Role-Based Access Control Models
Computer
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
The Ponder Policy Specification Language
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
Framework for role-based delegation models
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
A Model for Attribute-Based User-Role Assignment
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
A Policy Language for a Pervasive Computing Environment
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Design of a Role-Based Trust-Management Framework
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
A Practically Implementable and Tractable Delegation Logic
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
The description logic handbook: theory, implementation, and applications
The description logic handbook: theory, implementation, and applications
A logic-based framework for attribute based access control
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Beyond proof-of-compliance: security analysis in trust management
Journal of the ACM (JACM)
Using Semantic Web Technologies to Specify Constraints of RBAC
PDCAT '05 Proceedings of the Sixth International Conference on Parallel and Distributed Computing Applications and Technologies
Achieving Privacy in Trust Negotiations with an Ontology-Based Approach
IEEE Transactions on Dependable and Secure Computing
Communications of the ACM - Privacy and security in highly dynamic systems
Information and Computation
N3logic: A logical framework for the world wide web
Theory and Practice of Logic Programming
Apply Model Checking to Security Analysis in Trust Management
ICDEW '07 Proceedings of the 2007 IEEE 23rd International Conference on Data Engineering Workshop
Supporting Collaborative Ontology Development in Protégé
ISWC '08 Proceedings of the 7th International Conference on The Semantic Web
Towards movement-aware access control
SPRINGL '08 Proceedings of the SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS
Consistency checking of role assignments in inter-organizational collaboration
SPRINGL '08 Proceedings of the SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS
A discussion on security typing and measurement for SOA
ACM SIGSOFT Software Engineering Notes
Supporting RBAC with XACML+OWL
Proceedings of the 14th ACM symposium on Access control models and technologies
A semantic web based framework for social network access control
Proceedings of the 14th ACM symposium on Access control models and technologies
An architecture for specification and enforcement of temporal access control constraints using OWL
Proceedings of the 2009 ACM workshop on Secure web services
XML secure views using semantic access control
Proceedings of the 2010 EDBT/ICDT Workshops
Scalable and efficient reasoning for enforcing role-based access control
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
SecurOntology: A semantic web access control framework
Computer Standards & Interfaces
EL with default attributes and overriding
ISWC'10 Proceedings of the 9th international semantic web conference on The semantic web - Volume Part I
Supporting role based provisioning with rules using OWL and F-logic
OTM'10 Proceedings of the 2010 international conference on On the move to meaningful internet systems - Volume Part I
Enabling access to web resources through SecPODE-based annotations
OTM'10 Proceedings of the 2010 international conference on On the move to meaningful internet systems
A controlled natural language interface for authoring access control policies
Proceedings of the 2011 ACM Symposium on Applied Computing
Editorial: Using OWL and SWRL to represent and reason with situation-based access control policies
Data & Knowledge Engineering
Composing transformations for instrumentation and optimization
PEPM '12 Proceedings of the ACM SIGPLAN 2012 workshop on Partial evaluation and program manipulation
RBAC-based access control for privacy preserving in semantic web
Proceedings of the 4th International Conference on Uniquitous Information Management and Communication
A dynamic access control model
Applied Intelligence
Datalog for security, privacy and trust
Datalog'10 Proceedings of the First international conference on Datalog Reloaded
Ubiquitous access control for SPARQL endpoints: lessons learned and future challenges
Proceedings of the 21st international conference companion on World Wide Web
Defeasible inclusions in low-complexity DLs
Journal of Artificial Intelligence Research
Decentralized semantic threat graphs
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
SCIMS: a social context information management system for socially-aware applications
CAiSE'12 Proceedings of the 24th international conference on Advanced Information Systems Engineering
Role-Based access control for model-driven web applications
ICWE'12 Proceedings of the 12th international conference on Web Engineering
CA-ABAC: Class Algebra Attribute-Based Access Control
WI-IAT '12 Proceedings of the The 2012 IEEE/WIC/ACM International Joint Conferences on Web Intelligence and Intelligent Agent Technology - Volume 03
An ontology-based approach to automated trust negotiation
Computer Standards & Interfaces
Ontology-based access control model for security policy reasoning in cloud computing
The Journal of Supercomputing
Hi-index | 0.00 |
There have been two parallel themes in access control research in recent years. On the one hand there are efforts to develop new access control models to meet the policy needs of real world application domains. In parallel, and almost separately, researchers have developed policy languages for access control. This paper is motivated by the consideration that these two parallel efforts need to develop synergy. A policy language in the abstract without ties to a model gives the designer little guidance. Conversely a model may not have the machinery to express all the policy details of a given system or may deliberately leave important aspects unspecified. Our vision for the future is a world where advanced access control concepts are embodied in models that are supported by policy languages in a natural intuitive manner, while allowing for details beyond the models to be further specified in the policy language. This paper studies the relationship between the Web Ontology Language (OWL) and the Role Based Access Control (RBAC) model. Although OWL is a web ontology language and not specifically designed for expressing authorization policies, it has been used successfully for this purpose in previous work. OWL is a leading specification language for the Semantic Web, making it a natural vehicle for providing access control in that context. In this paper we show two different ways to support the NIST Standard RBAC model in OWL and then discuss how the OWL constructions can be extended to model attribute-based RBAC or more generally attribute-based access control. We further examine and assess OWL's suitability for two other access control problems: supporting attribute based access control and performing security analysis in a trust-management framework.