Context Delegation for Context-Based Access Control

The capability to delegate access privileges is an essential component of access control policies. We present an ontology-based context delegation approach for context-based access control. Our approach provides a dynamic and adaptive context delegation capability. The delegation does not cause any change to the underlying access control policy. We use Description logic (DL) and Logic Programming (LP) technologies for modeling contexts, delegation and CBAC privileges. We show how semantic-based techniques can be used to support adaptive and dynamic context delegation for CBAC policies. We provide the formal framework of the approach and show that it is decidable and consistent.

[1]  H. Lan,et al.  SWRL : A semantic Web rule language combining OWL and ruleML , 2004 .

[2]  Tomás Cerný,et al.  On security level usage in context-aware role-based access control , 2016, SAC.

[3]  Gregory D. Abowd,et al.  A Conceptual Framework and a Toolkit for Supporting the Rapid Prototyping of Context-Aware Applications , 2001, Hum. Comput. Interact..

[4]  Elisa Bertino,et al.  A Trust-Based Context-Aware Access Control Model for Web-Services , 2004, Proceedings. IEEE International Conference on Web Services, 2004..

[5]  Domenico Rotondi,et al.  A capability-based security approach to manage access control in the Internet of Things , 2013, Math. Comput. Model..

[6]  Lalana Kagal,et al.  Self-describing delegation networks for the Web , 2006, Seventh IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY'06).

[7]  Yarden Katz,et al.  Pellet: A practical OWL-DL reasoner , 2007, J. Web Semant..

[8]  Anand R. Tripathi,et al.  Context-aware role-based access control in pervasive computing systems , 2008, SACMAT '08.

[9]  Lalana Kagal,et al.  A Semantic Context-Aware Access Control Framework for Secure Collaborations in Pervasive Computing Environments , 2006, SEMWEB.

[10]  Hongchi Shi,et al.  XML access control for semantically related XML documents , 2003, 36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the.

[11]  Sebastian Rudolph,et al.  Foundations of Semantic Web Technologies , 2009 .

[12]  Peter J. Denning,et al.  A Note on Paging Drum Efficiency , 1972, CSUR.

[13]  Sylvia L. Osborn,et al.  Current Research and Open Problems in Attribute-Based Access Control , 2017, ACM Comput. Surv..

[14]  Gail-Joon Ahn,et al.  A rule-based framework for role based delegation , 2001, SACMAT '01.

[15]  Sylvia L. Osborn,et al.  Strategies for Incorporating Delegation into Attribute-Based Access Control (ABAC) , 2016, FPS.

[16]  Yu Cheng,et al.  A Semantic Context-Based Model for Mobile Web Services Access Control , 2011 .

[17]  Antonio Corradi,et al.  Context-based access control management in ubiquitous environments , 2004, Third IEEE International Symposium on Network Computing and Applications, 2004. (NCA 2004). Proceedings..

[18]  Paolo Bellavista,et al.  Context Awareness for Adaptive Access Control Management in IoT Environments , 2017 .