Access Control Policies for Semantic Networks

“…Early work on semantic access control policies by [11] was based on RBAC. However, most of the recent work in this area is based on ABAC [4], [1], [2]. We propose an integrated approach which will include a number of access control models and will be flexible enough to represent access control both inside the enterprise and on the web.…”

“…Although Kolovski et al [14] propose a description logics formalisation for XACML it also does not consider policy propagation based on the semantic relationship between entities. Concept-level access control (CLAC) [4], semantic-based access control (SBAC) [1] and the semantic network access control model proposed by [2] all focus on the policy specification and reasoning in the conceptual layer of the semantic aware environment. Qin et al [4] allow propagation of access controls based on the semantic relationships among concepts.…”

“…Qin et al [4] allow propagation of access controls based on the semantic relationships among concepts. [1], [2] and [3] enhance the semantic relations by allowing propagation based on the semantic relationships between the subjects, objects, and permissions. The framework proposed in Amini et al [3] enables the specification of policy rules in both conceptual and ground levels.…”

“…Although [3] caters for many of the features listed above it does not support exception policies and more importantly their policy language is not based on standards and as such raises questions with respect to usability and interoperability. The framework detailed in [2] is the closest match for our requirements. However, they do not take existing policy representation and provenance into consideration and it is not clear the extent of their use of existing standard based technologies.…”

“…In recent years, there has been a great deal of research into the use of policies for access control [1], [2] and [3]. The term "policy", in this context, is used to refer to the access control model which describes the blueprint, the policy language which defines both the syntax and the semantics of the rules and the framework which is a combination of the access control model, the language and the enforcement mechanism.…”

DC Proposal: Knowledge Based Access Control Policy Specification and Enforcement

“…Early work on semantic access control policies by [11] was based on RBAC. However, most of the recent work in this area is based on ABAC [4], [1], [2]. We propose an integrated approach which will include a number of access control models and will be flexible enough to represent access control both inside the enterprise and on the web.…”

“…Although Kolovski et al [14] propose a description logics formalisation for XACML it also does not consider policy propagation based on the semantic relationship between entities. Concept-level access control (CLAC) [4], semantic-based access control (SBAC) [1] and the semantic network access control model proposed by [2] all focus on the policy specification and reasoning in the conceptual layer of the semantic aware environment. Qin et al [4] allow propagation of access controls based on the semantic relationships among concepts.…”

“…Qin et al [4] allow propagation of access controls based on the semantic relationships among concepts. [1], [2] and [3] enhance the semantic relations by allowing propagation based on the semantic relationships between the subjects, objects, and permissions. The framework proposed in Amini et al [3] enables the specification of policy rules in both conceptual and ground levels.…”

“…Although [3] caters for many of the features listed above it does not support exception policies and more importantly their policy language is not based on standards and as such raises questions with respect to usability and interoperability. The framework detailed in [2] is the closest match for our requirements. However, they do not take existing policy representation and provenance into consideration and it is not clear the extent of their use of existing standard based technologies.…”

“…In recent years, there has been a great deal of research into the use of policies for access control [1], [2] and [3]. The term "policy", in this context, is used to refer to the access control model which describes the blueprint, the policy language which defines both the syntax and the semantics of the rules and the framework which is a combination of the access control model, the language and the enforcement mechanism.…”

DC Proposal: Knowledge Based Access Control Policy Specification and Enforcement

Big Data Curation

Protect Your RDF Data!