Skip to main content
Springer Nature Link
Log in

Ontology-Based RBAC Specification for Interoperation in Distributed Environment

  • Conference paper
The Semantic Web – ASWC 2006 (ASWC 2006)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 4185))

Included in the following conference series:

Abstract

Today, the formulation, specification, and verification of adequate data protection policies in open distributed environment appear as the main challenge to address concerning authorization. Role-based access control models have attracted considerable research interest in recent years due to their innate ability to model organizational structure and their potential to reduce administrative overheads. This paper proposes ontology specification to describe Role-based Access Control model and extend it with a general context expression. Based on these definitions, the specification for interoperation in distributed environment is introduced. The works include a definition of ontology to describe the concepts and a declaration of rules to explicit the relationship between concepts. The ontology based approach can express security policy with semantic information and provide a machine interpretation for descriptions of policy in open distributed environment.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Bacon, J., Moody, K., Yao, W.: A Model of OASIS Role-Based Access Control and Its Support for Active Security. ACM Trans. Information and System Security 5(4), 492–540 (2002)

    Article  Google Scholar 

  2. Osborn, S.L., Sandhu, R., Munawer, Q.: Configuring Role-Based Access Control to Enforce Mandatory and Discretionary Access Control Policies. ACM Trans. Information and System Security 3(2), 85–106 (2000)

    Article  Google Scholar 

  3. Patel-Schneider, P.F., Hayes, P., Horrocks, I. (eds.): OWL: Web Ontology Language Semantics and Abstract Syntax. W3C Recommendation (February 10, 2004), Latest version is available at, http://www.w3.org/TR/owl-semantics/

  4. Horrocks, I., Patel-Schneider, P.F., Boley, H., Tabet, S., Grosof, B., Dean, M.: SWRL: A semantic web rule language combining owl and ruleml. W3C Member Submission (May 21, 2004), Available at, http://www.w3.org/Submission/SWRL/

  5. Ferraiolo, D., et al.: The NIST Model for Role-Based Access Control: Towards a Unified Standard. ACM Trans. Information and System Security 4(3), 224–274 (2001)

    Article  Google Scholar 

  6. Moses, T. (ed.): OASIS eXtensible Access Control Markup Language (XACML) Version 2.0 (July 24, 2003), Latest version is available at, http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf

  7. Joshi, J.B.D.: Access-control language for multidomain environments. IEEE Internet Computing 8(6), 40–50 (2004)

    Article  Google Scholar 

  8. Johnson, M., Chang, P., Jeffers, R., Bradshaw, J., et al.: KAoS Semantic Policy and Domain Services: An Application of DAML to Web Services-Based Grid Architectures. In: AAMAS 2003 workshop on Web Services and Agent-Based Engineering, Melbourne, Australia (July 2003) (submitted)

    Google Scholar 

  9. Uszok, A., Bradshaw, J., Jeffers, R., Suri, N., et al.: KAoS Policy and Domain Services: Toward a Description-Logic Approach to Policy Representation, Deconfliction, and Enforcement. In: Proceedings of IEEE 4th International Workshop on Policies for Distributed Systems and Networks (POLICY 2003), Lake Como, Italy (2003) (to appear)

    Google Scholar 

  10. Kagal, L., Finin, T., Johshi, A.: A Policy Language for Pervasive Computing Environment. In: Proceedings of IEEE 4th International Workshop on Policies for Distributed Systems and Networks (POLICY 2003), Lake Como, Italy (2003) (to appear)

    Google Scholar 

  11. Damianou, N., Dulay, N., Lupu, E., Sloman, M.: The Ponder Policy Specification Language. In: Sloman, M., Lobo, J., Lupu, E.C. (eds.) POLICY 2001. LNCS, vol. 1995, p. 18. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  12. Lodderstedt, T., Basin, D.A., Doser, J.: SecureUML: A UML-Based Modeling Language for Model-Driven Security. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 426–441. Springer, Heidelberg (2002)

    Google Scholar 

  13. Ray, I., Li, N., France, R., Kim, D.-K.: Constraints: Using UML To Visualize Role-Based Access Control Constraints. In: Proceedings of the ninth ACM symposium on Access control models and technologies, pp. 115–124. ACM Press, New York (2004)

    Chapter  Google Scholar 

  14. Covington, M.J., Moyer, M.J., Ahamad, M.: Generalized Role-Based Access Control for Securing Future Applications. In: Proceedings of the 23rd National Information Systems Security Conference (NISSC 2000), Baltimore, MD. U.S.A, October 16-19 (2000)

    Google Scholar 

  15. Gong, L., Qian, X.: Computational Issues in Secure Interoperation. IEEE Trans. Software and Eng. 22(1), 43–52 (1996)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. College of Computer Science, Zhejiang University, 310027, Hangzhou, China

    Di Wu, Xiyuan Chen, Jian Lin & Miaoliang Zhu

Authors
  1. Di Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xiyuan Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jian Lin
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Miaoliang Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. The Institute of Scientific and Industrial Research, Osaka University, 8-1 Mihogaoka, 567-0047, Ibaraki, Osaka, Japan

    Riichiro Mizoguchi

  2. Key Laboratory of Intelligent Information Processing, Institute of Computing Technology, Chinese Academy of Sciences, 100080, Beijing,  

    Zhongzhi Shi

  3. Information and Communication Technology, University of Trento, Italy

    Fausto Giunchiglia

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Wu, D., Chen, X., Lin, J., Zhu, M. (2006). Ontology-Based RBAC Specification for Interoperation in Distributed Environment. In: Mizoguchi, R., Shi, Z., Giunchiglia, F. (eds) The Semantic Web – ASWC 2006. ASWC 2006. Lecture Notes in Computer Science, vol 4185. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11836025_19

Download citation

  • DOI: https://doi.org/10.1007/11836025_19

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-38329-1

  • Online ISBN: 978-3-540-38331-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics