Extending Context Descriptions in Semantics-Aware Access Control
- Cite this paper as:
- Damiani E., De Capitani di Vimercati S., Fugazza C., Samarati P. (2006) Extending Context Descriptions in Semantics-Aware Access Control. In: Bagchi A., Atluri V. (eds) Information Systems Security. ICISS 2006. Lecture Notes in Computer Science, vol 4332. Springer, Berlin, Heidelberg
Security is a crucial concern for commercial and mission critical applications in Web-based environments. In our model, context information associated with Access Control management policies is defined according to basic operators that can be represented using the Web Ontology Language. Standard inference procedures of Description Logics are being used to check the consistency of context information referred to by policy conditions and, more interestingly, to pre-process context information for grounding policy propagation and enabling conflict resolution. In this paper, we extend the model to encompass part-of relations between entities in context descriptions and, consequently, revise the policy propagation criteria being applied to the model to take into account the newly introduced relations. Finally, we exemplify modality conflicts arising from part-of relations, a category of extensional conflicts (i.e., inconsistencies related to individuals) that cannot be foreseen by looking at the terminology underlying context information.
Unable to display preview. Download preview PDF.