Fast semantic Attribute-Role-Based Access Control (ARBAC) in a collaborative environment

This paper is an early report of our continuing effort to provide a platform-independent framework so that information originators and security administrators can specify access rights to information consistently and completely, and that this specification is then rigorously enforced. To accomplish this objective it is necessary to link a security policy model to a policy language with sufficient expressive power to ensure logical consistency. For the purposes of this research we are using a modified Attribute-Role-Based Access Control (ARBAC) security model and the Web Ontology Language (OWL) with additional rules in a logic programming framework to express access policy, going beyond the limitations of previous attempts in this vein. In addition we are developing a mechanism using knowledge compilation techniques that allows access policy constraint checking to be implemented in real-time, via a bit-vector encoding that can be used for rapid run-time reasoning.

[1]  Barbara Carminati,et al.  Rule-Based Access Control for Social Networks , 2006, OTM Workshops.

[2]  Dongqing Xie,et al.  Semantic Access Control for Web Services , 2009, 2009 International Conference on Networks Security, Wireless Communications and Trusted Computing.

[3]  Muthucumaru Maheswaran,et al.  An Access Control Scheme for Protecting Personal Data , 2008, 2008 Sixth Annual Conference on Privacy, Security and Trust.

[4]  Sebastian Ryszard Kruk,et al.  D-FOAF: Distributed Identity Management with Access Rights Delegation , 2006, ASWC.

[5]  Timothy W. Finin,et al.  Policy-Based Access Control for an RDF Store , 2005, IJCAI 2007.

[6]  Amit Jain,et al.  Secure resource description framework: an access control model , 2006, SACMAT '06.

[7]  Ramiro Liscano,et al.  Utilizing Semantic Knowledge for Access Control in Pervasive and Ubiquitous Systems , 2008, 2008 IEEE International Conference on Wireless and Mobile Computing, Networking and Communications.

[8]  Gail-Joon Ahn,et al.  Beyond User-to-User Access Control for Online Social Networks , 2008, ICICS.

[9]  Ravi S. Sandhu,et al.  Framework for role-based delegation models , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).

[10]  Bhavani M. Thuraisingham,et al.  A semantic web based framework for social network access control , 2009, SACMAT '09.

[11]  Robert Neches,et al.  Access Control Policies for Semantic Networks , 2009, 2009 IEEE International Symposium on Policies for Distributed Systems and Networks.