Skip to main content

Social Semantic Network-Based Access Control

Part of the Lecture Notes in Social Networks book series (LNSN)

Abstract

Social networks are the bases of the so-called Web 2.0, raising many new challenges to the research community. In particular, the ability of these networks to allow the users to share their own personal information with other people opens new issues concerning privacy and access control. Nowadays the Web has further evolved into the Social Semantic Web where social networks are integrated and enhanced by the use of semantic conceptual models, e.g., the ontologies, where the social information and links among the users become semantic information and links. In this chapter, we discuss which are the benefits of introducing semantics in social network-based access control. In particular, we analyze and detail two approaches to manage the access rights of the social network users relying on Semantic Web languages only, and we highlight, thanks to these two proposals, what are pros and cons of introducing semantics in social networks access control. Finally, we report on the other existing approaches coupling semantics and access control in the context of social networks.

Keywords

  • Access Control
  • Access Condition
  • Access Control Policy
  • Access Policy
  • Access Control Model

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-7091-0894-9_6
  • Chapter length: 35 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   109.00
Price excludes VAT (USA)
  • ISBN: 978-3-7091-0894-9
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Hardcover Book
USD   139.00
Price excludes VAT (USA)
Fig. 6.1
Fig. 6.2
Fig. 6.3
Fig. 6.4
Fig. 6.5
Fig. 6.6
Fig. 6.7
Fig. 6.8
Fig. 6.9
Fig. 6.10
Fig. 6.11
Fig. 6.12
Fig. 6.13

Notes

  1. 1.

    http://isicil.inria.fr/

  2. 2.

    http://ns.inria.fr/s4ac/

  3. 3.

    http://ns.inria.fr/prissma/

  4. 4.

    http://www.mindtouch.com/

  5. 5.

    http://bit.ly/w3rdfperm

  6. 6.

    The discussion about the use of named graphs in RDF 1.1 can be found at http://www.w3.org/TR/rdf11-concepts

  7. 7.

    http://bit.ly/graphterm

  8. 8.

    http://rdfs.org/sioc/spec/

  9. 9.

    http://www.w3.org/TR/skos-reference/

  10. 10.

    http://www.w3.org/wiki/WebAccessControl

  11. 11.

    http://ns.inria.fr/nicetag/2010/09/09/voc.html

  12. 12.

    http://spinrdf.org/

  13. 13.

    http://dublincore.org/documents/dcmi-terms/

  14. 14.

    http://xmlns.com/foaf/spec/

  15. 15.

    http://vocab.org/relationship/

  16. 16.

    http://www.w3.org/TR/sparql11-query/#ask

  17. 17.

    http://www.w3.org/TR/sparql11-federated-query/#update

  18. 18.

    http://bit.ly/XGR-mbui

  19. 19.

    http://bit.ly/dc-ontology

  20. 20.

    http://www.w3.org/TR/poi-core/

  21. 21.

    http://www.w3.org/TR/owl-time

  22. 22.

    http://vocab.deri.ie/rooms

  23. 23.

    http://www.w3.org/2005/Incubator/webid/spec/

  24. 24.

    The GRAPH keyword is used to match patterns against named graphs.

  25. 25.

    Notice that the client query can be every kind of query defined by the SPARQL 1.1 Query and Update language, e.g., CONSTRUCT, SELECT.

  26. 26.

    http://www.w3.org/TR/sparql11-update/#deleteInsert

  27. 27.

    Concerning accessing inferred statements, Corese-KGRAM allows to know where are the inferred triples. In this way, we can apply to these inferred triples the same access policies that regulate the access to the triples from which these triples have been inferred.

  28. 28.

    http://www-sop.inria.fr/edelweiss/software/corese/

  29. 29.

    http://www4.wiwiss.fu-berlin.de/bizer/BerlinSPARQLBenchmark/spec/Dataset/

  30. 30.

    http://www.xrml.org/

  31. 31.

    http://www.chiariglione.org/mpeg/standards/mpeg-21/mpeg-21.htm

  32. 32.

    http://www.w3.org/TR/odrl/

  33. 33.

    http://www.oasis-open.org/committees/xacml/

  34. 34.

    http://www.w3.org/2001/04/20-ACLs

  35. 35.

    http://www.w3.org/ns/auth/acl

  36. 36.

