TY - GEN
T1 - Concept-level access control for the Semantic Web
AU - Qin, Li
AU - Atluri, Vijayalakshmi
PY - 2003
Y1 - 2003
N2 - Recently, the notion of the Semantic Web has been introduced to define a machine-interpretable web targeted for automation, integration and reuse of data across different applications. Under the Semantic Web, web pages are annotated by concepts that are formally defined in ontologies along with the relationships among them. As information pertaining to different concepts has varying access control requirements, in this paper, we propose an access control model for the semantic web that is capable of specifying authorizations over concepts defined in ontologies and enforcing them upon data instances annotated by the concepts. It is important to note that semantic relationships among concepts play a key role in making access control decisions. This is because, based on the relationship, one may infer information contained in one concept node from that of the other. Therefore, we first identify the important domain-independent relationships among concepts, categorize them and propose propagation policies based on these categories of relationships. In particular, we allow propagation of authorizations based on the semantic relationships among concepts to prevent illegal inferences. We then show how concept-level security polices can be represented in an OWL-based access control language. Finally, we demonstrate how users' requests can be handled under our access control model. Our concept-level model is especially suitable for the specification and administration of access control over semantically related web data under the Semantic Web even if they conform to different DTDs or use different tag names.
AB - Recently, the notion of the Semantic Web has been introduced to define a machine-interpretable web targeted for automation, integration and reuse of data across different applications. Under the Semantic Web, web pages are annotated by concepts that are formally defined in ontologies along with the relationships among them. As information pertaining to different concepts has varying access control requirements, in this paper, we propose an access control model for the semantic web that is capable of specifying authorizations over concepts defined in ontologies and enforcing them upon data instances annotated by the concepts. It is important to note that semantic relationships among concepts play a key role in making access control decisions. This is because, based on the relationship, one may infer information contained in one concept node from that of the other. Therefore, we first identify the important domain-independent relationships among concepts, categorize them and propose propagation policies based on these categories of relationships. In particular, we allow propagation of authorizations based on the semantic relationships among concepts to prevent illegal inferences. We then show how concept-level security polices can be represented in an OWL-based access control language. Finally, we demonstrate how users' requests can be handled under our access control model. Our concept-level model is especially suitable for the specification and administration of access control over semantically related web data under the Semantic Web even if they conform to different DTDs or use different tag names.
KW - Access control
KW - Concept
KW - Ontology
KW - Propagation
KW - Semantic Web
UR - http://www.scopus.com/inward/record.url?scp=3543150771&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=3543150771&partnerID=8YFLogxK
U2 - https://doi.org/10.1145/968559.968575
DO - https://doi.org/10.1145/968559.968575
M3 - Conference contribution
SN - 158113777X
SN - 9781581137774
T3 - Proceedings of the ACM Workshop on XML Security 2003 (In Association with 10th ACM Conference on Computer and Communications Security)
SP - 94
EP - 103
BT - Proceedings of the ACM Workshop on XML Security 2003 (In Association with 10th ACM Conference on Computer and Communications Security)
PB - Association for Computing Machinery
T2 - Proceedings of the ACM Workshop on XML Security 2003 (In Association with 10th ACM Conference on Computer and Communications Security)
Y2 - 31 October 2003 through 31 October 2003
ER -