Role Based Access Control and OWL

Current access control research follows two parallel themes: many efforts focus on developing novel access control models meeting the policy needs of real world application domains while others are exploring new policy languages. This paper is motivated by the desire to develop a synergy between these themes facilitated by OWL. Our vision for the future is a world where advanced access control concepts are embodied in models that are supported by policy languages in a natural intuitive manner, while allowing for details beyond the models to be further specified in the policy language. In this paper we specifically study the relationship between the Web Ontology Language (OWL) and the Role Based Access Control (RBAC) model. Although OWL is a web ontology language and not specifically designed for expressing authorization policies, it has been used successfully for this purpose in previous work such as KAoS and Rei. We show two different ways to support the NIST Standard RBAC model in OWL and then discuss how the OWL constructions can be extended to model attribute-based RBAC or more generally attribute-based access control.
Date: April 01, 2008
Book Title: Proceedings of the fourth OWL: Experiences and Directions Workshop
Type: InProceedings
Downloads: 915

Has 1 soft copy


size 156564 bytes

Bibtex


@InProceedings{Role_Based_Access_Control_and_OWL,
  author = "Tim Finin and Anupam Joshi and Lalana Kagal and Jianwei Niu and Ravi Sandhu and William H Winsborough and Xiaohu Li",
  title = "{Role Based Access Control and OWL}",
  month = "April",
  year = "2008",
  booktitle = "Proceedings of the fourth OWL: Experiences and Directions Workshop",
}