web , 2008, International Semantic Web Conference.

[2]  Rafael Peñaloza,et al.  Pinpointing in the Description Logic EL , 2007, Description Logics.

[3]  Val Tannen,et al.  Provenance semirings , 2007, PODS.

[4]  Ravi S. Sandhu,et al.  The NIST model for role-based access control: towards a unified standard , 2000, RBAC '00.

[5]  Matthias Heinrich,et al.  MODDO-A TAILORED DOCUMENTATION SYSTEM FOR MODEL-DRIVEN SOFTWARE DEVELOPMENT , 2008 .

[6]  Aïcha Mokhtari,et al.  Representation and Reasoning on ORBAC: Description Logic with Defaults and Exceptions Approach , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[7]  Stefan Schlobach,et al.  Non-Standard Reasoning Services for the Debugging of Description Logic Terminologies , 2003, IJCAI.

[8]  James A. Hendler,et al.  Analyzing web access control policies , 2007, WWW '07.

[9]  Boris Motik,et al.  Optimized Reasoning in Description Logics Using Hypertableaux , 2007, CADE.

[10]  Nicholas V. Findler,et al.  Associative Networks- Representation and Use of Knowledge by Computers , 1980, CL.

[11]  Diego Calvanese,et al.  View-Based Query Answering over Description Logic Ontologies , 2008, KR.

[12]  F. Baader Computing Boundaries for Reasoning in Sub-Ontologies , 2009 .

[13]  Huajun Chen,et al.  The Semantic Web , 2011, Lecture Notes in Computer Science.

[14]  Ian Horrocks,et al.  Ordering Heuristics for Description Logic Reasoning , 2005, IJCAI.

[15]  Ian Horrocks,et al.  OWL Web Ontology Language Reference-W3C Recommen-dation , 2004 .

[16]  Vijay Varadharajan,et al.  Role-based access control and the access control matrix , 2001, OPSR.

[17]  Benedict G. E. Wiedemann Protection? , 1998, Science.

[18]  Rafael Peñaloza,et al.  Axiom Pinpointing in General Tableaux , 2007, TABLEAUX.

[19]  Boris Motik,et al.  Reducing SHIQ-Description Logic to Disjunctive Datalog Programs , 2004, KR.

[20]  Joachim Biskup,et al.  Reducing inference control to access control for normalized database schemas , 2008, Inf. Process. Lett..

[21]  Gerd Stumme,et al.  Attribute Exploration with Background Implications and Exceptions , 1996 .

[22]  Yarden Katz,et al.  Pellet: A practical OWL-DL reasoner , 2007, J. Web Semant..

[23]  Jan Hladik,et al.  RBAC AUTHORIZATION DECISION WITH DL REASONING , 2008 .

[24]  Vassilis Christophides,et al.  Coloring RDF Triples to Capture Provenance , 2009, SEMWEB.

[25]  Sunita Sarawagi,et al.  Information Extraction , 2008 .

[26]  Martin Knechtel Access rights and collaborative ontology integration for reuse across security domains ? , 2008 .

[27]  Nematollaah Shiri,et al.  Description Logic Framework for Access Control and Security in Object-Oriented Systems , 2007, RSFDGrC.

[28]  Rafael Peñaloza,et al.  A Generic Approach for Correcting Access Restrictions to a Consequence , 2010, ESWC.

[29]  Frithjof Dau,et al.  Access Policy Design Supported by FCA Methods , 2009, ICCS.

[30]  Lenhart K. Schubert,et al.  THE STRUCTURE AND ORGANIZATION OF A SEMANTIC NET FOR COMPREHENSION AND INFERENCE , 1979 .

[31]  Boris Motik,et al.  OWL 2 Web Ontology Language: structural specification and functional-style syntax , 2008 .

[32]  Sebastian Rudolph,et al.  All Elephants are Bigger than All Mice , 2008, Description Logics.

