ROWLBAC - Representing Role Based Access Control in OWL
There have been two parallel themes in access control research in
recent years. On the one hand there are efforts to develop new access
control models to meet the policy needs of real world application
domains. In parallel, and almost separately, researchers have
developed policy languages for access control. This paper is
motivated by the consideration that these two parallel efforts need to
develop synergy. A policy language in the abstract without ties to a
model gives the designer little guidance. Conversely a model may not
have the machinery to express all the policy details of a given system
or may deliberately leave important aspects unspecified. Our vision
for the future is a world where advanced access control concepts are
embodied in models that are supported by policy languages in a natural
intuitive manner, while allowing for details beyond the models to be
further specified in the policy language.
This paper studies the relationship between the Web Ontology Language
(OWL) and the Role Based Access Control (RBAC) model. Although OWL is
a web ontology language and not specifically designed for expressing
authorization policies, it has been used successfully for this purpose
in previous work. OWL is a leading specification language for the
Semantic Web, making it a natural vehicle for providing access control
in that context. In this paper we show two different ways to support
the NIST Standard RBAC model in OWL and then discuss how the OWL
constructions can be extended to model attribute-based RBAC or more
generally attribute-based access control. We further examine and
assess OWL's suitability for two other access control problems:
supporting attribute based access control and performing security
analysis in a trust-management framework.
Date: June 11, 2008
Book Title: Proceedings of the 13th Symposium on Access control Models and Technologies
Type: InProceedings
Publisher: ACM Press
Downloads: 1543
Has 2 soft copies
size 209807 bytes
size 643072 bytesBibtex
@InProceedings{ROWLBAC_Representing_Role_Based_Access_C,
author = "Tim Finin and Anupam Joshi and Lalana Kagal and Jianwei Niu and Ravi Sandhu and William H Winsborough and Xiaohu Li",
title = "{ROWLBAC - Representing Role Based Access Control in OWL}",
month = "June",
year = "2008",
booktitle = "Proceedings of the 13th Symposium on Access control Models and Technologies",
publisher = "ACM Press",
}