The Community for Technology Leaders
RSS Icon
Issue No.06 - Nov.-Dec. (2013 vol.10)
pp: 328-340
Abdullah Alamri , Sch. of Comput. Sci. & Inf. Technol., RMIT Univ., Melbourne, VIC, Australia
Peter Bertok , Sch. of Comput. Sci. & Inf. Technol., RMIT Univ., Melbourne, VIC, Australia
James A. Thom , Sch. of Comput. Sci. & Inf. Technol., RMIT Univ., Melbourne, VIC, Australia
Semantic models help in achieving semantic interoperability among sources of data and applications. The necessity to efficiently manage these types of objects has increased the number of specialized repositories, usually referred to as semantic databases. An increasing number of project initiatives have been recorded that choose to formalize application knowledge using ontologies and semantic data representation. Due to the various sensitivities of data, suitable access control mechanisms pertaining to the semantic repository should be put in place to ensure that only authorized users can obtain access to the information in its entirety. In fact, deciding what can be made available to the user without revealing confidential information is made even more difficult because the user may be able to apply logic and reasoning to infer confidential information from the knowledge being provided. In this paper, we design an authorization security model enforced on a semantic model's entities (concepts) and also propagate on their individuals in the OWL database through an inference policy engine. We provide TBox access control for the construction of a TBox family and propagate this based on the construction of concept taxonomies. We also provide ABox label-based access control for facts in the domain knowledge and report experiments to evaluate the effects of access control on reasoning and modularization.
Authorization, Access control, Semantic Web, Data storage,semantic repositories, Authorization and access control, Semantic Web, RDF, OWL
Abdullah Alamri, Peter Bertok, James A. Thom, "Authorization Control for a Semantic Data Repository through an Inference Policy Engine", IEEE Transactions on Dependable and Secure Computing, vol.10, no. 6, pp. 328-340, Nov.-Dec. 2013, doi:10.1109/TDSC.2013.20
[1] B.V. Aduna, "User Guide for Sesame 2.2," http://www.openrdf. org/doc/sesame2/2.2users /, 2008.
[2] A. Alamri and P. Bertok, "Distributed Store for Ontology Data Management," Computer and Information Science, R. Lee, ed., vol. 429, pp. 15-35, Springer, 2012.
[3] E. Bertino and R. Sandhu, "Database Security—Concepts, Approaches, and Challenges," IEEE Trans. Dependable and Secure Computing, vol. 2, no. 1, pp. 2-19, Jan. 2005.
[4] B. Bishop, A. Kiryakov, D. Ognyanoff, I. Peikov, Z. Tashev, and R. Velkov, "OWLIM: A Family of Scalable Semantic Repositories," Semantic Web, vol. 2, no. 1, pp. 33-42, Jan. 2011.
[5] R. Carvalho, J. Williams, I. Sturken, R. Keller, and T. Panontin, "Investigation Organizer: The Development and Testing of a Web-Based Tool to Support Mishap Investigations," Proc. IEEE Aerospace Conf., pp. 89-98, Mar. 2005.
[6] W. Chen and H. Stuckenschmidt, "A Model-Driven Approach to Enable Access Control for Ontologies," Proc. Int'l Tagung Wirtschaftsinformatik, pp. 663-672, 2010.
[7] S. Dietzold and S. Auer, "S.: Access Control on RDF Triple Stores from a Semantic Wiki Perspective," Proc. Third European Semantic Web Conf. (ESWC '06), 2006.
[8] T. Finin, A. Joshi, L. Kagal, J. Niu, R. Sandhu, W. Winsborough, and B. Thuraisingham, "ROWLBAC: Representing Role Based Access Control in OWL," Proc. 13th ACM Symp. Access Control Models and Technologies, pp. 73-82, 2008.
[9] Franz Inc., "AllegroGraph 4.10,", 2010.
[10] P. Gearon and A. Muys, "Mulgara Semantic Store," http:/, 2009.
[11] V. Haarslev, R. Möller, and M. Wessel, "RacerPro User's Guide and Reference Manual Version 1.9.2," http://www.racer-systems. com/products/racerpro users-guide-1-9-2-beta.pdf, 2007.