[33]  L. Stein,et al.  OWL Web Ontology Language - Reference , 2004 .

[34]  Li Qin,et al.  Concept-level access control for the Semantic Web , 2003, XMLSEC '03.

[35]  Rafael Peñaloza,et al.  Correcting Access Restrictions to a Consequence , 2010, Description Logics.

[36]  Raymond Reiter,et al.  A Theory of Diagnosis from First Principles , 1986, Artif. Intell..

[37]  B. Bouchon-Meunier,et al.  Inconsistency degree computation for possibilistic description logic: an extension of the tableau algorithm , 2008, NAFIPS 2008 - 2008 Annual Meeting of the North American Fuzzy Information Processing Society.

[38]  Brian A. Davey,et al.  An Introduction to Lattices and Order , 1989 .

[39]  Ravi S. Sandhu,et al.  Lattice-based access control models , 1993, Computer.

[40]  Daniel Schuster,et al.  Semantische Integration und Wiederverwendung von Produktontologien für offene Marktplätze im Web , 2014, GeNeMe.

[41]  Raphael Volz,et al.  Cooking the Semantic Web with the OWL API , 2003, SEMWEB.

[42]  Franz Baader,et al.  Pushing the EL Envelope , 2005, IJCAI.

[43]  Thomas R. Gruber,et al.  A translation approach to portable ontology specifications , 1993, Knowl. Acquis..

[44]  Matthias Heinrich,et al.  A platform to automatically generate and incorporate documents into an ontology-based content repository , 2009, DocEng '09.

[45]  Michael Niemann,et al.  Countering Service Information Challenges in the Internet of Services , 2009, Bus. Inf. Syst. Eng..

[46]  M R Quillian,et al.  Word concepts: a theory and simulation of some basic semantic capabilities. , 1967, Behavioral science.

[47]  Ian Horrocks,et al.  Privacy-Preserving Query Answering in Logic-based Information Systems , 2008, ECAI.

[48]  Heiner Stuckenschmidt,et al.  A Model-driven Approach to enable Access Control for Ontologies , 2009, Wirtschaftsinformatik.

[49]  Bernhard Ganter,et al.  Formal Concept Analysis: Mathematical Foundations , 1998 .

[50]  Boris Motik,et al.  Reducing {$\mathcal SHIQ^-$} Description Logic to Disjunctive Datalog Programs , 2004, KR 2004.

[51]  Roberto Tamassia,et al.  A Role and Attribute Based Access Control System Using Semantic Web Technologies , 2007, OTM Workshops.

[52]  James A. Hendler,et al.  Debugging unsatisfiable classes in OWL ontologies , 2005, J. Web Semant..

[53]  Val Tannen,et al.  Provenance for database transformations , 2008, EDBT '10.

[54]  Jeff Z. Pan,et al.  Finding Maximally Satisfiable Terminologies for the Description Logic ALC , 2006, AAAI.

[55]  Jie Bao,et al.  Privacy-Preserving Reasoning on the SemanticWeb , 2007, IEEE/WIC/ACM International Conference on Web Intelligence (WI'07).

[56]  Ravi S. Sandhu,et al.  Configuring role-based access control to enforce mandatory and discretionary access control policies , 2000, TSEC.

[57]  Marvin Minsky,et al.  A framework for representing knowledge , 1974 .

[58]  Guilin Qi,et al.  A Tableau Algorithm for Possibilistic Description Logic , 2008, ASWC.

[59]  Jan Hladik,et al.  Using OWL DL Reasoning to Decide about authorization in RBAC , 2008, OWLED.

[60]  Ulrike Sattler,et al.  Mary Likes all Cats , 2000, Description Logics.

[61]  Franz Baader,et al.  Debugging SNOMED CT Using Axiom Pinpointing in the Description Logic EL+ , 2008, KR-MED.

[62]  Bernhard Ganter,et al.  Implications in Triadic Formal Contexts , 2004, ICCS.

