Authors:
Mouiad Al-Wahah
;
Ahmed Saaudi
and
Csilla Farkas
Affiliation:
College of Engineering and Computing, University of South Carolina, 301 Main St, Columbia, SC and U.S.A.
Keyword(s):
Description Logic, Access Control, OWL, Authorization, Obligation, Policy Rules.
Related
Ontology
Subjects/Areas/Topics:
Access Control
;
Data and Application Security and Privacy
;
Data Engineering
;
Data Protection
;
Database Security and Privacy
;
Databases and Data Security
;
Information and Systems Security
;
Internet Technology
;
Security and Privacy Policies
;
Security in Information Systems
;
Trust Management and Reputation Systems
;
Web Information Systems and Technologies
Abstract:
In this paper, we present a dynamic and extensible semantic-based obligation framework. Our framework is meant to be used in conjunction with context-based authorization. Our approach is suitable to incorporate dynamically changing obligation requirements. We express obligation requirements and contextual information as ontologies. We employ Description logic and Logic Programming technologies for modeling contexts, privileges and obligations. We show how semantic-based techniques can be used to support adaptive and dynamic obligation for Context-Based Access Control (CBAC) policies. We also show that our framework is expressive enough to incorporate obligation’s needs in dynamic environments. Furthermore, we have developed a proof of concept implementation to demonstrate our work.