[12] A. Harth, J. Umbrich, A. Hogan, and S. Decker, "Yars2: A Federated Repository for Querying Graph Structured Data from the Web," Proc. Sixth Int'l Semantic Web and Second Asian Conf. Asian Semantic Web Conf. (ISWC/ASWC '07), pp. 211-224, 2007.
[13] L. Kagal, T. Finin, and A. Joshi, "A Policy Based Approach to Security for the Semantic Web," Proc. Int'l Semantic Web Conf., pp. 402-418, 2003.
[14] S. Kaushik, D. Wijesekera, and P. Ammann, "Policy-Based Dissemination of Partial Web-Ontologies," Proc. Workshop Secure Web Services, pp. 43-52, 2005.
[15] M. Knechtel and H. Stuckenschmidt, "Query-Based Access Control for Ontologies," Proc. Fourth Int'l Conf. Web Reasoning and Rule Systems, pp. 73-87, 2010.
[16] J. Li and W.K. Cheung, "Query Rewriting for Access Control on Semantic Web," Proc. Fifth VLDB Workshop Secure Data Management, pp. 151-168, 2008.
[17] B. McBride, "Jena: A Semantic Web Toolkit," IEEE Internet Computing, vol. 6, no. 6, pp. 55-59, , Nov./Dec. 2002.
[18] V. Milea, F. Frasincar, and U. Kaymak, "tOWL: A Temporal Web Ontology Language," IEEE Trans. Systems, Man, and Cybernetics, Part B: Cybernetics, vol. 42, no. 1, pp. 268-281, Feb. 2012.
[19] P. Mitra, C.-C. Pan, P. Liu, and V. Atluri, "Privacy-Preserving Semantic Interoperation and Access Control of Heterogeneous Databases," Proc. ACM Symp. Information, Computer and Comm. Security, pp. 66-77, 2006.
[20] Oracle, "Oracle Database Semantic Technologies Developer's Guide 11g Release 2," e25609.pdf, May 2012.
[21] C.-C. Pan, P. Mitra, and P. Liu, "Semantic Access Control for Information Interoperation," Proc. 11th ACM Symp. Access Control Models and Technologies, pp. 237-246, 2006.
[22] V. Papakonstantinou, M. Michou, I. Fundulaki, G. Flouris, and G. Antoniou, "Access Control for RDF Graphs Using Abstract Models," Proc. 17th ACM Symp. Access Control Models and Technologies, pp. 103-112, 2012.
[23] E. Prud'hommeaux and A. Seaborne, "SPARQL Query Language for RDF," technical report, 2008.
[24] L. Qin and V. Atluri, "Concept-Level Access Control for the Semantic Web," Proc. ACM Workshop XML Security, pp. 94-103, 2003.
[25] Y. Qu, X. Zhang, and H. Li, "Orel: An Ontology-Based Rights Expression Language," Proc. 13th Int'l World Wide Web Conf. Alternate Track Papers & Posters, pp. 324-325, 2004.
[26] R.S. Sandhu, "Role-Based Access Control," Advances in Computers, Academic Press, 1994.
[27] Sirin, B. Parsia, B. Grau, A. Kalyanpur, and Y. Katz, "Pellet: A Practical OWL-DL Reasoner," J. Web Semantics, vol. 5, no. 2, pp. 51-53, June 2007.
[28] D. Tsarkov and I. Horrocks, "FaCT++ Description Logic Reasoner: System Description," Proc. Int'l Joint Conf. Automated Reasoning (IJCAR '06), pp. 292-297, 2006.
[29] A.-Y. Turhan, "Description Logic Reasoning for Semantic Web Ontologies," Proc. Int'l Conf. Web Intelligence, Mining and Semantics, pp. 6:1-6:5, 2011.
[30] L. Xu, H. Zhang, X. Du, and C. Wang, "Research on Mandatory Access Control Model for Application System," Proc. Int'l Conf. Networks Security, Wireless Comm. and Trusted Computing, vol. 2, pp. 159-163, Apr. 2009.
66 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool