Towards an authorisation model for distributed systems based on the Semantic Web

J.M. Alcaraz Calero; G. Martinez Perez; A.F. Gomez Skarmeta

Towards an authorisation model for distributed systems based on the Semantic Web

Access Full Text

Towards an authorisation model for distributed systems based on the Semantic Web

Author(s): J.M. Alcaraz Calero ; G. Martinez Perez ; A.F. Gomez Skarmeta
DOI: 10.1049/iet-ifs.2009.0260

For access to this article, please select a purchase option:

Buy article PDF

Buy Knowledge Pack

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership

Recommend Title Publication to library

IET Information Security — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

Author(s): J.M. Alcaraz Calero ^{1, 2} ; G. Martinez Perez ² ; A.F. Gomez Skarmeta ²
- Affiliations: 1: Automated Infrastructure Lab, Hewlett Packard Laboratories Bristol, Bristol, UK
  2: Department of Communications and Information Engineering, Computer Science Faculty, University of Murcia, Murcia, Spain
Source: Volume 4, Issue 4, December 2010, p. 411 – 421
DOI: 10.1049/iet-ifs.2009.0260 , Print ISSN 1751-8709, Online ISSN 1751-8717

Published

Authorisation is a crucial process in current information systems. Nowadays, many of the current authorisation systems do not provide methods to describe the semantics of the underlying information model which they are protecting. This fact can lead to mismatch problems between the semantics of the authorisation model and the semantics of the underlying data and resources being protected. In order to solve this problem, this paper describes an authorisation model based on Semantic Web technologies. This authorisation model uses the common information model (CIM) to represent the underlying information model. For this reason, a new conversion process of CIM into the Semantic Web languages has been proposed converting properly the semantics available in the CIM model. This representation provides a suitable information model based on a well-known logic formalism for implementing the authorisation model and a formal language for describing concisely the semantic of the information models being protected. The formal authorisation model supports role-based access control (RBAC), hierarchical RBAC, conditional RBAC and object hierarchies, among other features. Moreover, this paper describes an authorisation architecture for distributed systems taking into account aspects such as privacy among parties and trust management. Finally, some implementation aspects of this system have also been described.

