Authorizations in relational database management systems
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
A translation approach to portable ontology specifications
Knowledge Acquisition - Special issue: Current issues in knowledge modeling
Role-Based Access Control Models
Computer
Argos—a configurable access control system for interoperable environments
Proceedings of the ninth annual IFIP TC11 WG11.3 working conference on Database security IX : status and prospects: status and prospects
Regulating service access and information release on the Web
Proceedings of the 7th ACM conference on Computer and communications security
A fine-grained access control system for XML documents
ACM Transactions on Information and System Security (TISSEC)
A Content-Based Authorization Model for Digital Libraries
IEEE Transactions on Knowledge and Data Engineering
An Approach for Building Secure Database Federations
VLDB '94 Proceedings of the 20th International Conference on Very Large Data Bases
Complex Subjects, or: The Striving for Complexity is Ruling our World
Proceedings of the IFIP WG11.3 Working Conference on Database Security VII
A Logical Framework for Reasoning on Data Access Control Policies
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Can GRID services provide answers to the challenges of national health information sharing?
CASCON '03 Proceedings of the 2003 conference of the Centre for Advanced Studies on Collaborative research
Concept-level access control for the Semantic Web
Proceedings of the 2003 ACM workshop on XML security
Semantic Space: An Infrastructure for Smart Spaces
IEEE Pervasive Computing
Semantic access control for information interoperation
Proceedings of the eleventh ACM symposium on Access control models and technologies
Patient-centric authorization framework for sharing electronic health records
Proceedings of the 14th ACM symposium on Access control models and technologies
A semantic web based framework for social network access control
Proceedings of the 14th ACM symposium on Access control models and technologies
Security Models and Requirements for Healthcare Application Clouds
CLOUD '10 Proceedings of the 2010 IEEE 3rd International Conference on Cloud Computing
Editorial: Advanced technologies for homeland defense and security
Journal of Network and Computer Applications
| Hi-index | 0.00 |
In this paper, we investigate how to secure sharing of complex data objects among pervasive information systems. To address the challenges posed by heterogeneous data sources, complex objects and context dynamics, we propose an advanced authorization model that supports specifying and enforcing authorizations in flexible and efficient ways. The model employs ontology and semantic web technologies to conceptualize data and explicitly express the relationships among concepts and instances involved in information sharing. Authorizations can be specified at different levels of the predefined concept hierarchies and be propagated to lower-levels. A novel decision propagation model is proposed to enable fast evaluation and updating of concept-level access decisions. To resolve conflicts among policies, we model a policy set as a semilattice, upon which a binary operation is defined to adapt to various requirements. Moreover, enabled by ontology reasoning tools, a flexible specification approach of authorization, namely rule-based policy generation, is developed to encode context dynamics, making the authorization enforcement adaptive to contexts.