    http://www.jeromedl.org/eac/1.0/spec/index.html

  37. 37.

    http://vocab.deri.ie/ppo

  38. 38.

    http://www.w3.org/Submission/SWRL/

  39. 39.

    http://www.w3.org/Submission/SWRL/

  40. 40.

    http://xmlns.com/foaf/spec/

  41. 41.

    http://sioc-project.org/ontology

  42. 42.

    http://linkeddata.org/

  43. 43.

    http://www.w3.org/Submission/SWRL/

  44. 44.

    http://www.w3.org/2005/Incubator/webid/spec/

References

  1. Abel, F., De Coi, J.L., Henze, N., Koesling, A.W., Krause, D., Olmedilla, D.: Enabling advanced and context-dependent access control in RDF stores. In: 6th International Semantic Web Conference (ISWC). Lecture Notes in Computer Science, vol. 4825, pp. 1–14. Springer, Berlin (2007)

    Google Scholar 

  2. Alam, A., Subbiah, G., Thuraisingham, B.M., Khan, L.: Reasoning with semantics-aware access control policies for geospatial web services. In: 3rd ACM Workshop on Secure Web Services (SWS), pp. 69–76. ACM, New York (2006)

    Google Scholar 

  3. Bertino, E., Kirkpatrick, M.S.: Location-aware authentication and access control. In: IEEE 23rd International Conference on Advanced Information Networking and Applications (AINA), pp. 10–15. IEEE Computer Society, Bradford (2009)

    Google Scholar 

  4. Bolchini, C., Curino, C., Quintarelli, E., Schreiber, F.A., Tanca, L.: A data-oriented survey of context models. SIGMOD Rec. 36(4), 19–26 (2007)

    CrossRef  Google Scholar 

  5. Breslin, J., Passant, A., Decker, S.: The Social Semantic Web. Springer, Berlin (2009)

    CrossRef  Google Scholar 

  6. Buffa, M., Faron-Zucker, C.: Ontology-based access rights management. In: Advances in Knowledge Discovery and Management. Studies in Computational Intelligence, vol. 398, pp. 49–61. Springer, Berlin (2012)

    Google Scholar 

  7. Buffa, M., Gandon, F.L., Erétéo, G., Sander, P., Faron, C.: SweetWiki: a semantic wiki. J. Web Semant. 6(1), 84–97 (2008)

    CrossRef  Google Scholar 

  8. Carminati, B., Ferrari, E., Heatherly, R., Kantarcioglu, M., Thuraisingham, B.M.: Semantic web-based social network access control. Comput. Secur. 30(2–3), 108–115 (2011)

    CrossRef  Google Scholar 

  9. Carroll, J.J., Bizer, C., Hayes, P.J., Stickler, P.: Named graphs. J. Web Semant. 3(4), 247–267 (2005)

    CrossRef  Google Scholar 

  10. Corby, O., Faron-Zucker, C.: The KGRAM abstract machine for knowledge graph querying. In: Web Intelligence, pp. 338–341. IEEE, Toronto (2010)

    Google Scholar 

  11. Corby, O., Dieng-Kuntz, R., Faron-Zucker, C.: Querying the semantic web with Corese search engine. In: 16th European Conference on Artificial Intelligence (ECAI), pp. 705–709. IOS Press, Amsterdam (2004)

    Google Scholar 

  12. Corby, O., Dieng-Kuntz, R., Faron-Zucker, C., Gandon, F.L.: Searching the semantic web: approximate query processing based on ontologies. IEEE Intell. Syst. 21(1), 20–27 (2006)

    CrossRef  Google Scholar 

  13. Corradi, A., Montanari, R., Tibaldi, D.: Context-based access control management in ubiquitous environments. In: 3rd IEEE International Symposium on Network Computing and Applications (NCA), pp. 253–260. IEEE Computer Society, Los Alamitos (2004)

    Google Scholar 

  14. Costabello, L.: DC Proposal: PRISSMA, towards mobile adaptive presentation of the Web of data. In: Doctoral Consortium, 10th International Semantic Web Conference (ISWC). Lecture Notes in Computer Science, vol. 7032, pp. 269–276. Springer, Berlin (2011)

    Google Scholar 

  15. Costabello, L., Villata, S., Delaforge, N., Gandon, F.L.: Ubiquitous Access Control for SPARQL Endpoints: Lessons Learned and Future Challenges. In: WWW (Companion Volume), pp. 487–488. ACM, New York (2012)

