Abstract
This paper discusses an interoperability solution (tool) for the internal management of a policy decision engine located at the level of the authorization layer of a service oriented environment. The tool aims to support federated access control in the context of distributed architectures, in which a local authorization policy is not able to recognize all the attributes in the authorization decision requests. The approach is based on an ontology-based interoperation service (OBIS) whose role is to translate security attributes (name-value pairs) from local security vocabularies into the attributes recognized by the central (Master Policy Decision Point) vocabulary based on a security ontology and its domain-specific extensions which provides semantic reasoning services. The approach is validated in an e-Health scenario for the access of patient data for diabetes patient monitoring and disease management.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Ciuciu, I., Zhao, G., Chadwick, D.W., Reul, Q., Meersman, R., Vasquez, C., Hibbert, M., Winfield, S., Kirkham, T.: Ontology-based Interoperation for Securely Shared Services. In: Proc. IEEE Int. Conf. on New Technologies, Mobility and Security (NTMS 2011), Paris, France (2011)
Claerhout, B., Carlton, D., Kunst, C., Polman, L., Pruis, D., Schilders, L., Winfield, S.: Pilots Specifications and Use Case Scenarios, TAS3, Deliverable D9.1, Trusted Architecture for Securely Shared Services (2010), http://tas3.eu/
Yague, M., Gallardo, M., Mana, A.: Semantic access control model: a formal specification. In: Proc. 10th European Symposium on Research in Computer Security, pp. 23–24 (2005)
Mitra, P., Liu, P.: Semantic access control for information interoperation. In: Proc. 11th ACM Symposium on Access Control Models and Technologies, pp. 237–246 (2006)
Verma, K., Akkiraju, R., Goodwin, R.: Semantic matching of web service policies. In: Proc. 2nd Int. Workshop on Semantic and Dynamic Web Processes, pp. 79–90 (2005)
Uszok, A., Bradshaw, J.M., Lott, J., Breedy, M.R., Bunch, L., Feltovich, P.J., Johnson, M., Jung, H.: New developments in ontology-based policy management: Increasing the practicality and comprehensiveness of KAoS. In: Proc. IEEE Workshop on Policies for Distributed Systems and Networks, pp. 145–152 (2008)
Dersingh, A., Liscano, R., Jost, A., Finnson, J., Senthilnathan, R.: Utilizing semantic knowledge for access control in pervasive and ubiquitous systems. Mobile Netw. Appl. 15, 267–282 (2010)
Damiani, E., De Capitani di Vimercati, S., Fugazza, C., Samarati, P.: Extending Policy Languages to the Semantic Web. In: Koch, N., Fraternali, P., Wirsing, M. (eds.) ICWE 2004. LNCS, vol. 3140, pp. 330–343. Springer, Heidelberg (2004)
Smith, M., Schain, A., Clark, K., Griffey, A., Kolovski, V.: Mother, May I? OWL-based Policy Management at NASA. In: OWLED (2007)
Ferrini, R., Bertino, E.: Supporting RBAC with XACML+OWL. In: SACMAT, pp. 145–154 (2009)
Spyns, P., Tang, Y., Meersman, R.: An Ontology Engineering Methodology for DOGMA. J. of App. Ontology 3(1-2), 13–39 (2008)
Halpin, T.: Information Modeling and Relational Databases: From Conceptual Analysis to Logical Design. Morgan Kaufmann, San Francisco (2001)
Spyns, P., Meersman, R., Jarrar, M.: Data Modeling Versus Ontology Engineering. SIGMOD Record: Special Issue on Semantic Web and Data Management 31(4) (2002)
Tang, Y., Meersman, R.: SDRule Markup Language: Towards Modeling and Interchanging Ontological Commitments for Semantic Decision Making. In: Handbook of Research on Emerging Rule-Based Languages and Technologies: Open Solutions and Approaches. IGI Publishing, USA (2009) ISBN: 1-60566-402-2
Sirin, E., Parsia, B., Grau, B.C., Kalyanpur, A., Katz, Y.: Pellet: A practical OWL-DL reasoned. J. of Web Semantics (2007)
OASIS “eXtensible Access Control Markup Language” (XACML) Version 2.0 OASIS Standard (2005)
Trog, D., Tang, Y., Meersman, R.: Towards Ontological Commitments with Ω-RIDL Markup Language. In: Ontologies, Databases and Applications of Semantics, Villamoura, Portugal (2007)
Verheyden, P., De Bo, J., Meersman, R.: Semantically Unlocking Database Content Through Ontology-Based Mediation. In: Bussler, C.J., Tannen, V., Fundulaki, I. (eds.) SWDB 2004. LNCS, vol. 3372, pp. 109–126. Springer, Heidelberg (2005)
Tang, Y., De Baer, P., Zhao, G., Meersman, R., Pudkey, K.: Towards a Pattern-Driven Topical Ontology Modeling Methodology in Elderly Care Homes. In: Meersman, R., Herrero, P., Dillon, T. (eds.) OTM 2009 Workshops. LNCS, vol. 5872, pp. 514–523. Springer, Heidelberg (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ciuciu, I., Claerhout, B., Schilders, L., Meersman, R. (2011). Ontology-Based Matching of Security Attributes for Personal Data Access in e-Health. In: Meersman, R., et al. On the Move to Meaningful Internet Systems: OTM 2011. OTM 2011. Lecture Notes in Computer Science, vol 7045. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25106-1_13
Download citation
DOI: https://doi.org/10.1007/978-3-642-25106-1_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-25105-4
Online ISBN: 978-3-642-25106-1
eBook Packages: Computer ScienceComputer Science (R0)