Semantic-Web style metadata for advanced context representation and domain knowledge are likely to play a more and more important role within access control models and languages. This paper outlines how context metadata can be referred to in semantics-aware access control policies and discusses the main open issues in designing, producing, and maintaining metadata for security.
Abstract
INTRODUCTIONIt is widely recognized that a well-understood model and a highly expressive language for access control are of paramount importance in today's global network environment. A common syntax and semantics for specifying and enforcing access control policies makes it possible to express and exchange the conditions under which distributed resources and services can be used in an open environment. Sharing and composing access control policies enables cooperation and federation of distributed services, as required by emerging Web-based computation paradigms. In this paper, we present our recent research work [2], dealing with three key aspects of knowledge representation involved in this new generation of access control languages:Resource representation. Writing access control policies where resources to be protected are pointed at via data identifiers and access conditions are evaluated against their attribute values is not sufficient anymore. Rather, it is important to be able to specify access control requirements about resources in terms of available metadata describing them.Context representation. Distributed environments have increased the amount of context information available at policy evaluation time (e.g., location-based one), and this information is achieving a more and more important role.Subject identity. Evaluating conditions on the subject requesting access to a resource often means accessing personal information either pre-
178
DATA AND APPLICATIONS SECURITY XVIIIsented by the requestor as a part of the authentication process or available elsewhere. Identifying subjects raises a number of privacy issues, since electronic transactions (e.g., purchases) require disclosure of a far greater quantity of information than their physical counterparts. A number of alternatives to strong identities are coming of age, all of them involving advanced metadata. Recent research work by our group [3] is based on the idea that reputations are a resource that can be computed on the basis of the views of a user community about a pseudonym; also, reputations can be stored, maintained, and certified.For metadata to play the fundamental role outlined above, several research problems need to be solved. To begin with, description metadata must be authenticated and aggregated before their content can be used for policy evaluation, and the need to determine metadata trustworthiness becomes important. A number of XML-based standards [18] are available that describe resources (including users) and services as well as circumstances and the environment where the transaction takes place. Promising approaches have started to emerge which ...