    Google Scholar 

  16. Covington M.J., Sastry, M.R.: A contextual attribute-based access control model. In: Workshops on the Move to Meaningful Internet Systems (OTM). Lecture Notes in Computer Science, vol. 4278, pp. 1996–2006. Springer, Berlin (2006)

    Google Scholar 

  17. Covington, M.J., Long, W., Srinivasan, S., Dey, A.K., Ahamad, M., Abowd, G.D.: Securing context-aware applications using environment roles. In: 6th ACM Symposium on Access Control Models and Technologies (SACMAT), pp. 10–20. ACM, New York (2001)

    Google Scholar 

  18. Coyle, K.: Rights management and digital library requirements. Ariadne 40, 125–137 (2004)

    Google Scholar 

  19. Cuppens, F., Cuppens-Boulahia, N.: Modeling contextual security policies. Int. J. Inf. Secur. 7(4), 285–305 (2008)

    CrossRef  Google Scholar 

  20. Cuppens, F., Cuppens-Boulahia, N., Ghorbel, M.B.: High level conflict management strategies in advanced access control models. Electron. Notes Theor. Comput. Sci. 186, 3–26 (2007)

    CrossRef  Google Scholar 

  21. Dey, A.K.: Understanding and using context. Pers. Ubiquitous Comput. 5(1), 4–7 (2001)

    CrossRef  Google Scholar 

  22. Finin, T.W., Joshi, A., Kagal, L., Niu, J., Sandhu, R.S., Winsborough, W.H., Thuraisingham, B.M.: ROWLBAC: representing role based access control in OWL. In: 13th ACM Symposium on Access Control Models and Technologies, pp. 73–82. ACM, New York (2008)

    Google Scholar 

  23. Flouris, G., Fundulaki, I., Michou, M., Antoniou, G.: Controlling access to RDF graphs. In: 3rd Future Internet Symposium (FIS). Lecture Notes in Computer Science, vol. 6369, pp. 107–117. Springer, Berlin (2010)

    Google Scholar 

  24. Giunchiglia, F., Zhang, R., Crispo, B.: Ontology driven community access control. In: 1st Workshop on Trust and Privacy on the Social and Semantic Web (SPOT). CEUR Workshop Proceedings (2009)

    Google Scholar 

  25. Hollenbach, J., Presbrey, J., Berners-Lee, T.: Using RDF metadata to enable access control on the social semantic web. In: Workshop on Collaborative Construction, Management and Linking of Structured Knowledge (CK). CEUR-WS.org (2009)

    Google Scholar 

  26. Hulsebosch, R.J., Salden, A.H., Bargh, M.S., Ebben, P.W.G., Reitsma, J.: Context sensitive access control. In: 10th ACM Symposium on Access Control Models and Technologies (SACMAT), pp. 111–119. ACM, New York (2005)

    Google Scholar 

  27. Khandelwal, A., Bao, J., Kagal, L., Jacobi, I., Ding, L., Hendler, J.A.: Analyzing the AIR language: a semantic web (production) rule language. In: Web Reasoning and Rule Systems, 4th International Conference (RR). Lecture Notes in Computer Science, vol. 6333, pp. 58–72. Springer, Berlin (2010)

    Google Scholar 

  28. Korpipää, P., Mäntyjärvi, J.: An ontology for mobile device sensor-based context awareness. In: Modeling and Using Context, 4th International and Interdisciplinary Conference (CONTEXT). Lecture Notes in Computer Science, vol. 2680, pp. 451–458. Springer, Berlin (2003)

    Google Scholar 

  29. Kruk, S.R.: Extensible Access Control (EAC) Ontology Specification. DERI. http://www.jeromedl.org/eac/1.0/spec/index.html/ (2008)

  30. Kruk, S.R., Cygan, M., Gzella, A.: JeromeDL—semantic and social technologies for improving user experience in digital libraries. In: World Wide Web Conference, WWW 2008. ACM, New York (2008)

    Google Scholar 

  31. Kulkarni, D., Tripathi, A.: Context-aware role-based access control in pervasive computing systems. In: 13th ACM Symposium on Access Control Models and Technologies (SACMAT), pp. 113–122. ACM, New York (2008)

    Google Scholar 

  32. Lagoze, C., Payette, S., Shin, E., Wilper, C.: Fedora: an architecture for complex objects and their relationships. Int. J. Digit. Libr. 6(2), 124–138 (2006)

    CrossRef  Google Scholar 

  33. Muhleisen, H., Kost, M., Freytag, J.-C.: SWRL-based access policies for linked data. In: 2nd Workshop on Trust and Privacy on the Social and Semantic Web (SPOT). CEUR-WS.org (2010)

    Google Scholar 

  34. Nasirifard, P., Peristeras, V., Hayes, C., Decker, S.: Extracting and utilizing social networks from log files of shared workspaces. In: 10th IFIP Working Conference on Virtual Enterprises, (PRO-VE), pp. 643–650. Springer, Berlin (2009)

    Google Scholar 

  35. Sacco, O., Passant, A.: A privacy preference manager for the social semantic web. In: 2nd Workshop on Semantic Personalized Information Management: Retrieval and Recommendation (SPIM). CEUR Workshop Proceedings (2011)

    Google Scholar 

  36. Sacco, O., Passant, A.: A privacy preference ontology (PPO) for linked data. In: Linked Data on the Web Workshop (LDOW). CEUR-WS.org (2011)

    Google Scholar 

  37. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Comput. 29(2), 38–47 (1996)

    CrossRef  Google Scholar 

  38. Shen, H., Cheng,Y.: A semantic context-based model for mobile web services access control. Int. J. Comput. Netw. Inf. Secur. 3(1), 18–25 (2011)

    Google Scholar 

  39. Story, H., Harbulot, B., Jacobi, I., Jones, M.: FOAF+TLS: RESTful authentication for distributed social networks. In: 1st Workshop on Trust and Privacy on the Social and Semantic Web (SPOT). CEUR-WS.org (2009)

    Google Scholar 

  40. Stroka, S., Schaffert, S., Burger, T.: Access control in the social semantic web—extending the idea of FOAF+SSL in KiWi. In: 2nd Workshop on Trust and Privacy on the Social and Semantic Web (SPOT). CEUR-WS.org (2010)

    Google Scholar 

  41. Toninelli, A., Montanari, R., Kagal, L., Lassila, O.: A semantic context-aware access control framework for secure collaborations in pervasive computing environments. In: 5th International Semantic Web Conference (ISWC). Lecture Notes in Computer Science, vol. 4273, pp. 473–486. Springer, Berlin (2006)

    Google Scholar 

  42. Toninelli, A., Montanari, R., Kagal, L., Lassila, O.: Proteus: a semantic context-aware adaptive policy model. In: 8th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY), pp. 129–140. IEEE Computer Society, Los Alamitos (2007)

    Google Scholar 

  43. Toninelli, A., Corradi, A., Montanari, R.: A quality of context-aware approach to access control in pervasive environments. In: 2nd International Conference on Mobile Wireless Middleware, Operating Systems, and Applications (MOBILWARE). Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol. 7, pp. 236–251. Springer, Berlin (2009)

    Google Scholar 

  44. Villata, S., Delaforge, N., Gandon, F., Gyrard, A.: An access control model for linked data. In: 7th International IFIP Workshop on Semantic Web & Web Semantics (SWWS). Lecture Notes in Computer Science, vol. 7046, pp. 454–463. Springer, Berlin (2011)

    Google Scholar 

  45. Villata, S., Delaforge, N., Gandon, F., Gyrard, A.: Social semantic web access control. In: 4th International Workshop Social Data on the Web (SDoW), pp. 48–59. CEUR Workshop Proceedings (2011)

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Serena Villata .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2013 Springer-Verlag Wien

About this chapter

Cite this chapter

Villata, S., Costabello, L., Gandon, F., Faron-Zucker, C., Buffa, M. (2013). Social Semantic Network-Based Access Control. In: Chbeir, R., Al Bouna, B. (eds) Security and Privacy Preserving in Social Networks. Lecture Notes in Social Networks. Springer, Vienna. https://doi.org/10.1007/978-3-7091-0894-9_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-7091-0894-9_6

  • Published:

  • Publisher Name: Springer, Vienna

  • Print ISBN: 978-3-7091-0893-2

  • Online ISBN: 978-3-7091-0894-9

  • eBook Packages: Computer ScienceComputer Science (R0)