Social Semantic Network-Based Access Control

  • Serena VillataEmail author
  • Luca Costabello
  • Fabien Gandon
  • Catherine Faron-Zucker
  • Michel Buffa
Part of the Lecture Notes in Social Networks book series (LNSN)


Social networks are the bases of the so-called Web 2.0, raising many new challenges to the research community. In particular, the ability of these networks to allow the users to share their own personal information with other people opens new issues concerning privacy and access control. Nowadays the Web has further evolved into the Social Semantic Web where social networks are integrated and enhanced by the use of semantic conceptual models, e.g., the ontologies, where the social information and links among the users become semantic information and links. In this chapter, we discuss which are the benefits of introducing semantics in social network-based access control. In particular, we analyze and detail two approaches to manage the access rights of the social network users relying on Semantic Web languages only, and we highlight, thanks to these two proposals, what are pros and cons of introducing semantics in social networks access control. Finally, we report on the other existing approaches coupling semantics and access control in the context of social networks.


Access Control Access Condition Access Control Policy Access Policy Access Control Model 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Abel, F., De Coi, J.L., Henze, N., Koesling, A.W., Krause, D., Olmedilla, D.: Enabling advanced and context-dependent access control in RDF stores. In: 6th International Semantic Web Conference (ISWC). Lecture Notes in Computer Science, vol. 4825, pp. 1–14. Springer, Berlin (2007)Google Scholar
  2. 2.
    Alam, A., Subbiah, G., Thuraisingham, B.M., Khan, L.: Reasoning with semantics-aware access control policies for geospatial web services. In: 3rd ACM Workshop on Secure Web Services (SWS), pp. 69–76. ACM, New York (2006)Google Scholar
  3. 3.
    Bertino, E., Kirkpatrick, M.S.: Location-aware authentication and access control. In: IEEE 23rd International Conference on Advanced Information Networking and Applications (AINA), pp. 10–15. IEEE Computer Society, Bradford (2009)Google Scholar
  4. 4.
    Bolchini, C., Curino, C., Quintarelli, E., Schreiber, F.A., Tanca, L.: A data-oriented survey of context models. SIGMOD Rec. 36(4), 19–26 (2007)CrossRefGoogle Scholar
  5. 5.
    Breslin, J., Passant, A., Decker, S.: The Social Semantic Web. Springer, Berlin (2009)CrossRefGoogle Scholar
  6. 6.
    Buffa, M., Faron-Zucker, C.: Ontology-based access rights management. In: Advances in Knowledge Discovery and Management. Studies in Computational Intelligence, vol. 398, pp. 49–61. Springer, Berlin (2012)Google Scholar
  7. 7.
    Buffa, M., Gandon, F.L., Erétéo, G., Sander, P., Faron, C.: SweetWiki: a semantic wiki. J. Web Semant. 6(1), 84–97 (2008)CrossRefGoogle Scholar
  8. 8.
    Carminati, B., Ferrari, E., Heatherly, R., Kantarcioglu, M., Thuraisingham, B.M.: Semantic web-based social network access control. Comput. Secur. 30(2–3), 108–115 (2011)CrossRefGoogle Scholar
  9. 9.
    Carroll, J.J., Bizer, C., Hayes, P.J., Stickler, P.: Named graphs. J. Web Semant. 3(4), 247–267 (2005)CrossRefGoogle Scholar
  10. 10.
    Corby, O., Faron-Zucker, C.: The KGRAM abstract machine for knowledge graph querying. In: Web Intelligence, pp. 338–341. IEEE, Toronto (2010)Google Scholar
  11. 11.
    Corby, O., Dieng-Kuntz, R., Faron-Zucker, C.: Querying the semantic web with Corese search engine. In: 16th European Conference on Artificial Intelligence (ECAI), pp. 705–709. IOS Press, Amsterdam (2004)Google Scholar
  12. 12.
    Corby, O., Dieng-Kuntz, R., Faron-Zucker, C., Gandon, F.L.: Searching the semantic web: approximate query processing based on ontologies. IEEE Intell. Syst. 21(1), 20–27 (2006)CrossRefGoogle Scholar
  13. 13.
