[1] Sun Xiaolin, Lu Zhengding, Li Ruixuan, Wang Zhigang, et al. Novel scheme to specify and integrate RBAC policybased on ontology [J]. Journal of Southeast University (English Edition), 2007, 23 (3): 394-398. [doi:10.3969/j.issn.1003-7985.2007.03.018]
Copy
Novel scheme to specify and integrate RBAC policybased on ontology(
)
)Journal of Southeast University (English Edition)[ISSN:1003-7985/CN:32-1325/N]
- Volumn:
- 23
- Issue:
- 2007 3
- Page:
- 394-398
- Research Field:
- Computer Science and Engineering
- Publishing date:
- 2007-09-30
Info
- Title:
- Novel scheme to specify and integrate RBAC policybased on ontology
- Author(s):
- Sun Xiaolin; Lu Zhengding; Li Ruixuan; Wang Zhigang; Wen Kunmei
- College of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan 430074, China
- Keywords:
- ontology; policy; role-based access control
- PACS:
- TP301
- DOI:
- 10.3969/j.issn.1003-7985.2007.03.018
- Abstract:
- To describe and integrate various policies applied in different domains, the definition of the family of OntoRBAC based on the ontology of a general role-based access control(RBAC)policy is proposed, which can support and extend the RBAC96 model.The uniform ontology-based description mechanism of secure policies is applied in OntoRBAC, which can be used to describe different secure policies in distributed systems and integrate policies in semantic level with upper concepts.In addition, some rules have been defined to reason within the OntoRBAC to extend the inference algorithms in ontology, which makes the system accommodate itself to RBAC policies better.
References:
[1] Sandhu Ravi S, Coynek Edward J, Feinsteink Hal L, et al.Role-based access control models [J].IEEE Computer, 1996, 29(2):38-47.
[2] Jajodia S, Samarati P, Sapino M, et al.Flexible support for multiple access control policies [J].ACM Transactions on Database Systems, 2001, 26(2):214-260.
[3] Baader F, Calvanese D, McGuinness D, et al.The description logic handbook:theory, implementation and applications [M].London:Cambridge University Press, 2003:47-100.
[4] Jajodia S, Samarati P, Subrahmanian V S.A Logical Language for Expressing Authorizations[C]//Proceedings of the IEEE Symposium on Security and Privacy.Washington, DC:IEEE Computer Society Press, 1997:31-42.
[5] Moses T.eXtensible access control markup language(XACML)[EB/OL].(2003-02-18)[2007-04-20].http://www.oasis-open.org/committees/download.php/2406/oasis-xacml-1.0.pdf.
[6] Joshi J B D.Access-control language for multidomain environments[J].IEEE Internet Computing, 2004, 8(6):40-50.
[7] Uszok A, Bradshaw J, Jeffers R, et al.KAoS policy and domain services:toward a description-logic approach to policy representation, deconfliction, and enforcement[C]//Proc of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks.Washington, DC:IEEE Computer Society, 2003:93-96.
[8] Kagal L, Finin T, Joshi A.A policy language for pervasive systems[C]//Proc of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks.Washington, DC:IEEE Computer Society, 2003:63-71.
[9] Mike D.OWL web ontology language reference.W3C Recommendation 10 February 2004[EB/OL].(2004-02-10)[2007-04-20].http://www.w3.org/TR/owl-ref/.
[10] Wang Zhigang, Wang Xiaogang, Lu Zhengding, et al.OntoRBAC:specify and integrate RBAC policies with ontologies[J].Computer Science, 2007, 34(2):82-85.(in Chinese)
Memo
- Memo:
- Biographies: Sun Xiaolin(1980—), male, graduate;Lu Zhengding(corresponding author), male, professor, zdlu@hust.edu.cn.