An architecture for specification and enforcement of temporal access control constraints using OWL

Authors:
Hassan Takabi;Minsoo Kim;James B.D. Joshi;Michael B. Spring
Affiliations:
University of Pittsburgh, Pittsburgh, PA, USA;Ajou University, Suwon, South Korea;University of Pittsburgh, Pittsburgh, PA, USA;University of Pittsburgh, Pittsburgh, PA, USA
Venue:
Proceedings of the 2009 ACM workshop on Secure web services
Year:
2009

Citing 10
Cited 0

KAoS Policy and Domain Services: Toward a Description-Logic Approach to Policy Representation, Deconfliction, and Enforcement

POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
A Policy Language for a Pervasive Computing Environment

POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Representation and reasoning for DAML-based policy and domain services in KAoS and nomads

AAMAS '03 Proceedings of the second international joint conference on Autonomous agents and multiagent systems
A Generalized Temporal Role-Based Access Control Model

IEEE Transactions on Knowledge and Data Engineering
Using Semantic Web Technologies to Specify Constraints of RBAC

PDCAT '05 Proceedings of the Sixth International Conference on Parallel and Distributed Computing Applications and Technologies
Analyzing web access control policies

Proceedings of the 16th international conference on World Wide Web
ROWLBAC: representing role based access control in OWL

Proceedings of the 13th ACM symposium on Access control models and technologies
Using semantic web technologies for policy management on the web

AAAI'06 proceedings of the 21st national conference on Artificial intelligence - Volume 2
A role and attribute based access control system using semantic web technologies

OTM'07 Proceedings of the 2007 OTM Confederated international conference on On the move to meaningful internet systems - Volume Part II
An OWL-Based approach for RBAC with negative authorization

KSEM'06 Proceedings of the First international conference on Knowledge Science, Engineering and Management

Quantified Score

Hi-index	0.00

Visualization

Abstract

The Semantic Web is an extension of the World Wide Web that has been growing in recent years. One important issue in the Semantic Web environment is access control. Integrating Role-Based Access Control (RBAC) models, which have been accepted as a powerful approach to security management, with the Semantic Web helps to reduce the complexity of Web security management. The Generalized Temporal RBAC (GTRBAC) model combines the key features of the RBAC model with a temporal framework to address situations where processes and functions may have limited time spans or periodic temporal durations, and it is useful for applications with inherent temporal semantics such as workflow-based systems. There have been several attempts to adopt basic components of the RBAC to the Semantic Web using Web Ontology Language (OWL). In this paper, we show how to model temporal constraints and restrictions in GTRBAC using OWL. In order to do this, we define OWL ontologies that represent temporal constraints in GTRBAC and describe implementation of a scalable architecture for specification and enforcement of GTRBAC policies. The applicability of the represented model is shown using a running example.