    Corradi, A., Montanari, R., Tibaldi, D.: Context-based access control management in ubiquitous environments. In: 3rd IEEE International Symposium on Network Computing and Applications (NCA), pp. 253–260. IEEE Computer Society, Los Alamitos (2004)Google Scholar
  14. 14.
    Costabello, L.: DC Proposal: PRISSMA, towards mobile adaptive presentation of the Web of data. In: Doctoral Consortium, 10th International Semantic Web Conference (ISWC). Lecture Notes in Computer Science, vol. 7032, pp. 269–276. Springer, Berlin (2011)Google Scholar
  15. 15.
    Costabello, L., Villata, S., Delaforge, N., Gandon, F.L.: Ubiquitous Access Control for SPARQL Endpoints: Lessons Learned and Future Challenges. In: WWW (Companion Volume), pp. 487–488. ACM, New York (2012)Google Scholar
  16. 16.
    Covington M.J., Sastry, M.R.: A contextual attribute-based access control model. In: Workshops on the Move to Meaningful Internet Systems (OTM). Lecture Notes in Computer Science, vol. 4278, pp. 1996–2006. Springer, Berlin (2006)Google Scholar
  17. 17.
    Covington, M.J., Long, W., Srinivasan, S., Dey, A.K., Ahamad, M., Abowd, G.D.: Securing context-aware applications using environment roles. In: 6th ACM Symposium on Access Control Models and Technologies (SACMAT), pp. 10–20. ACM, New York (2001)Google Scholar
  18. 18.
    Coyle, K.: Rights management and digital library requirements. Ariadne 40, 125–137 (2004)Google Scholar
  19. 19.
    Cuppens, F., Cuppens-Boulahia, N.: Modeling contextual security policies. Int. J. Inf. Secur. 7(4), 285–305 (2008)CrossRefGoogle Scholar
  20. 20.
    Cuppens, F., Cuppens-Boulahia, N., Ghorbel, M.B.: High level conflict management strategies in advanced access control models. Electron. Notes Theor. Comput. Sci. 186, 3–26 (2007)CrossRefGoogle Scholar
  21. 21.
    Dey, A.K.: Understanding and using context. Pers. Ubiquitous Comput. 5(1), 4–7 (2001)CrossRefGoogle Scholar
  22. 22.
    Finin, T.W., Joshi, A., Kagal, L., Niu, J., Sandhu, R.S., Winsborough, W.H., Thuraisingham, B.M.: ROWLBAC: representing role based access control in OWL. In: 13th ACM Symposium on Access Control Models and Technologies, pp. 73–82. ACM, New York (2008)Google Scholar
  23. 23.
    Flouris, G., Fundulaki, I., Michou, M., Antoniou, G.: Controlling access to RDF graphs. In: 3rd Future Internet Symposium (FIS). Lecture Notes in Computer Science, vol. 6369, pp. 107–117. Springer, Berlin (2010)Google Scholar
  24. 24.
    Giunchiglia, F., Zhang, R., Crispo, B.: Ontology driven community access control. In: 1st Workshop on Trust and Privacy on the Social and Semantic Web (SPOT). CEUR Workshop Proceedings (2009)Google Scholar
  25. 25.
    Hollenbach, J., Presbrey, J., Berners-Lee, T.: Using RDF metadata to enable access control on the social semantic web. In: Workshop on Collaborative Construction, Management and Linking of Structured Knowledge (CK). (2009)Google Scholar
  26. 26.
    Hulsebosch, R.J., Salden, A.H., Bargh, M.S., Ebben, P.W.G., Reitsma, J.: Context sensitive access control. In: 10th ACM Symposium on Access Control Models and Technologies (SACMAT), pp. 111–119. ACM, New York (2005)Google Scholar
  27. 27.
    Khandelwal, A., Bao, J., Kagal, L., Jacobi, I., Ding, L., Hendler, J.A.: Analyzing the AIR language: a semantic web (production) rule language. In: Web Reasoning and Rule Systems, 4th International Conference (RR). Lecture Notes in Computer Science, vol. 6333, pp. 58–72. Springer, Berlin (2010)Google Scholar
  28. 28.
    Korpipää, P., Mäntyjärvi, J.: An ontology for mobile device sensor-based context awareness. In: Modeling and Using Context, 4th International and Interdisciplinary Conference (CONTEXT). Lecture Notes in Computer Science, vol. 2680, pp. 451–458. Springer, Berlin (2003)Google Scholar
  29. 29.
    Kruk, S.R.: Extensible Access Control (EAC) Ontology Specification. DERI. (2008)
  30. 30.
    Kruk, S.R., Cygan, M., Gzella, A.: JeromeDL—semantic and social technologies for improving user experience in digital libraries. In: World Wide Web Conference, WWW 2008. ACM, New York (2008)Google Scholar
