Abstract
Today, many organizations generate large amount of data and have many users that need only partial access to resources at any time to collaborate in making critical decisions. Thus, there is a need for a scalable access control model that simplifies the management of security policies and handles the heterogeneity inherent in the information system. This paper proposes an ontology-based distributed solution to this problem, with the benefits of being scalable and producing acceptable response times.
Chapter PDF
Similar content being viewed by others
Keywords
- Access Control
- Resource Description Framework
- Description Logic
- Access Control Policy
- Access Control Model
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Baader, F., McGuinness, D.L., Nardi, D., Patel-Schneider, P.F.: The Description Logic Handbook: Theory, Implementation and Applications. Cambridge University Press, Cambridge (2007)
Bertino, E., Bottati, P.A., Ferrari, E.: TRBAC: A Temporal Role-Based Access Control Model. ACM Transactions on Information and System Security 3(3), 191–223 (2001)
Carroll, J.J., Dickinson, I., Dollin, C., Reynolds, D., Seaborne, A., Wilkinson, K.: Jena: Implementing the Semantic Web Recommendations: HP Laboratories Bristol HPL-2003-146 (2003)
Cirio, L., Cruz, I.F., Tamassia, R.: A Role and Attribute Based Access Control System Using Semantic Web Technologies: On the Move to Meaningful Internet Systems 2007. In: OTM 2007 Workshops (2007)
Ferraiolo, D.F., Sandhu, R., Gavrila, S.: Proposed NIST Standard for Role-Based Access Control. ACM Transactions on Information and System Security, 224–274 (August 2001)
Finin, T.W., Joshi, A., Kagal, L., Niu, J., Sandhu, R.S., Winsborough, W.H., Thuraisingham, B.M.: ROWLBAC-Representing Role Based Access Control in OWL. In: Proceedings of the 13th ACM symposium on Access control models and technologies, pp. 73–82 (2008)
Ferraiolo, D.F., Kuhn, D.R., Chandramouli, R.: Role-Based Access Control. Artech House, Inc. (2003)
Glimm, B., Horrocks, I., Lutz, C., Sattler, U.: Conjunctive Query Answering for the Description Logic SHIQ. Journal of Artificial Intelligence Research 31, 157–204 (2008)
Guo, Y., Heflin, J.: A Scalable Approach for Partitioning OWL Knowledge Bases. In: International Workshop on Scalable Semantic Web Knowledge Bases (2006)
Hatcher, E., Gospodnetic, O., McCandless, M.: Lucene in Action, 2nd edn. Manning (2004)
HIPAA: U.S. Department of Health and Human Services, http://www.hhs.gov/ocr/privacy/
Horrocks, I., Patel-Schneider, P.F., Boley, H., Tabet, S., Grosof, B., Dean, M.: SWRL: A Semantic Web Rule Language Combining OWL and RuleML: W3C Member Submission May 21 (2004), Latest version is available at http://www.w3.org/Submission/SWRL/
Joshi, J.B.D., Bertino, E., Ghafoor, A.: A Generalized Temporal Role-Based Access Control Model. IEEE Transactions on Knowledge and Data Engineering 17 (January 2005)
Kataria, P., Juric, R., Paurobally, S., Madani, K.: Implementation of Ontology for Intelligent Hospital Wards. In: Proceedings of the 41st Annual Hawaii International Conference on System Sciences, HICSS 2008 (2008)
Kolovski, V., Hendler, J., Parsia, B.: Analyzing web access control policies. In: Proceedings of the 16th international conference on World Wide Web, Banff, Alberta, Canada, May 08–12 (2007)
Levandoski, J.J., Mokbel, M.F.: RDF Data-Centric Storage. In: ICWS (2009)
Liu, A.X., Chen, F., Hwang, J., Xie, T.: Xengine: a fast and scalable XACML policy evaluation engine. In: ACM Sigmetrics Performance Evaluation Review, SIGMETRICS 2008 (2008)
McGuinness, D.L., Harmelen, F.: OWL Web Ontology Language Overview. World Wide Web Consortium W3C Recommendation February 10 (2004), http://www.w3.org/TR/owl-features/
Motik, B., Sattler, U., Studer, R.: Query Answering for OWL-DL with Rules. Web Semantics: Science, Services and Agents on the World Wide Web 3(1), 41–60 (2005)
Owens, A., Seaborne, A., Gibbins, N.: Clustered TDB: A Clustered Triple Store for Jena. In: WWW 2009 (2009)
Perez, J., Arenas, M., Gutierrez, C.: Semantics and complexity of SPARQL. ACM Transactions on Database Systems, TODS (2009)
Resource Description Framework (RDF): Concepts and Abstract Syntax. W3C Recommendation (2004), http://www.w3.org/RDF/
Sirin, E., Parsia, E.: Optimizations for Answering Conjunctive ABox Queries: First Results. In: Proceedings of the 2006 International Workshop on Description Logics (2006)
Sirin, E., Parsia, B., Grau, B.C., Kalyanpur, A., Katz, Y.: Pellet: A Practical OWL-DL Reasoner. Journal of Web Semantics (2007)
SPARQL Query Language for RDF, W3C Recommendation January 15 (2008), http://www.w3.org/TR/rdf-sparql-query/
Winter, A., Brigl, B., Wendt, T.: A UML-based Ontology for Describing Hospital Information System Architectures. Studies in health technology and informatics 2001, pp. 778–782 (2005)
Zhao, C., Heilili, N., Liu, S., Lin, Z.: Representation and Reasoning on RBAC: A Description Logic Approach. In: Van Hung, D., Wirsing, M. (eds.) ICTAC 2005. LNCS, vol. 3722, pp. 381–393. Springer, Heidelberg (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cadenhead, T., Kantarcioglu, M., Thuraisingham, B. (2010). Scalable and Efficient Reasoning for Enforcing Role-Based Access Control. In: Foresti, S., Jajodia, S. (eds) Data and Applications Security and Privacy XXIV. DBSec 2010. Lecture Notes in Computer Science, vol 6166. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-13739-6_14
Download citation
DOI: https://doi.org/10.1007/978-3-642-13739-6_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-13738-9
Online ISBN: 978-3-642-13739-6
eBook Packages: Computer ScienceComputer Science (R0)