Logical foundations of artificial intelligence
Logical foundations of artificial intelligence
Toward principles for the design of ontologies used for knowledge sharing
International Journal of Human-Computer Studies - Special issue: the role of formal ontology in the information technology
Role-Based Access Control Models
Computer
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Practical Reasoning for Expressive Description Logics
LPAR '99 Proceedings of the 6th International Conference on Logic Programming and Automated Reasoning
A Policy Language for a Pervasive Computing Environment
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Representation and reasoning for DAML-based policy and domain services in KAoS and nomads
AAMAS '03 Proceedings of the second international joint conference on Autonomous agents and multiagent systems
A logic-based framework for attribute based access control
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
Using Semantic Web Technologies to Specify Constraints of RBAC
PDCAT '05 Proceedings of the Sixth International Conference on Parallel and Distributed Computing Applications and Technologies
Using semantic rules to determine access control for web services
Proceedings of the 15th international conference on World Wide Web
The Description Logic Handbook
The Description Logic Handbook
Using OWL to model biological knowledge
International Journal of Human-Computer Studies
Proteus: A Semantic Context-Aware Adaptive Policy Model
POLICY '07 Proceedings of the Eighth IEEE International Workshop on Policies for Distributed Systems and Networks
ROWLBAC: representing role based access control in OWL
Proceedings of the 13th ACM symposium on Access control models and technologies
Enabling policy-based access control in BI applications
Data & Knowledge Engineering
Engineering a Policy-Based System for Federated Healthcare Databases
IEEE Transactions on Knowledge and Data Engineering
Using Dependency Tracking to Provide Explanations for Policy Management
POLICY '08 Proceedings of the 2008 IEEE Workshop on Policies for Distributed Systems and Networks
Situation-Based Access Control: Privacy management via modeling of patient data access scenarios
Journal of Biomedical Informatics
Semantic Matchmaking of Web Resources with Local Closed-World Reasoning
International Journal of Electronic Commerce
Enforcing access control in Web-based social networks
ACM Transactions on Information and System Security (TISSEC)
On the decidability and complexity of integrating ontologies and rules
Web Semantics: Science, Services and Agents on the World Wide Web
Ontology-Based Context Representation and Reasoning Using OWL and SWRL
CNSR '10 Proceedings of the 2010 8th Annual Communication Networks and Services Research Conference
Preserving Privacy Based on Semantic Policy Tools
IEEE Security and Privacy
IEEE Transactions on Knowledge and Data Engineering
Unified Modeling Language Reference Manual
Unified Modeling Language Reference Manual
Editorial: Using ontologies with UML class-based modeling: The TwoUse approach
Data & Knowledge Engineering
Specification of access control and certification policies for semantic web services
EC-Web'05 Proceedings of the 6th international conference on E-Commerce and Web Technologies
A contextual role-based access control authorization model for electronic patient record
IEEE Transactions on Information Technology in Biomedicine
Formal enforcement and management of obligation policies
Data & Knowledge Engineering
OCL-Lite: Finite reasoning on UML/OCL conceptual schemas
Data & Knowledge Engineering
Compliance checking of integrated business processes
Data & Knowledge Engineering
| Hi-index | 0.00 |
Access control is a central problem in confidentiality management, in particular in the healthcare domain, where many stakeholders require access to patients' health records. Situation-Based Access Control (SitBAC) is a conceptual model that allows for modeling healthcare scenarios of data-access requests; thus it can be used to formulate data-access policies, where health organizations can specify their regulations involving access to patients' data according to the context of the request. The model's central concept is the Situation, a formal representation of a patient's data-access scenario. In this paper, we present the SitBAC knowledge framework, a formal healthcare-oriented, context-based access-control framework that makes it possible to represent and implement SitBAC as a knowledge model along with an associated inference method, using OWL and SWRL. Within the SitBAC knowledge framework, scenarios of data access are represented as formal Web Ontology language (OWL)-based Situation classes, formulating data-access rule classes. A set of data-access rule classes makes up the organization's data-access policy. An incoming data-access request, represented as an individual of an OWL-based Situation class, is evaluated by the inference method against the data-access policy to produce an 'approved/denied' response. The method uses a Description Logics (DL)-reasoner and a Semantic Web Rule Language (SWRL) engine during the inference process. The DL reasoner is used for knowledge classification and for real-time realization of the incoming data-access request as a member of an existing Situation class to infer the appropriate response. The SWRL engine is used to infer new knowledge regarding the incoming data-access requests, which are required for the realization process. We evaluated the ability of the SitBAC knowledge framework to provide correct responses by representing and reasoning with real-life healthcare scenarios.