  31. 31.
    Kulkarni, D., Tripathi, A.: Context-aware role-based access control in pervasive computing systems. In: 13th ACM Symposium on Access Control Models and Technologies (SACMAT), pp. 113–122. ACM, New York (2008)Google Scholar
  32. 32.
    Lagoze, C., Payette, S., Shin, E., Wilper, C.: Fedora: an architecture for complex objects and their relationships. Int. J. Digit. Libr. 6(2), 124–138 (2006)CrossRefGoogle Scholar
  33. 33.
    Muhleisen, H., Kost, M., Freytag, J.-C.: SWRL-based access policies for linked data. In: 2nd Workshop on Trust and Privacy on the Social and Semantic Web (SPOT). (2010)Google Scholar
  34. 34.
    Nasirifard, P., Peristeras, V., Hayes, C., Decker, S.: Extracting and utilizing social networks from log files of shared workspaces. In: 10th IFIP Working Conference on Virtual Enterprises, (PRO-VE), pp. 643–650. Springer, Berlin (2009)Google Scholar
  35. 35.
    Sacco, O., Passant, A.: A privacy preference manager for the social semantic web. In: 2nd Workshop on Semantic Personalized Information Management: Retrieval and Recommendation (SPIM). CEUR Workshop Proceedings (2011)Google Scholar
  36. 36.
    Sacco, O., Passant, A.: A privacy preference ontology (PPO) for linked data. In: Linked Data on the Web Workshop (LDOW). (2011)Google Scholar
  37. 37.
    Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Comput. 29(2), 38–47 (1996)CrossRefGoogle Scholar
  38. 38.
    Shen, H., Cheng,Y.: A semantic context-based model for mobile web services access control. Int. J. Comput. Netw. Inf. Secur. 3(1), 18–25 (2011)Google Scholar
  39. 39.
    Story, H., Harbulot, B., Jacobi, I., Jones, M.: FOAF+TLS: RESTful authentication for distributed social networks. In: 1st Workshop on Trust and Privacy on the Social and Semantic Web (SPOT). (2009)Google Scholar
  40. 40.
    Stroka, S., Schaffert, S., Burger, T.: Access control in the social semantic web—extending the idea of FOAF+SSL in KiWi. In: 2nd Workshop on Trust and Privacy on the Social and Semantic Web (SPOT). (2010)Google Scholar
  41. 41.
    Toninelli, A., Montanari, R., Kagal, L., Lassila, O.: A semantic context-aware access control framework for secure collaborations in pervasive computing environments. In: 5th International Semantic Web Conference (ISWC). Lecture Notes in Computer Science, vol. 4273, pp. 473–486. Springer, Berlin (2006)Google Scholar
  42. 42.
    Toninelli, A., Montanari, R., Kagal, L., Lassila, O.: Proteus: a semantic context-aware adaptive policy model. In: 8th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY), pp. 129–140. IEEE Computer Society, Los Alamitos (2007)Google Scholar
  43. 43.
    Toninelli, A., Corradi, A., Montanari, R.: A quality of context-aware approach to access control in pervasive environments. In: 2nd International Conference on Mobile Wireless Middleware, Operating Systems, and Applications (MOBILWARE). Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol. 7, pp. 236–251. Springer, Berlin (2009)Google Scholar
  44. 44.
    Villata, S., Delaforge, N., Gandon, F., Gyrard, A.: An access control model for linked data. In: 7th International IFIP Workshop on Semantic Web & Web Semantics (SWWS). Lecture Notes in Computer Science, vol. 7046, pp. 454–463. Springer, Berlin (2011)Google Scholar
  45. 45.
    Villata, S., Delaforge, N., Gandon, F., Gyrard, A.: Social semantic web access control. In: 4th International Workshop Social Data on the Web (SDoW), pp. 48–59. CEUR Workshop Proceedings (2011)Google Scholar

Copyright information

© Springer-Verlag Wien 2013

Authors and Affiliations

  • Serena Villata
    • 1
    Email author
  • Luca Costabello
    • 1
  • Fabien Gandon
    • 1
  • Catherine Faron-Zucker
    • 2
  • Michel Buffa
    • 2
  1. 1.INRIASophia AntipolisNiceFrance
  2. 2.I3S, Université Nice Sophia Antipolis - CNRSNiceFrance

Personalised recommendations