XML secure views using semantic access control

The OASIS eXtensible Access Control Language (XACML) provides an interoperable tool for writing and enforcing access control policies based on attributes, i.e. characteristics of the entities that take part to the access, such as subjects or actions. Unfortunately, the attribute based approach starts to show its limits when entities exhibit complex relationships, such as semantic relations, which would be easily captured using ontologies instead of attributes. This paper integrates the XACML attribute model with an OWL ontology and describes a practical privacy filtering application able to filter out information from XML documents, according to a set of XACML semantic privacy policies.

[1]  Timothy W. Finin,et al.  A Policy Based Approach to Security for the Semantic Web , 2003, SEMWEB.

[2]  Elisa Bertino,et al.  Author-X: A Java-Based System for XML Data Protection , 2000, DBSec.

[3]  Ernesto Damiani,et al.  Fine grained access control for SOAP E-services , 2001, WWW '01.

[4]  Charles A. Shoniregun,et al.  Securing XML Documents , 2004, Australas. J. Inf. Syst..

[5]  Li Qin,et al.  Concept-level access control for the Semantic Web , 2003, XMLSEC '03.

[6]  Elisa Bertino,et al.  Secure and selective dissemination of XML documents , 2002, TSEC.

[7]  Elisa Bertino,et al.  Specifying and enforcing access control policies for XML document sources , 2004, World Wide Web.

[8]  Andreas Schaad,et al.  Ontology-Based Secure XML Content Distribution , 2009, SEC.

[9]  Ernesto Damiani,et al.  Extending Policy Languages to the Semantic Web , 2004, ICWE.

[10]  Csilla Farkas,et al.  Ontology Guided XML Security Engine , 2004, Journal of Intelligent Information Systems.

[11]  Ernesto Damiani,et al.  Offline Expansion of XACML Policies Based on P3P Metadata , 2005, ICWE.

[12]  Michiharu Kudo,et al.  XML document security based on provisional authorization , 2000, CCS.

[13]  E. Prud hommeaux,et al.  SPARQL query language for RDF , 2011 .

[14]  Ernesto Damiani,et al.  Controlling Access to XML Documents , 2001, IEEE Internet Comput..

[15]  Bhavani M. Thuraisingham,et al.  ROWLBAC: representing role based access control in OWL , 2008, SACMAT '08.

[16]  Udo Kelter,et al.  Enforcing Privacy by Means of an Ontology Driven XACML Framework , 2007, Third International Symposium on Information Assurance and Security.

[17]  Nora Kamprath,et al.  Supporting attribute-based access control with ontologies , 2006, First International Conference on Availability, Reliability and Security (ARES'06).