References

1. 1)
  - Horrocks, I., Patel-Schneider, P.F., Boley, H., Tabet, S., Grosof, B., Dean, M.: `SWRL: a Semantic Web rule language combining OWL and RuleML', W3C member submission, W3C, May 2004.
2. 2)
  - Uszok, A., Bradshaw, J., Jeffers, R.: `KAoS policy and domain services: toward a description-logic approach to policy representation, deconfliction, and enforcement', Proc. Fourth IEEE Int. Workshop on Policies for Distributed Systems and Networks, 2003.
3. 3)
  - Munoz, A., Vera, A., Botia, J.A., Skarmeta, A.F.G.: `Defining basic behaviours in ambient intelligence environments by means of rule-based programming with visual tools', First Workshop of Artificial Intelligence Techniques for Ambient Intelligence, ECAI, 2006.
4. 4)
  - W. Bumpus , J.W. Sweitzer , P. Thompson , A.R. Westerinen , R.C. Williams . (2000) Common information model: implementing the object model for enterprise management.
5. 5)
  - Gbadegesin, A., Batoukov, R., Reed, D.R.: `Flexible scalable application authorization for cloud computing environments', United States Patent Application, 20090228967, 2009, Technical report.
6. 6)
  - Palomar, E., Estevez-Tapiador, J.M., Hernandez-Castro, J.C., Ribagorda, A.: `Certificate-based access control in pure P2P networks', Sixth IEEE Int. Conf. on Peer-to-Peer Computing, 2006.
7. 7)
  - Heimbigner, D.: `DMTF - CIM to OWL: ‘a case study in ontology conversion', Conf. on Software Engineering and Knowledge Engineering, 2004.
8. 8)
  - T. Vetterli , A. Vaduva , M. Staudt . Metadata standards for data warehousing: open information model vs. common warehouse metadata. ACM SIGMOD Rec. , 3 , 68 - 75
9. 9)
  - Sandhu, R., Ferraiolo, D., Kuhn, R.: `The NIST model for role-based access control: towards a unified standard', Proc. Fifth ACM Workshop on Role-based Access Control, 2000.
10. 10)
  - L. Richardson , S. Ruby . (2007) RESTul Web Services.
11. 11)
  - Brickley, D., Guha, R., McBride, B.: `RDF vocabulary description language 1.0: RDF Schema', Technical report, 2004, W3C.
12. 12)
  - Carroll, J.J., Dickinson, I., Dollin, C., Reynolds, D., Seaborne, A., Wilkinson, K.: `Jena: implementing the Semantic Web recommendations', Proc. 13th Int. World Wide Web Conf., 2004, p. 74–83.
13. 13)
  - Fugkeaw, S., Manpanpanich, P., Juntapremjitt, S.: `A hybrid multi-application authentication and authorization model using multi-agent system and PKI', Technical report, 2007.
14. 14)
  - Prud'hommeaux, E., Seaborne, A.: `SPARQL query language for RDF', Technical report, 2008, W3C.
15. 15)
  - Kagal, L., Finin, T., Joshi, A.: `A policy language for a pervasive computing environment', Proc. Fourth IEEE Int. Workshop on Policies for Distributed Systems and Networks, 2003, p. 6374.
16. 16)
  - F. Baader , D. Calvanese , D. MacGuinness , D. Nardi , P. Patel-Schneider , P. Patel-Schneider . (2007) The description logic handbook: theory, implementation and applications.
17. 17)
  - F. Bellifemine , G. Caire , A. Poggi , G. Rimassa . JADE: a software framework for developing multi-agent applications. lessons learned. Inf. Softw. Technol. , 10 - 21
18. 18)
  - Q. Ni , E. Bertino , J. Lobo , S.B. Calo . Privacy aware role based access control. IEEE Secur. Priv. , 4 , 35 - 43
19. 19)
  - O. Canovas , A.F. Gomez-Skarmeta , G. Lopez , M. Sanchez . Deploying authorisation mechanisms for federated services in eduroam (DAMe). Internet Res. , 479 - 494
20. 20)
  - N. Noy , M. Sintek , S. Decker , M. Crubezy , R. Fergerson , M. Musen . Creating Semantic Web contents with Protege-2000. IEEE Intell. Syst. , 2 , 60 - 71
21. 21)
  - Guo, C.J., Sun, W., Huang, Y., Wang, Z.H., Gao, B.: `A framework for native multi-tenancy application development and management', Fourth IEEE Int. Conf. on Enterprise Computing, E-Commerce and E-Services, 2007.
22. 22)
  - M. Majewska , B. Kryza , J. Kitowski . Translation of common information model to web ontology language.
23. 23)
  - J. Li , D. Cordes . A scalable authorization approach for the globus grid system. Future Gener. Comput. Syst. , 2 , 291 - 301
24. 24)
  - Syukur, E., Loke, S.W., Stanski, P.: `Methods for policy conflict detection and resolution in pervasive computing environments', 14thInt. World Wide Web Conf., 2005.
25. 25)
  - E. Sirin , B. Parsia , B.C. Grau , A. Kalyanpur , Y. Katz . Pellet: a practical OWL-DL reasoner. J. Web Semantics: Sci., Serv. Agents World Wide Web , 2 , 51 - 53
26. 26)
  - Motik, B., Patel-Schneider, P.F., Horrocks, I.: `OWL 2 Web ontology language: structural specification and functional-style syntax', W3C working draft, W3C, April 2008.
27. 27)
  - Klyne, G., Carroll, J.J., McBride, B.: `Resource description framework (RDF): concepts and abstract syntax', Technical report, 2004, W3C.
28. 28)
  - D.F. Ferraiolo , R. Sandhu , S. Gavrila , D.R. Kuhn , R. Chandramouli . Proposed NIST standard for role-based access control. ACM Trans. Inf. Syst. Secur. , 3 , 224 - 274
29. 29)
  - T. Berners-Lee , J. Hendler , O. Lassila . The Semantic Web. Scientific American , 5

Login

Not registered yet?

Share

Tools

Login to add to favourites

Key

Towards an authorisation model for distributed systems based on the Semantic Web

Towards an authorisation model for distributed systems based on the Semantic Web

Buy article PDF

Buy Knowledge Pack

Thank you

References

Related content