Abstract
Security and privacy are important components of the Semantic Web; the need for research in this area is widely recognized. In this paper we propose a model that regulates access control on ontologies developed for the Semantic Web. Based on the Role Graph Model, our work models the ontology resources as directed, acyclic graphs, incorporating the basic features of the OWL Lite language. We also show how the privileges are propagated and how we can use constraints to deny access to resources in the Semantic Web, an environment where information can be easily accessed through logic inferences.
This research was supported by the Natural Sciences and Engineering Research Council of Canada.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Adam, N.R., Atluri, V., Bertino, E., Ferrari, E.: A content-based authorization model for digital libraries. IEEE Transactions Knowledge and Data Engineering 14(2), 296–315 (2002)
Bertino, E., Castano, S., Ferrari, E.: On specifying security policies for web documents with an XML-based language. In: 6th ACM Symposium on Access Control Models and Technologies (SACMAT 2001), pp. 57–65 (2001)
Bertino, E., Ferrari, E.: Secure and selective dissemination of XML documents. ACM TISSEC 5(3), 290–331 (2002)
Damiani, E., De Di Capitani Vimercati, S., Paraboschi, S., Samarati, P.: Design and implementation of an access control processor for XML documents. Computer Networks 33(6), 59–75 (2000)
Damiani, E., De di Capitani Vimercati, S., Paraboschi, S., Samarati, P.: Fine-grained access control system for XML documents. ACM Trans. on Information and System Security 5(2), 169–202 (2002)
Denker, G., Kagal, L., Finin, T., Paolucci, M., Sycara, K.: Security for DAML web services: Annotation and matchmaking. In: Fensel, D., Sycara, K., Mylopoulos, J. (eds.) ISWC 2003. LNCS, vol. 2870, pp. 335–350. Springer, Heidelberg (2003)
Eastlake, D., Reagle, J.: XML encryption syntax and processing. W3C Candidate Recommendation (August 2002)
Eastlake, D., Reagle, J., Solo, D.: XML-signature syntax and processing. RFC 3275 (March 2002)
Fensel, D., Hendler, J., Lieberman, H., Wahlster, W.: Spinning the Semantic Web: Bringing the World Wide Web to Its Full Potential. MIT Press, Cambridge (2003)
Finin, T., Joshi, A.: Agents, trust, and information access on the semantic web. SIGMOD Record 31(4), 30–35 (2002)
Housley, R., Polk, W., Ford, W., Solo, D.: Internet x.509 public key infrastructure certificate and certificate revocation list. RFC 3280 (April 2002)
Ionita, C.M., Osborn, S.L.: Privilege administration for the role graph model. In: Research Directions in Data and Applications Security, Proc. IFIP WG11.3 Working Conference on Database Security, pp. 15–25. Kluwer Academic Publishers, Dordrecht (2003)
Kagal, L., Finin, T., Joshi, A.: A policy based approach to security for the semantic web. In: Fensel, D., Sycara, K., Mylopoulos, J. (eds.) ISWC 2003. LNCS, vol. 2870, pp. 402–418. Springer, Heidelberg (2003)
Kim, A., Hoffman, L.J., Martin, C.D.: Building privacy into the semantic web: An ontology needed now. In: Proc. of the International Workshop on the Semantic Web, Honolulu, Hawaii (May 2002)
Nyanchama, M., Osborn, S.L.: The role graph model and conflict of interest. ACM TISSEC 2(1), 3–33 (1999)
Osborn, S., Guo, Y.: Modeling users in role-based access control. In: Fifth ACM Workshop on Role-Based Access Control, Berlin, Germany, pp. 31–38 (July 2000)
Qin, L., Atluri, V.: Concept-level access control for the semantic web. In: Proc. of the ACM Workshop on XML Security (October 2003)
Rabitti, F., Bertino, E., Kim, W., Woelk, D.: A model of authorization for next-generation database systems. ACM Trans Database Syst. 16(1), 88–131 (1991)
Samarati, P., Bertino, E., Jajodia, S.: An authorization model for a distributed hypertext system. IEEE Trans. on Knowledge and Data Engineering 8(4), 555–562 (1996)
Sandhu, R., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Computer 29, 38–47 (1996)
Stoica, A., Farkas, C.: Ontology guided security engine. Journal of Intelligent Information Systems (2004)
w3.org. Resource description framework, http://www.w3.org/TR/rdf-schema/
Wang, J., Osborn, S.L.: A role-based approach to access control for XML databases. In: Proc. ACM SACMAT (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ionita, C.M., Osborn, S.L. (2005). Specifying an Access Control Model for Ontologies for the Semantic Web. In: Jonker, W., Petković, M. (eds) Secure Data Management. SDM 2005. Lecture Notes in Computer Science, vol 3674. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11552338_6
Download citation
DOI: https://doi.org/10.1007/11552338_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-28798-8
Online ISBN: 978-3-540-31974-0
eBook Packages: Computer ScienceComputer Science (R0)