Ontology Based Hybrid Access Control for Automatic Interoperation
Semantic interoperation and service sharing have been accepted as efficient means to facilitate collaboration among heterogonous system applications. However, extensibility and complexity are still crucial problems in supporting multi-level automatic collaborations across dynamically changed domains. In this paper, we propose the ontology based hybrid access control model. It introduces the concept of Industry Coalition, which defines the common ontology and servers as the portal of an application domain for public. By mapping local authorizations to the common ontology, an enterprise can efficiently tackle the problems of automatic interoperation across heterogonous systems in the Coalition, as well as of the general requests from dynamically changed exterior collaborators not belonging to the Coalition. Several algorithms are also proposed to generate authorization mappings and maintain security constraints consistent. To illustrate our model, an example of property right exchange is given and experiment results are discussed.
KeywordsAccess Control Model Semantic Interoperation Role Base Access Control Security Constraint Local Authorization
Unable to display preview. Download preview PDF.
- 3.Tekeda, H., Iwata, K., Takaai, M., Sawada, A., Nishida, T.: An ontology-Based Cooperative Environment for Real World Agents. Int. Conf. of Multi-agent Systems, pp. 353–360 (1996)Google Scholar
- 6.Pan, C.C., Mitra, P., Liu, P.: Semantic Access Control for Information Interoperation. In: Proc. of SACMAT 2006, Lake Tahoe, California, USA, pp. 237–246 (2006)Google Scholar
- 7.Ram, S., et al.: Semantic Conflict Resolution Ontology: An Ontology for Detecting and Resolving Data and Schema-level Semantic Conflicts. IEEE TKDE 16, 189–202 (2004)Google Scholar
- 8.Mitra, P., Pan, C.C., Liu, P., Vijayalakshmi, A.: Privacy-preserving semantic interoperation and access control of heterogeneous databases. In: Proc. of ASIACCS, pp. 66–77 (2006)Google Scholar
- 10.Li, Q., Vijayalakshmi, A.: Concept-level access control for the Semantic Web. In: Proc. of the ACM workshop on XML security, Fairfax, Virginia, pp. 94–103 (2003)Google Scholar
- 11.Trastour, D., Preist, C., Coleman, D.: Using Semantic Web technology to Enhance Current Business-to-Business Integration Approaches. In: Proc of EDOC, pp. 222–231 (2003)Google Scholar
- 12.van der Vet, P.E., Mars, N.J.I.: Bottom-Up Construction of Ontologies. IEEE TKDE 10, 513–526 (1998)Google Scholar
- 13.Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Rose-Based Access Control Model. IEEE Computer 29, 38–47 (1996)Google Scholar
- 14.Shafiq, B., Joshi, J.B.D., Bertino, E., Ghafoor, A.: Secure Interoperation in a Multidomain Environment Employing RBAC Policies. IEEE TKDE 17, 1557–1577 (2005)Google Scholar
- 15.Sun, Y.Q., Pan, P.: PRES—A Practical Flexible RBAC Workflow System. In: Proc. of 7th International Conference on Electronic Commerce, pp. 653–658 (2005)Google Scholar