A Semantic aware Access Control model with real time constraints on history of accesses

With the advent of semantic technology, access control cannot be done in a safe way unless the access decision takes into account the semantic relationships among the entities in a semantic-aware environment. SBAC model considers this issue in its decision making process. However, time plays a crucial role in new computing environments which is not supported in the model. In this paper we introduce the Temporal Semantic Based Access Control model (TSBAC), as an extension of SBAC, which enhances the specification of user-defined authorization rules by constraining time interval and temporal expression over userspsila history of accesses. A formal semantics for temporal authorizations is provided and conflicting situations (due to the semantic relations of the SBAC model and a sub-interval relation between authorizations) are investigated and resolved in our proposed model. An architecture for the access control system based on the proposed model is presented, and finally, we discuss and evaluate TSBAC.

[1]  Elisa Bertino,et al.  A temporal authorization model , 1994, CCS '94.

[2]  S. Javanmardi,et al.  An Access Control Model for Protecting Semantic Web Resources , 2006 .

[3]  Michael J. Nash,et al.  The Chinese Wall security policy , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[4]  Vijay Varadharajan,et al.  Decentralized Temporal Authorization Administration , 2003, DEXA.

[5]  Carlos Ribeiro,et al.  Enforcing history-based security policies in mobile agent systems , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[6]  Elisa Bertino,et al.  Temporal Authorization Bases: From Specification to Integration , 2000, J. Comput. Secur..

[7]  Vipin Chaudhary,et al.  History-based access control for mobile code , 1998, CCS '98.

[8]  Elisa Bertino,et al.  A model of authorization for next-generation database systems , 1991, TODS.

[9]  Sabrina De Capitani di Vimercati,et al.  Access Control: Policies, Models, and Mechanisms , 2000, FOSAD.

[10]  Norbert E. Fuchs,et al.  Semantic Web Policies - A Discussion of Requirements and Research Issues , 2006, ESWC.

[11]  Martín Abadi,et al.  Access Control Based on Execution History , 2003, NDSS.

[12]  Elisa Bertino,et al.  An access control model supporting periodicity constraints and temporal reasoning , 1998, TODS.

[13]  Li Qin,et al.  Concept-level access control for the Semantic Web , 2003, XMLSEC '03.

[14]  S. Javanmardi,et al.  SBAC : “ A Semantic – Based Access Control Model ” , 2006 .

[15]  Elisa Bertino,et al.  A Temporal Access Control Mechanism for Database Systems , 1996, IEEE Trans. Knowl. Data Eng..