Using Description Logic and Rules to Determine XML Access Control

The quantity of generated information we store and need to access is colossal. Security of this information is becoming an issue of greater importance as the techniques and granularity with which it can be accessed become more advanced. Availability of information is a key component of any security system, although the information must be protected, it must also be available to the people who need it as and when they request it. However, increasing the methods by which it is accessable automatically increases the chance it may be compromised. Security systems are now using advanced levels of encryption, digital signatures containing biometric data and highly complex access control policies. We are proposing an access control system which reduces the complexity involved in defining authorisation permissions, particularly in structured documents such as XML where the user may be granted restricted access. Our solution employs techniques usually reserved for intelligent systems and the semantic web.

[1]  Ramanathan V. Guha,et al.  Varieties of Contexts , 2003, CONTEXT.

[2]  Sudhir Agarwal,et al.  Access control for semantic Web services , 2004 .

[3]  Sudhir Agarwal,et al.  Credential Based Access Control for Semantic Web Services , 2004 .

[4]  Amedeo Napoli,et al.  Querying a Bioinformatic Data Sources Registry with Concept Lattices , 2005, ICCS.

[5]  Michiharu Kudo,et al.  XML document security based on provisional authorization , 2000, CCS.

[6]  Peter Dolog,et al.  Robust Query Processing for Personalized Information Access on the Semantic Web , 2006, FQAS.

[7]  Luo Junzhou,et al.  Semantic access control in grid computing , 2005, 11th International Conference on Parallel and Distributed Systems (ICPADS'05).

[8]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[9]  Li Qin,et al.  Concept-level access control for the Semantic Web , 2003, XMLSEC '03.

[10]  Claudio Carpineto,et al.  GALOIS: An Order-Theoretic Approach to Conceptual Clustering , 1993, ICML.

[11]  Frank van Harmelen,et al.  Contextualizing ontologies , 2004, J. Web Semant..

[12]  Rokia Missaoui,et al.  INCREMENTAL CONCEPT FORMATION ALGORITHMS BASED ON GALOIS (CONCEPT) LATTICES , 1995, Comput. Intell..

[13]  José M. Troya,et al.  Applying the semantic Web layers to access control , 2003, 14th International Workshop on Database and Expert Systems Applications, 2003. Proceedings..

[14]  Pedro M. Domingos,et al.  Learning to map between ontologies on the semantic web , 2002, WWW '02.

[15]  Xiang Zhang,et al.  OREL: an ontology-based rights expression language , 2004, WWW Alt. '04.

[16]  Ernesto Damiani,et al.  Extending Policy Languages to the Semantic Web , 2004, ICWE.

[17]  Elisa Bertino,et al.  Controlled access and dissemination of XML documents , 1999, WIDM '99.

[18]  Ernesto Damiani,et al.  Securing XML Documents , 2000, EDBT.

[19]  John McCarthy,et al.  Generality in artificial intelligence , 1987, Resonance.