Semantic access control for information interoperation

Chi Chun Pan, Prasenjit Mitra, Peng Liu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

47 Citations (Scopus)

Abstract

Sharing information across different organizations is a critical problem. Using security enforcement mechanisms, accessing databases is limited to authorized users only. However, if databases and access control policies are syntactically and schematically heterogeneous, information interoperation becomes a crucial challenge. In order to allow users from multiple organizations to access databases, a better access control model is desired. In this paper, we propose Semantic Access Control based on popular Role-Base Access Control. Semantic Access Control provides secure access control to databases while resolving the heterogeneity among the databases. We present Semantic Access Control Enabler (SAGE), a novel middleware-based system that has been designed and implemented to enable Semantic Access Control on the Web. SAGE is a middleware system that requires only a few changes to be done on the legacy systems of any organizations involved. Unlike traditional mediator technologies, we integrate heterogeneity resolution and access control into one process, We show that despite performing ontology mappings and query and data translations our toolkit still provides acceptable performance.

Original languageEnglish
Title of host publicationProceedings of ACM Symposium on Access Control Models and Technologies, SACMAT
Pages237-246
Number of pages10
Volume2006
Publication statusPublished - 2006
Externally publishedYes
Event11th ACM Symposium on Access Control Models and Technologies, SACMAT 2006 - Lake Tahoe, CA
Duration: 7 Jun 20069 Jun 2006

Other

Other11th ACM Symposium on Access Control Models and Technologies, SACMAT 2006
CityLake Tahoe, CA
Period7/6/069/6/06

Fingerprint

Access control
Semantics
Middleware
Legacy systems
Ontology

Keywords

  • Access Control
  • Interoperation
  • Mediator
  • Semantic Heterogeneity

ASJC Scopus subject areas

  • Computer Science(all)

Cite this

Pan, C. C., Mitra, P., & Liu, P. (2006). Semantic access control for information interoperation. In Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT (Vol. 2006, pp. 237-246)

Semantic access control for information interoperation. / Pan, Chi Chun; Mitra, Prasenjit; Liu, Peng.

Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT. Vol. 2006 2006. p. 237-246.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Pan, CC, Mitra, P & Liu, P 2006, Semantic access control for information interoperation. in Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT. vol. 2006, pp. 237-246, 11th ACM Symposium on Access Control Models and Technologies, SACMAT 2006, Lake Tahoe, CA, 7/6/06.
Pan CC, Mitra P, Liu P. Semantic access control for information interoperation. In Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT. Vol. 2006. 2006. p. 237-246
Pan, Chi Chun ; Mitra, Prasenjit ; Liu, Peng. / Semantic access control for information interoperation. Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT. Vol. 2006 2006. pp. 237-246
@inproceedings{9c4f8cad9a3d447b886c2e6803cac84f,
title = "Semantic access control for information interoperation",
abstract = "Sharing information across different organizations is a critical problem. Using security enforcement mechanisms, accessing databases is limited to authorized users only. However, if databases and access control policies are syntactically and schematically heterogeneous, information interoperation becomes a crucial challenge. In order to allow users from multiple organizations to access databases, a better access control model is desired. In this paper, we propose Semantic Access Control based on popular Role-Base Access Control. Semantic Access Control provides secure access control to databases while resolving the heterogeneity among the databases. We present Semantic Access Control Enabler (SAGE), a novel middleware-based system that has been designed and implemented to enable Semantic Access Control on the Web. SAGE is a middleware system that requires only a few changes to be done on the legacy systems of any organizations involved. Unlike traditional mediator technologies, we integrate heterogeneity resolution and access control into one process, We show that despite performing ontology mappings and query and data translations our toolkit still provides acceptable performance.",
keywords = "Access Control, Interoperation, Mediator, Semantic Heterogeneity",
author = "Pan, {Chi Chun} and Prasenjit Mitra and Peng Liu",
year = "2006",
language = "English",
isbn = "1595933549",
volume = "2006",
pages = "237--246",
booktitle = "Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT",

}

TY - GEN

T1 - Semantic access control for information interoperation

AU - Pan, Chi Chun

AU - Mitra, Prasenjit

AU - Liu, Peng

PY - 2006

Y1 - 2006

N2 - Sharing information across different organizations is a critical problem. Using security enforcement mechanisms, accessing databases is limited to authorized users only. However, if databases and access control policies are syntactically and schematically heterogeneous, information interoperation becomes a crucial challenge. In order to allow users from multiple organizations to access databases, a better access control model is desired. In this paper, we propose Semantic Access Control based on popular Role-Base Access Control. Semantic Access Control provides secure access control to databases while resolving the heterogeneity among the databases. We present Semantic Access Control Enabler (SAGE), a novel middleware-based system that has been designed and implemented to enable Semantic Access Control on the Web. SAGE is a middleware system that requires only a few changes to be done on the legacy systems of any organizations involved. Unlike traditional mediator technologies, we integrate heterogeneity resolution and access control into one process, We show that despite performing ontology mappings and query and data translations our toolkit still provides acceptable performance.

AB - Sharing information across different organizations is a critical problem. Using security enforcement mechanisms, accessing databases is limited to authorized users only. However, if databases and access control policies are syntactically and schematically heterogeneous, information interoperation becomes a crucial challenge. In order to allow users from multiple organizations to access databases, a better access control model is desired. In this paper, we propose Semantic Access Control based on popular Role-Base Access Control. Semantic Access Control provides secure access control to databases while resolving the heterogeneity among the databases. We present Semantic Access Control Enabler (SAGE), a novel middleware-based system that has been designed and implemented to enable Semantic Access Control on the Web. SAGE is a middleware system that requires only a few changes to be done on the legacy systems of any organizations involved. Unlike traditional mediator technologies, we integrate heterogeneity resolution and access control into one process, We show that despite performing ontology mappings and query and data translations our toolkit still provides acceptable performance.

KW - Access Control

KW - Interoperation

KW - Mediator

KW - Semantic Heterogeneity

UR - http://www.scopus.com/inward/record.url?scp=33748043984&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=33748043984&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:33748043984

SN - 1595933549

SN - 9781595933546

VL - 2006

SP - 237

EP - 246

BT - Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

ER -