[63]  Chen Zhao,et al.  An OWL-Based Approach for RBAC with Negative Authorization , 2006, KSEM.

[64]  Bernhard Ganter,et al.  Completing Description Logic Knowledge Bases Using Formal Concept Analysis , 2007, IJCAI.

[65]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .

[66]  Rafael Peñaloza,et al.  A Generic Approach for Large-Scale Ontological Reasoning in the Presence of Access Restrictions to the Ontology's Axioms , 2009, International Semantic Web Conference.

[67]  Joachim Biskup Security in Computing Systems - Challenges, Approaches and Solutions , 2008 .

[68]  P. Burmeister Formal concept analysis with ConImp : introduction to the basic features , 2003 .

[69]  Franz Baader,et al.  CEL - A Polynomial-Time Reasoner for Life Science Ontologies , 2006, IJCAR.

[70]  Amit Jain,et al.  Secure resource description framework: an access control model , 2006, SACMAT '06.

[71]  Diego Calvanese,et al.  The Description Logic Handbook: Theory, Implementation, and Applications , 2003, Description Logic Handbook.

[72]  Ronald J. Brachman,et al.  What IS-A Is and Isn't: An Analysis of Taxonomic Links in Semantic Networks , 1983, Computer.

[73]  Ian Horrocks,et al.  The Even More Irresistible SROIQ , 2006, KR.

[74]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[75]  Nematollaah Shiri,et al.  Formalization of RBAC Policy with Object Class Hierarchy , 2007, ISPEC.

[76]  Bhavani M. Thuraisingham,et al.  ROWLBAC: representing role based access control in OWL , 2008, SACMAT '08.

[77]  Heiner Stuckenschmidt,et al.  Query-Based Access Control for Ontologies , 2010, RR.

[78]  Sylvia L. Osborn,et al.  Specifying an Access Control Model for Ontologies for the Semantic Web , 2005, Secure Data Management.

[79]  Chen Zhao,et al.  Representation and Reasoning on RBAC: A Description Logic Approach , 2005, ICTAC.

[80]  Rafael Peñaloza,et al.  Automata-Based Axiom Pinpointing , 2010, Journal of Automated Reasoning.

[81]  Ian Horrocks DAML+OIL: A Reason-able Web Ontology Language , 2002, EDBT.

[82]  Li Ma,et al.  Explorations in the use of semantic web technologies for product information management , 2007, WWW '07.

[83]  Ian Horrocks,et al.  DAML+OIL: A Reason-able Web Ontology Language , 2002, EDBT.

[84]  Volker Haarslev,et al.  RACER System Description , 2001, IJCAR.

[85]  Boontawee Suntisrivaraporn,et al.  Polynomial time reasoning support for design and maintenance of large-scale biomedical ontologies , 2008 .

[86]  P. Hayes The Logic of Frames , 1981 .

[87]  Jianfeng Du,et al.  Extending description logics with uncertainty reasoning in possibilistic logic , 2007, Int. J. Intell. Syst..

[88]  Mike Cohn,et al.  User Stories Applied: For Agile Software Development , 2004 .

[89]  Bijan Parsia,et al.  Finding All Justifications of OWL DL Entailments , 2007, ISWC/ASWC.

[90]  Sushil Jajodia,et al.  The inference problem: a survey , 2002, SKDD.

[91]  Andreas Abecker,et al.  Semantic Web Services: Concepts, Technologies, and Applications , 2010 .

[92]  Andreas Gaag,et al.  Entwicklung einer Ontologie zur funktionsorientierten Lösungssuche in der Produktentwicklung , 2010 .

[93]  Bernhard Ganter,et al.  Two Basic Algorithms in Concept Analysis , 2010, ICFCA.

[94]  Andreas Kohn,et al.  Function-Based Solution Retrieval and Semantic Search in Mechanical Engineering , 2009 .