Ontology-based Access Control Policy Interoperability

Abstract:As personal data is generated over a human life, it is collected and stored at distributed locations and is used by a multitude of services. Such service-oriented architecture (SOA) relies on semantic interoperability to enable secure access to personal data based on a common vocabulary. However, existing languages, such as XACML, provides a data model as it lacks the element of semantic agreement beyond the boundary of the organization that developed it. Thus, semantic interoperability across services based on these languages is not feasible.

In this paper, we present a security policy ontology based on the DOGMA framework. Given this security policy ontology and ontologies representing their respective security domains, services requesters (SRs) and service providers (SPs) interoperate with each other with the facility of interpretation of attribute types and their values in a request. Thus, this approach removes the impractical restriction on SRs and SPs in distributed environment to share identical vocabularies to describe the conceptual model of their respective security domains.

Publication year:2010

Keywords:ontology, access control policy, interoperability, security