Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Functional and Constraint Logic Programming

WFLP 2010: Functional and Constraint Logic Programming pp 66–83Cite as

An Access Control Language Based on Term Rewriting and Description Logic

  • Conference paper

  • 253 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 6559))

Abstract

This paper presents a rule-based, domain specific language for modeling access control policies which is particularly suitable for managing security in the semantic web, since (i) it allows one to evaluate authorization requests according to semantic information retrieved from remote knowledge bases; (ii) it supports semantic-based policy composition, delegation and closure via flexible operators which can be defined by security administrators in a pure declarative way with little effort. The operational engine of the language smoothly integrates description logic into standard term rewriting giving support to reasoning capabilities which are particularly useful in this context, since they allow one to naturally combine and reuse data extracted from multiple knowledge bases. Such a rewrite engine can be used to evaluate authorization requests w.r.t. a policy specification as well as to formally check properties regarding the security domain to be protected. The language we propose has been implemented in a prototypical system, which is written in Haskell. Some case studies have been analyzed to highlight the potentiality of our approach.

This work has been partially supported by the Italian MUR under grant RBIN04M8S8, FIRB project, Internationalization 2004.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Baader, F., Calvanese, D., McGuinness, D., Nardi, D., Patel-Scheider, P. (eds.): The Description Logic Handbook. Cambridge University Press, Cambridge (2003)

    MATH  Google Scholar 

  2. Baader, F., Nipkow, T.: Term Rewriting and All That. Cambridge University Press, Cambridge (1998)

    Book  MATH  Google Scholar 

  3. Baggi, M., Ballis, D., Falaschi, M.: Paul - The Policy Specification and Analysis Language (2009), http://sole.dimi.uniud.it/~michele.baggi/paul

  4. Barker, S., Fernández, M.: Term rewriting for access control. In: Damiani, E., Liu, P. (eds.) Data and Applications Security 2006. LNCS, vol. 4127, pp. 179–193. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  5. Bechhofer, S..: The DIG Description Logic Interface: DIG/1.1. Tech. rep., University of Manchester (2003)

    Google Scholar 

  6. Bertolissi, C., Fernández, M.: A Rewriting Framework for the Composition of Access Control Policies. In: 10th Int’l ACM SIGPLAN Conference on Principles and Practice of Declarative Programming (PPDP 2008), pp. 217–225. ACM, New York (2008)

    Google Scholar 

  7. Bonatti, P., De Capitani di Vimercati, S., Samarati, P.: An Algebra for Composing Access Control Policies. ACM Transactions on Information and System Security 5(1), 1–35 (2002)

    Article  Google Scholar 

  8. World Wide Web Consortium (W3C): OWL Web Ontology Language Guide (2004), http://www.w3.org/

  9. Damiani, E., di Vimercati, S.D.C., Fugazza, C., Samarati, P.: Extending policy languages to the semantic web. In: Koch, N., Fraternali, P., Wirsing, M. (eds.) ICWE 2004. LNCS, vol. 3140, pp. 330–343. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  10. Dean, M., Schreiber, G.: OWL Web Ontology Language Reference — W3C recommendation (2004), http://www.w3.org/TR/owl-ref/

  11. Denker, G., Kagal, L., Finin, T.W., Paolucci, M., Sycara, K.P.: Security for DAML web services: Annotation and matchmaking. In: Fensel, D., Sycara, K., Mylopoulos, J. (eds.) ISWC 2003. LNCS, vol. 2870, pp. 335–350. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  12. DeTreville, J.: Binder, a Logic-Based Security Language. In: 2002 IEEE Symposium on Security and Privacy, pp. 105–113. IEEE Computer Society, Los Alamitos (2002)

    Chapter  Google Scholar 

  13. Dougherty, D.J., Kirchner, C., Kirchner, H., de Oliveira, A.S.: Modular access control via strategic rewriting. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 578–593. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  14. Finin, T.W., Joshi, A.: Agents, Trust, and Information Access on the Semantic Web. SIGMOD Record 31(4), 30–35 (2002)

