Skip to main content
SpringerLink
Log in
Book cover

International Conference on Information Systems Security

ICISS 2010: Information Systems Security pp 186–200Cite as

Specification of History Based Constraints for Access Control in Conceptual Level

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6503))

Abstract

An access control model for Semantic Web should take the semantic relationships among the entities, defined in the abstract conceptual level (i.e., ontology level), into account. Authorization and policy specification based on a logical model let us infer implicit security policies from the explicit ones based on the defined semantic relationships in the domains of subjects, objects, and actions. In this paper, we propose a logic based access control model for specification and inference of history-constrained access policies in conceptual level of Semantic Web. The proposed model (named TDLBAC-2) enables authorities to state policy rules based on the history of users’ accesses using a temporal description logic called \(\mathcal{DLR}_{US}\). The expressive power of the model is shown through seven different patterns for stating history-constrained access policies. The designed access decision algorithm of the model leverages the inference services of \(\mathcal{DLR}_{US}\), which facilitates the implementation of an enforcement system working based on the proposed model. Sound inference, history-awareness, ability to define access policies in conceptual level, and preciseness are the main advantages of the proposed model.

Thanks to ITRC (Iran Telecommunication Research Center) for partial support of this work.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Javanmardi, S., Amini, M., Jalili, R., GanjiSaffar, Y.: SBAC: A Semantic–Based Access Control Model. In: Proceedings of the 11th Nordic Workshop on Secure IT-Systems, NordSec2006, Linkping, Sweden:[sn], pp. 157–168 (2006)

    Google Scholar 

  2. Ravari, A.N., Amini, M., Jalili, R.: A Semantic Aware Access Control Model with Real Time Constraints on History of Accesses. In: International Multiconference on Computer Science and Information Technology, pp. 827–836 (2008)

    Google Scholar 

  3. Faghih, F., Amini, M., Jalili, R.: A Temporal Description Logic Based Access Control Model for Expressing History Constrained Policies in Semantic Web. In: Proceedings of the 2009 IEEE International Symposium on Policies for Distributed Systems and Networks, pp. 142–149. IEEE Computer Society, Los Alamitos (2009)

    Chapter  Google Scholar 

  4. Kołaczek, G.: Application of Deontic Logic in Role–Based Access Control. Int. J. Appl. Math. Comput. Sci. 12(2), 269–275 (2002)

    MATH  Google Scholar 

  5. Chae, J.: Towards Modal Logic Formalization of Role-Based Access Control with Object Classes. In: Derrick, J., Vain, J. (eds.) FORTE 2007. LNCS, vol. 4574, p. 97. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  6. Baader, F., Horrocks, I., Sattler, U.: Description logics as ontology languages for the semantic web. LNCS (LNAI), pp. 228–248. Springer, Heidelberg (2005)

    MATH  Google Scholar 

  7. Artale, A., Franconi, E., Wolter, F., Zakharyaschev, M.: A temporal description logic for reasoning over conceptual schemas and queries. LNCS, pp. 98–110. Springer, Heidelberg (2002)

    MATH  Google Scholar 

  8. Artale, A., Franconi, E., Mosurovic, M., Wolter, F., Zakharyaschev, M.: The DLRUS temporal description logic. In: Proceedings of the 2001 Description Logic Workshop (DL 2001), Citeseer, pp. 96–105 (2001)

    Google Scholar 

  9. Baader, F., Calvanese, D., McGuinness, D.L., Patel-Schneider, P., Nardi, D.: The description logic handbook: theory, implementation, and applications. Cambridge Univ. Pr., Cambridge (2003)

    MATH  Google Scholar 

  10. Calvanese, D., De Giacomo, G., Lembo, D., Lenzerini, M., Rosati, R.: Data complexity of query answering in description logics. In: Proc. of the 10th Int. Conf. on the Principles of Knowledge Representation and Reasoning (KR 2006), pp. 260–270 (2006)

    Google Scholar 

  11. Calvanese, D., De Giacomo, G., Lenzerini, M.: Conjunctive query containment and answering under description logic constraints. ACM Transactions on Computational Logic (TOCL) 9(3), 22 (2008)

    Article  MathSciNet  MATH  Google Scholar 

  12. Brewer, D.F.C., Nash, M.J.: The Chinese wall security policy. In: Proceedings of the 1989 IEEE Symposium on Security and Privacy, Citeseer, pp. 206–214 (1989)

    Google Scholar 

  13. Edjlali, G., Acharya, A., Chaudhary, V.: History-based access control for mobile code. In: Proceedings of the 5th ACM Conference on Computer and Communications Security, pp. 38–48. ACM, New York (1998)

    Google Scholar 

  14. Abadi, M., Fournet, C.: Access control based on execution history. In: Proceedings of the 10th Annual Network and Distributed System Security Symposium, Citeseer, pp. 107–121 (2003)

    Google Scholar 

  15. Bertino, E., Ferrari, E., Atluri, V.: The specification and enforcement of authorization constraints in workflow management systems. ACM Transactions on Information and System Security (TISSEC) 2(1), 104 (1999)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Comp. Eng., Sharif University of Technology, Tehran, Iran

    Fathiyeh Faghih, Morteza Amini & Rasool Jalili

Authors
  1. Fathiyeh Faghih
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Morteza Amini
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Rasool Jalili
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Sciences Department, University of Wisconsin, 53706, Madison, WI, USA

    Somesh Jha

  2. Dhirubhai Ambani Institute of Information and Communication Technology, Gandhinagar, 382007, Gujarat, India

    Anish Mathuria

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Faghih, F., Amini, M., Jalili, R. (2010). Specification of History Based Constraints for Access Control in Conceptual Level. In: Jha, S., Mathuria, A. (eds) Information Systems Security. ICISS 2010. Lecture Notes in Computer Science, vol 6503. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17714-9_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-17714-9_14

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-17713-2

  • Online ISBN: 978-3-642-17714-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation