BibTex RIS Cite

Personalizable Ontology Based Access Control

Year 2010, Volume: 23 Issue: 4, 465 - 474, 19.03.2010

Abstract

The main idea of Semantic Web is creating web pages which are also understood by machines and using ontologies to unify data. Improving a secure Semantic Web is one of the main works in Semantic Web research area. For this purpose, policies are used. Policy is a set of rules and provides an access control mechanism for a resource without making any change in that resource. Policy management in Semantic Web is used to define rules for accessing a resource and to provide users to interpret and comply with these rules. One of the key features to develop successful personalized Semantic Web applications is to build user profiles. In this paper, we developed an Ontology-Based Access Control (OBAC) model. This model represents domain and profile information semantically and has a profile based policy approach in order to achieve a personalized policy management for Semantic Web. We store personal information in profiles and model this information semantically to make it part of access control model. Thus, we created two kinds of policies: domain and profile based policies. We implemented an Ontology-Based Access Control application which creates, modifies, and deletes policy ontologies. Policy conflicts are also resolved to provide fine-grained policies in OBAC model. The main contributions of this work are: defining semantically rich resource and entity policies for an OntologyBased Access Control mechanism and making use of these policies in terms of the personalization scope.

 

 Key Words: Semantic Web, Ontology, Policy, Profile, Personalization, Conflict Resolution.

References

  • Finin, T. et al., “ROWLBAC - Representing Role Based Access Control in OWL”, Proceedings of the 13th Symposium on Access Control Models and Technologies, Colorado, USA (2008).
  • Tonti, G., Bradshaw, J. M., Jeffers, R., Monranari, R., Suri, N., Uszok, A., “Semantic Web Languages for Policy Representation and Reasoning: A Comparison of KaoS, Rei, and Ponder”, 2nd International Semantic Web Conference (ISWC 2003), 419-437 (2003).
  • Kagal, L., Finin, T., Joshi, A., “A Policy Language for a Pervasive Computing Environment”, POLICY '03: Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks, 63 (2003).
  • Uszok, A., Bradshaw, J. M., Jeffers, R., “KAoS: A Policy and Domain Services Framework for Grid Computing and Semantic Web Services”, Second International Conference on Trust Management, Springer-Verlag (2004).
  • Kagal, L., Finin, T., Joshi, A., “A Policy Based Approach to Security for the Semantic Web”, 2nd International Semantic Web Conference (ISWC 2003), Sanibal Island, Florida, USA 402-418 (2003).
  • Cuppens, F., Miège, A., “Modelling Contexts in the Or-BAC Model”, 19th Annual Computer Security Applications Conference (2003).
  • Yuan, E., Tong, J., “Attributed Based Access Control (ABAC) for Web Services”, In ICWS’05: IEEE International Conference on Web Services 569 (2005).
  • Jrad, Z., Aufaure, M.A., “Personalized Interfaces for a Semantic Web Portal”, Tourism Information Search, In KES 2007/WIRN 2007, Part III, LNAI 4694, 695-702 (2007).
  • Thuraisingham, B., “Building Trustworthy Semantic Webs”, Auerbach Publications, ISBN:0849350808 (2007).
  • Studer, R., Benjamins, V. R., Fensel, D., “Knowledge Engineering: Principles and Methods”, Data Knowl. Eng., 25(1-2): 161-197 (1998).
  • Rich, E., “Users are individuals: individualizing user models”, International Journal of Man-Machine Studies, 18: 99-214 (1983).
  • Antoniou, G. and van Harmelen, F., “A Semantic Web Primer”, The MIT Press, ISBN 0-262-01210-3 (2004).
  • Gauch, S., Speretta, M., Chandramouli, A., Micarelli,
  • A., “User Profiles for Personalized Information
  • Access”, The Adaptive Web 2007, 54-89 (2007).
  • Dzbor, M., Motta, E., “Engineering and Customizing Ontologies”, In Ontology Management, Semantic Web, Semantic Web Services, and Business Applications, 25-57 (2008).
  • Kagal, L., “Rei: A Policy Language for the Me- Centric Project”, TechReport, HP Labs, September (2002).
  • Lupu, E. C. and Sloman, M., “Conflicts in policy- based distributed systems management”, IEEE Transactions on Software Engineering, November/December 25(6):852–869 (1999).
Year 2010, Volume: 23 Issue: 4, 465 - 474, 19.03.2010

Abstract

References

  • Finin, T. et al., “ROWLBAC - Representing Role Based Access Control in OWL”, Proceedings of the 13th Symposium on Access Control Models and Technologies, Colorado, USA (2008).
  • Tonti, G., Bradshaw, J. M., Jeffers, R., Monranari, R., Suri, N., Uszok, A., “Semantic Web Languages for Policy Representation and Reasoning: A Comparison of KaoS, Rei, and Ponder”, 2nd International Semantic Web Conference (ISWC 2003), 419-437 (2003).
  • Kagal, L., Finin, T., Joshi, A., “A Policy Language for a Pervasive Computing Environment”, POLICY '03: Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks, 63 (2003).
  • Uszok, A., Bradshaw, J. M., Jeffers, R., “KAoS: A Policy and Domain Services Framework for Grid Computing and Semantic Web Services”, Second International Conference on Trust Management, Springer-Verlag (2004).
  • Kagal, L., Finin, T., Joshi, A., “A Policy Based Approach to Security for the Semantic Web”, 2nd International Semantic Web Conference (ISWC 2003), Sanibal Island, Florida, USA 402-418 (2003).
  • Cuppens, F., Miège, A., “Modelling Contexts in the Or-BAC Model”, 19th Annual Computer Security Applications Conference (2003).
  • Yuan, E., Tong, J., “Attributed Based Access Control (ABAC) for Web Services”, In ICWS’05: IEEE International Conference on Web Services 569 (2005).
  • Jrad, Z., Aufaure, M.A., “Personalized Interfaces for a Semantic Web Portal”, Tourism Information Search, In KES 2007/WIRN 2007, Part III, LNAI 4694, 695-702 (2007).
  • Thuraisingham, B., “Building Trustworthy Semantic Webs”, Auerbach Publications, ISBN:0849350808 (2007).
  • Studer, R., Benjamins, V. R., Fensel, D., “Knowledge Engineering: Principles and Methods”, Data Knowl. Eng., 25(1-2): 161-197 (1998).
  • Rich, E., “Users are individuals: individualizing user models”, International Journal of Man-Machine Studies, 18: 99-214 (1983).
  • Antoniou, G. and van Harmelen, F., “A Semantic Web Primer”, The MIT Press, ISBN 0-262-01210-3 (2004).
  • Gauch, S., Speretta, M., Chandramouli, A., Micarelli,
  • A., “User Profiles for Personalized Information
  • Access”, The Adaptive Web 2007, 54-89 (2007).
  • Dzbor, M., Motta, E., “Engineering and Customizing Ontologies”, In Ontology Management, Semantic Web, Semantic Web Services, and Business Applications, 25-57 (2008).
  • Kagal, L., “Rei: A Policy Language for the Me- Centric Project”, TechReport, HP Labs, September (2002).
  • Lupu, E. C. and Sloman, M., “Conflicts in policy- based distributed systems management”, IEEE Transactions on Software Engineering, November/December 25(6):852–869 (1999).
There are 18 citations in total.

Details

Primary Language English
Journal Section Computer Engineering
Authors

Özgü Can

Okan Bursa This is me

Murat Ünalır

Publication Date March 19, 2010
Published in Issue Year 2010 Volume: 23 Issue: 4

Cite

APA Can, Ö., Bursa, O., & Ünalır, M. (2010). Personalizable Ontology Based Access Control. Gazi University Journal of Science, 23(4), 465-474.
AMA Can Ö, Bursa O, Ünalır M. Personalizable Ontology Based Access Control. Gazi University Journal of Science. September 2010;23(4):465-474.
Chicago Can, Özgü, Okan Bursa, and Murat Ünalır. “Personalizable Ontology Based Access Control”. Gazi University Journal of Science 23, no. 4 (September 2010): 465-74.
EndNote Can Ö, Bursa O, Ünalır M (September 1, 2010) Personalizable Ontology Based Access Control. Gazi University Journal of Science 23 4 465–474.
IEEE Ö. Can, O. Bursa, and M. Ünalır, “Personalizable Ontology Based Access Control”, Gazi University Journal of Science, vol. 23, no. 4, pp. 465–474, 2010.
ISNAD Can, Özgü et al. “Personalizable Ontology Based Access Control”. Gazi University Journal of Science 23/4 (September 2010), 465-474.
JAMA Can Ö, Bursa O, Ünalır M. Personalizable Ontology Based Access Control. Gazi University Journal of Science. 2010;23:465–474.
MLA Can, Özgü et al. “Personalizable Ontology Based Access Control”. Gazi University Journal of Science, vol. 23, no. 4, 2010, pp. 465-74.
Vancouver Can Ö, Bursa O, Ünalır M. Personalizable Ontology Based Access Control. Gazi University Journal of Science. 2010;23(4):465-74.