Abstract
Access control is a challenging problem for web service due to its open and distributed nature, which has not been addressed properly at present. In this paper, we show how semantic web technologies can be used to build a flexible access control system for web service. Role-based Access Control model is followed and extended with credentials. The access control model is represented by an OWL-DL ontology, and specific semantic rules are constructed to implement such as dynamic roles assignment, separation of duty constraints and roles hierarchy reasoning, etc. These semantic rules can be verified and executed automatically by the reasoning engine, which can simplify the definition and enhance the interoperability of the access control policies. A prototype implementation is also provided to validate the proposal.
Keywords
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Singhal, A., Winograd, T., Scarfone, K.: Guide to Secure Web Service. NIST Special Publication 800-95 (2007)
Coetzee, M., Eloff, J.: Towards Web Service Access Control. Computers & Security 23, 559–570 (2004)
Bartoletti, M., Degano, P., Ferrari, G., Zunino, R.: Semantics-Based Design for Secure Web Services. IEEE Transactions on Software Engineering 34(1), 33–49 (2008)
David, F., Ravi, S., Serban, G.: Proposed NIST Standard for Role-Based Access Control. ACM Transactions on Information and System Security 4(3), 224–274 (2001)
Lorenzo, C., Isabel, F.C., Roberto, T.: A Role and Attribute Based Access Control System Using Semantic Web Technologies. In: Meersman, R., Tari, Z., Herrero, P. (eds.) OTM-WS 2007, Part II. LNCS, vol. 4806, pp. 1256–1266. Springer, Heidelberg (2007)
Eric, Y., Jin, T.: Attributed based access control for Web services. In: IEEE International Conference on Web Services, pp. 561–569 (2005)
Priebe, T., Dobmeier, W., Kamprath, N.: Supporting Attribute-based Access Control in Authorization and Authentication Infrastructures with Ontologies. Journal of Software 2(1), 27–38 (2007)
Bhatti, R., Bertino, E., Ghafoor, A., Joshi, J.: XML-based Specification for Web Services Document Security. IEEE Computer 37(4), 41–49 (2004)
Wu, M., Chen, J.X., Ding, Y.S.: Role-Based Access Control for Web Services. WSEAS Transactions on Information Science and Applications 3(8), 1553–1558 (2006)
W3C: OWL Web Ontology Language Reference (2004), http://www.w3.org/TR/2004/REC-owl-ref-20040210/
W3C: SWRL: A Semantic Web Rule Language Combining OWL and RuleML (2004), http://www.w3.org/Submission/SWRL/
Finin, T., Joshi, A., Kagal, L., et al.: ROWLBAC: Representing Role Based Access Control in OWL. In: 13th ACM Symposium on Access Control Models and Technologies, Colorado, USA, pp. 73–82 (2008)
Knechtel, M., Hladik, J.: RBAC Authorization Decision with DL Reasoning. In: IADIS International Conference WWW/Internet, pp. 169–176 (2008)
Toninelli, A., Montanari, R., Kagal, L., Lassila, O.: A semantic context-aware access control framework for secure collaborations in pervasive computing environments. In: Cruz, I., Decker, S., Allemang, D., Preist, C., Schwabe, D., Mika, P., Uschold, M., Aroyo, L.M. (eds.) ISWC 2006. LNCS, vol. 4273, pp. 473–486. Springer, Heidelberg (2006)
Zhao, C., Heilili, N., Liu, S.: Representation and Reasoning on RBAC: A Description Logic Approach. In: Van Hung, D., Wirsing, M. (eds.) ICTAC 2005. LNCS, vol. 3722, pp. 381–393. Springer, Heidelberg (2005)
Chae, J.H., Shiri, N.: Formalization of RBAC policy with object class hierarchy. In: Dawson, E., Wong, D.S. (eds.) ISPEC 2007. LNCS, vol. 4464, pp. 162–176. Springer, Heidelberg (2007)
Wu, D., Lin, J.: Using Semantic Web Technologies to Specify Constraints of RBAC. In: 6th International Conference on Parallel and Distributed Computing, Applications and Technologies, pp. 543–545 (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
He, Z., Huang, K., Wu, L., Li, H., Lai, H. (2010). Using Semantic Web Techniques to Implement Access Control for Web Service. In: Zhu, R., Zhang, Y., Liu, B., Liu, C. (eds) Information Computing and Applications. ICICA 2010. Communications in Computer and Information Science, vol 105. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16336-4_34
Download citation
DOI: https://doi.org/10.1007/978-3-642-16336-4_34
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-16335-7
Online ISBN: 978-3-642-16336-4
eBook Packages: Computer ScienceComputer Science (R0)