RelBAC: Relation Based Access Control
作者: Fausto Giunchiglia , Rui Zhang , Bruno Crispo
DOI: 10.1109/SKG.2008.76
关键词:
摘要: The Web 2.0, GRID applications and, more recently, semantic desktop are bringing the to a situation where and data metadata shared made available large user groups. In this context, may be tags or complex graph structures such as file system web directories, (lightweight) ontologies. turn, users can themselves tagged by certain properties, organized in directory structures, very much same way data. Things further complicated highly unpredictable autonomous dynamics of data, users, permissions access control rules. paper we propose new model logic, called RelBAC (for Relation Based Access Control) which allows us deal with novel scenario. key idea, differentiates from state art, e.g., Role Control (RBAC), is that modeled relations between while rules their instantiations on specific sets objects. As such, assigned an arity fine tuning evolve independently, according desires policy manager(s). Furthermore, formalization Entity-Relationship (ER) for its direct translation into Description Logics (DL). reason, possibly at run time, about policies.
sci-hub.se 参考文章(53)
Ekaterini Ioannou, Juri L. De Coi, Arne Wolf Koesling, Daniel Olmedilla, Wolfgang Nejdl, Access control for sharing semantic data across desktops PEAS'07 Proceedings of the 2007 International Conference on Privacy Enforcement and Accountability with Semantics - Volume 320. pp. 31- 40 ,(2007)
Leo Sauermann, Ansgar Bernardi, Andreas Dengel, Overview and outlook on the semantic desktop sdw'05 Proceedings of the 2005 International Conference on Semantic Desktop Workshop: Next Generation Information Management D Collaboration Infrastructure - Volume 175. pp. 74- 91 ,(2005)
Fausto Giunchiglia, Pavel Shvaiko, Mikalai Yatskevich, Semantic Schema Matching Lecture Notes in Computer Science. ,vol. 3760, pp. 347- 365 ,(2005) , 10.1007/11575771_23
Junghwa Chae, Towards Modal Logic Formalization of Role-Based Access Control with Object Classes formal techniques for networked and distributed systems. pp. 97- 111 ,(2007) , 10.1007/978-3-540-73196-2_7
Chen Zhao, Nuermaimaiti Heilili, Shengping Liu, Zuoquan Lin, Representation and Reasoning on RBAC: A Description Logic Approach Theoretical Aspects of Computing – ICTAC 2005. pp. 381- 393 ,(2005) , 10.1007/11560647_25
Krysia Broda, Alessandra Russo, Compiled Labelled Deductive Systems for Access Control. We Will Show Them! (1). pp. 309- 338 ,(2005)
Fabio Massacci, Reasoning About Security: A Logic and a Decision Method for Role-Based Access Control conference on automated deduction. pp. 421- 435 ,(1997) , 10.1007/BFB0035639
Fausto Giunchiglia, Bruno Crispo, Rui Zhang, Ontology Driven Community Access Control SPOT@ESWC. ,(2008)
Fausto Giunchiglia, Fiona McNeill, Mikalai Yatskevich, Juan Pane, Paolo Besana, Pavel Shvaiko, Approximate Structure-Preserving Semantic Matching OTM '08 Proceedings of the OTM 2008 Confederated International Conferences, CoopIS, DOA, GADA, IS, and ODBASE 2008. Part II on On the Move to Meaningful Internet Systems. pp. 1217- 1234 ,(2008) , 10.1007/978-3-540-88873-4_22