A semantic-based access control mechanism using semantic technologies

In order to overcome the shortcomings of the recent frameworks and mechanisms for semantic-based access control, this paper presents a semantic-based, context-aware, and multi-domain enabled framework implementing a semantic-based access control mechanism for Semantic Web. The access control framework is based on the MA(DL)2 model, which takes the semantic relationships among different entities into account. The framework handles the Semantic Web context by classifying and representing it through an ontology. Considering the MA(DL)2 model, the framework assumes Semantic Web having some overlapped domains, which each contains an authority and a security agent. As a domain authority responsibility is to specify the domain policies, its agent is to enforce them. The mechanism is designed using the semantic technologies, which make it fully consistent with the environment. The paper clarifies the usability of the designed mechanism through some examples of an elections system case study.

[1]  Javier López,et al.  A metadata-based access control model for web services , 2005, Internet Res..

[2]  Anton Naumenko,et al.  A Security Framework for Smart Ubiquitous Industrial Resources , 2007, IESA.

[3]  Lalana Kagal,et al.  Using Semantic Web Technologies for Policy Management on the Web , 2006, AAAI.

[4]  M. Amini,et al.  A calculus for composite authorities' policy derivation in shared domains of pervasive computing environments , 2008, 2008 11th International Conference on Computer and Information Technology.

[5]  Ernesto Damiani Semantics-aware Privacy and Access Control: Motivation and Preliminary Results , 2004 .

[6]  X Itu,et al.  Information technology-open systems interconnection-the directory: Public-key and attribute certific , 2000 .

[7]  Morteza Amini,et al.  A Semantic aware Access Control model with real time constraints on history of accesses , 2008, 2008 International Multiconference on Computer Science and Information Technology.

[8]  Anton Naumenko Semantics-based Access Control - Ontologies and Feasibility Study of Policy Enforcement Function , 2007, WEBIST.

[9]  María-del-Mar Gallardo,et al.  Semantic Access Control Model: A Formal Specification , 2005, ESORICS.

[10]  Timothy W. Finin,et al.  A policy language for a pervasive computing environment , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[11]  Lalana Kagal,et al.  Promoting Interoperability between Heterogeneous Policy Domains ∗ , 2006 .

[12]  Morteza Amini,et al.  A Temporal Semantic-Based Access Control Model , 2008 .

[13]  Ronald L. Rivest,et al.  Certificate Chain Discovery in SPKI/SDSI , 2002, J. Comput. Secur..

[14]  S. Javanmardi,et al.  An Access Control Model for Protecting Semantic Web Resources , 2006 .

[15]  José M. Troya,et al.  Applying the semantic Web layers to access control , 2003, 14th International Workshop on Database and Expert Systems Applications, 2003. Proceedings..

[16]  Morteza Amini,et al.  Handling Context in a Semantic-Based Access Control Framework , 2009, 2009 International Conference on Advanced Information Networking and Applications Workshops.

[17]  Grit Denker,et al.  OWL-S Semantics of Security Web Services: a Case Study , 2004, ESWS.

[18]  S. Javanmardi,et al.  SBAC : “ A Semantic – Based Access Control Model ” , 2006 .