    Article  Google Scholar 

  15. Gavriloaie, R., Nejdl, W., Olmedilla, D., Seamons, K.E., Winslett, M.: No Registration Needed: How to Use Declarative Policies and Negotiation to Access Sensitive Resources on the Semantic Web. In: Bussler, C.J., Davies, J., Fensel, D., Studer, R. (eds.) ESWS 2004. LNCS, vol. 3053, pp. 342–356. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  16. Kagal, L., Berners-Lee, T., Connolly, D., Weitzner, D.J.: Using Semantic Web Technologies for Policy Management on the Web. In: 21st National Conference on Artificial Intelligence AAAI 2006, AAAI Press, Menlo Park (2006)

    Google Scholar 

  17. Kagal, L., Finin, T.W., Joshi, A.: A policy based approach to security for the semantic web. In: Fensel, D., Sycara, K., Mylopoulos, J. (eds.) ISWC 2003. LNCS, vol. 2870, pp. 402–418. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  18. Kirchner, C., Kirchner, H., de Oliveira, A.S.: Analysis of Rewrite-Based Access Control Policies. ENTCS 234, 55–75 (2009)

    Google Scholar 

  19. Kolovski, V., Hendler, J., Parsia, B.: Analyzing Web Access Control Policies. In: 16th Int’l Conference on World Wide Web (WWW 2007), pp. 677–686. ACM, New York (2007)

    Chapter  Google Scholar 

  20. Li, N., Grosof, B.N., Feigenbaum, J.: Delegation Logic: A Logic-Based Approach to Distributed Authorization. ACM Transactions on Information and System Security 6(1), 128–171 (2003)

    Article  Google Scholar 

  21. Moses, T.: eXtensible Access Control Markup Language (XACML) v2.0. Technical report, OASIS (2005)

    Google Scholar 

  22. Padawitz, P.: Computing in Horn Clause Theories. In: EATCS Monographs on Theoretical Computer Science, vol. 16. Springer, Heidelberg (1988)

    Google Scholar 

  23. Sirin, E., Parsia, B., Grau, B.C., Kalyanpur, A., Katz, Y.: Pellet: a Practical OWL-DL Reasoner. Journal of Web Semantics 5(2), 51–53 (2007)

    Article  Google Scholar 

  24. Uszok, A., Bradshaw, J.M., Johnson, M., Jeffers, R., Tate, A., Dalton, J., Aitken, J.S.: Kaos Policy Management for Semantic Web Services. IEEE Intelligent Systems 19(4), 32–41 (2004)

    Article  Google Scholar 

  25. World Wide Web Consortium (W3C): Web Services Policy 1.2 - Framework, WS-Policy (2006), http://www.w3.org/Submission/WS-Policy/

  26. Zhao, C., Heilili, N., Liu, S., Lin, Z.: Representation and reasoning on RBAC: A description logic approach. In: Van Hung, D., Wirsing, M. (eds.) ICTAC 2005. LNCS, vol. 3722, pp. 381–393. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dip. di Scienze Matematiche e Informatiche, Pian dei Mantellini 44, 53100, Siena, Italy

    Michele Baggi & Moreno Falaschi

  2. Dip. Matematica e Informatica, Via delle Scienze 206, 33100, Udine, Italy

    Demis Ballis

Authors
  1. Michele Baggi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Demis Ballis
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Moreno Falaschi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Computer Science, Universidad Politécnica de Madrid, Campus de Montegancedo, 28660, Boadilla de Monte, Spain

    Julio Mariño

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Baggi, M., Ballis, D., Falaschi, M. (2011). An Access Control Language Based on Term Rewriting and Description Logic. In: Mariño, J. (eds) Functional and Constraint Logic Programming. WFLP 2010. Lecture Notes in Computer Science, vol 6559. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-20775-4_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-20775-4_4

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-20774-7

  • Online ISBN: 978-3-642-20775-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation