Abstract
Access Control is one of the essential and traditional security weapons of data protection. In open and complex environments such as the Internet or cloud computing, the decision to grant access to a resource must ensure a secure management with a specific attention to privacy and data protection regulations. In recent years, many access control models and languages were proposed. Despite increasing legislative pressure, few of these propositions take care of privacy requirements in their specifications. In this paper we propose to enforce privacy compliance in access control policies. Based on a semantic modeling approach, specifically formal ontology, we will try to incorporate data protection legislation requirements in policies specification and implementation. This aims to abstract the complexity of legal requirements expression and to facilitate their automation and enforcement at execution level. Indeed, at run time, the interoperability of diverse information and the reference to the text law are addressed in a novel manner.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
XACML privacy profile is a new profile proposed by the last XACML version 3.0 (at the time of writing this paper).
- 2.
Personally identifiable information.
References
Damiani, E., Samarati, S.: New paradigms for access control in open environments. In: Proceedings of the Fifth IEEE International Symposium Signal Processing and Information Technology, pp. 540–545 (2005)
Reul, Q., Meersman, R.: Ontology-based access control policy interoperability. In: STARLab (2013)
Zhang, N.J., Todd, C.: A privacy agent in context-aware ubiquitous computing environments. In: Leitold, H., Markatos, E.P. (eds.) CMS 2006. LNCS, vol. 4237, pp. 196–205. Springer, Heidelberg (2006)
Garcia, F.: Towards a base ontology for privacy protection in service-oriented architecture. In: IEEE International Conference on Service-Oriented Computing and Applications (SOCA) (2009)
Gruber, T.R.: A translation approach to portable ontology specifications. Knowl. Acquisition 5(2), 199–220 (1993)
Gruber, T.R.: Toward principles for the design of ontologies used for knowledge sharing. Int. J. Hum. Comput. Stud. 43(5–6), 907–928 (1995)
Spyns, P., Meersman, R.: An ontology engineering methodology for DOGMA. Appl. Ontology 3(1–2), 13–39 (2008)
Byun, J., Li, N.: Purpose based access control of complex data for privacy protection. In: Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies. ACM New York (2005)
Covington, M.J., Sastry, M.R.: A contextual attribute-based access control model. In: Meersman, R., Tari, Z., Herrero, P. (eds.) OTM 2006 Workshops. LNCS, vol. 4278, pp. 1996–2006. Springer, Heidelberg (2006)
Gilles, N., Kamel, M.: Ontology learning by analyzing XML document structure and content. In: Proceedings of the International Conference on Knowledge Engineering and Ontology Development KEOD Portugal (2009)
Kamel, M., Rothenburger, B.: Eliciting hierarchical structures from enumerative structures for ontology learning. In: Proceedings of the 6th International Conference on Knowledge Capture K-CAP (2011)
Noy, N.F., McGuiness, D.: An ontology development 101: a guide to creating your first ontology. Standford knowledge systems laboratory Technical report KSL-01-05 and standford medical informatics Technical report SMI-2001-0880 (2001)
Ben Abacha, A., Da Silveira, M., Pruski, C.: Medical ontology validation through question answering. In: Peek, N., Marín Morales, R., Peleg, M. (eds.) AIME 2013. LNCS, vol. 7885, pp. 196–205. Springer, Heidelberg (2013)
Noy, N.F., Musen, M.A.: The protégé OWL plugin: an open development environment for semantic web applications. In: McIlraith, S.A., Plexousakis, D., Harmelen, F. (eds.) ISWC 2004. LNCS, vol. 3298, pp. 229–243. Springer, Heidelberg (2004)
Protege. http://protege.stanford.edu
OECD Privacy. http://www.ncbi.nlm.nih.gov
EC: Data Protection in the European Union. European Commission (2010)
Boussi, H.: Ontology based privacy compliance for health data disclosure in Europe. A thesis report (2010)
Caralt, N.: Modelling legal knowledge through ontologies. A thesis report (2008)
Horrocks, I.: OWL: a description logic based ontology language. In: van Beek, P. (ed.) CP 2005. LNCS, vol. 3709, pp. 5–8. Springer, Heidelberg (2005)
Zhu, J., Smari, W.W.: Attribute based access control and security for collaboration environments. In: Aerospace and Electronics Conference (2008)
Sandhu, R., Park, J.: Usage control: a vision for next generation access control. In: Gorodetsky, V., Popyack, L.J., Skormin, V.A. (eds.) MMM-ACNS 2003. LNCS, vol. 2776, pp. 17–31. Springer, Heidelberg (2003)
Oasis Web Site (2013). http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.html
Anderson, A.H: A Comparison of Two Privacy Policy Languages: EPAL and XACML. GSun Microsystems Labs Technical report (2005)
Özgü, C.A.N., Bursa, O., Ünalir, M.O.: Personalizable ontology-based access control. Gazi Univ. J. Sci. 23(4), 465–474 (2010)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Belaazi, M., Rahmouni, H.B., Bouhoula, A. (2016). An Ontology Regulating Privacy Oriented Access Controls. In: Lambrinoudakis, C., Gabillon, A. (eds) Risks and Security of Internet and Systems. CRiSIS 2015. Lecture Notes in Computer Science(), vol 9572. Springer, Cham. https://doi.org/10.1007/978-3-319-31811-0_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-31811-0_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-31810-3
Online ISBN: 978-3-319-31811-0
eBook Packages: Computer ScienceComputer Science (R0)