Semantic Similarity-Based Web Services Access Control

  • Yi Zhao
  • Xia Wang
Part of the Studies in Computational Intelligence book series (SCI, volume 391)


As the Semantic Web has been applied in the Web Services to integrate data across different applications with the increasing development of the Semantic Web technologies, it is essential to maintain the security of the organizations involved in the Semantic Web Services. Security is a crucial concern for commercial and mission critical applications in Web-based environments. To guarantee the security of the web services, security measures must be considered to protect against unauthorized disclosure, transfer, modification, or destruction, whether accidental or intentional. Access control is a kind of security measurements to guarantee the service processes, which is defined to allow resource owners to define, manage, and enforce the access conditions for each resource. In this paper, an ontological concept similarity algorithm is first proposed taking multiple concept relations into consideration. Then, an attribute based access control model based on the semantic similarity (SABAC, for short) is proposed to specify access control over attributes defined in domain ontologies. An experimental prototype and detailed empirical discussions are presented, and the method is validated in the framework of web service selection.


Access Control Semantic Similarity Domain Ontology Access Control Policy Access Control Model 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Berners-Lee, T., Hendler, J., Lassila, O.: The Semantic Web. Scientific American, pp. 28–37 (2001)Google Scholar
  2. 2.
    Payne, T.R., Lassila, O.: Guest Editors’ Introduction: Semantic Web Services. IEEE Trans. Intelligent Systems 19(4), 14–15 (2004)CrossRefGoogle Scholar
  3. 3.
    Priebe, T., Fernandez, E.B., Mehlau, J.I., Pernul, G.: A Pattern System for Access Control. In: Proceedings of the 18th Annual IFIP WG 11.3 Working Conference on Data and Application Security, Sitges, Spain (2004)Google Scholar
  4. 4.
    Javanmardi, S., et al.: SBAC: A Semantic-based AccessControl Model. In: SBAC: A Semantic-based AccessControl Model, The 11th Nordic Workshop on Secure IT-systems, Linköping, Sweden, pp. 19–20 (2006)Google Scholar
  5. 5.
    Ko, H.J., Kang, W.: Enhanced Access Control with Semantic Context Hierarchy Tree for Ubiquitous Computing. IJCSNS International Journal of Computer Science and Network Security 8(10), 114–120 (2008)Google Scholar
  6. 6.
    Samarati, P., di Vimercati, S.d.C.: Access Control: Policies, Models, and Mechanisms. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol. 2171, pp. 137–196. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  7. 7.
    Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-based Access Control Models. IEEE Trans. Computers 29(2), 38–47 (1996)Google Scholar
  8. 8.
    Corradi, A., Montanari, R., Tibaldi, D.: Context-based Access Control for Ubiquitous Service Provisioning. In: Proceedings of the 28th International Computer Software and Applications Conference, COMPSAC 2004 (2004)Google Scholar
  9. 9.
    Ferraiolo, D.F., Sandhu, R., Gavrila, S.I., Kuhn, D.R., Chandramouli, R.: Proposed NIST Standard for Role based Access Control. Information and System Security 4(3), 224–274 (2001)CrossRefGoogle Scholar
  10. 10.
    Pan, C.C., Mitra, P., Liu, P.: Semantic Access Control for Information Interoperation. In: Proceedings of the 11th ACM Symposium on Access Control Models and Technologies (SACMAT 2006), pp. 237–246. ACM, New York (2006)Google Scholar
  11. 11.
    Priebe, T., Dobmeier, W., Kamprath, N.: Supporting attribute-based Access Control with Ontologies. In: First International Conference on Availability, Reliability and Security (ARES 2006), pp. 465–472. IEEE Computer Society Press (2006); ISBN 0-7695-2567-9Google Scholar
  12. 12.
    Warner, J., Atluri, V., Mukkamala, R., Vaidya, J.: Using Semantics for Automatic Enforcement of Access Control Policies among Dynamic Coalitions. In: Proceedings of ACM Symposium on Access Control Models and Technologies (SACMAT), Sophia Antipolis, France (2007)Google Scholar
  13. 13.
    Lang, B., Zhao, N., Ge, K., Chen, K.: An XACML Policy Generating Method based on Policy View. In: 3rd International Conference on Pervasive Computing and Applications, vol. 1, pp. 978–971 (2008); ISBN: 978-1-4244-2020-9Google Scholar
  14. 14.
    Moses, T.: eXtensible Access Control Markup Language(XACML) Version 2.0. OASIS Standard (2005)Google Scholar
  15. 15.
    Ehrig, P., Haase, M.: Hefke, and N. Stojanovic, Similarity for Ontologies – A Comprehensive Framework. In: ECIS (2005)Google Scholar
  16. 16.
    Wang, X., Ding, Y.H., Zhao, Y.: Similarity Measurement about Ontology-based Semantic Web Services. In: Shafiq, O. (ed.) Proc. Workshop on Semantics for Web Services, Zuerich, pp. 25–30 (2006)Google Scholar
  17. 17.
    Bouquet, P., Serani, L., Zanobini, S.: Semantic Coordination: a new approach and an application. In: 2nd International Semantic Web Conference (ISWC 2003), Florida, USA (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  1. 1.Faculty of Mathematics and Computer SciencesFernuniversität HagenHagenGermany
  2. 2.Large-Scale Scientific Information Services Research GroupJacobs UniversityBremenGermany

Personalised recommendations