Loading...

Design and Implementation of an Access Control Mechanism Based on SBAC

Ehsan, Amir Mousa | 2008

589 Viewed
  1. Type of Document: M.Sc. Thesis
  2. Language: Farsi
  3. Document No: 39077 (19)
  4. University: Sharif University of Technology
  5. Department: Computer Engineering
  6. Advisor(s): Jalili, Rasoul
  7. Abstract:
  8. In order to control accesses in semantic environments, a semantic-based access control and policy specification language should be choosen. Upon to them, some security mechanisms should be designed and implemented. Several access control models and policy specification languages have been arisen, but seldom have focused on designing mechanisms to satisfy their models in any environment. In this thesis, we focus on implementation aspects of access control in semantic environments. We chose semantic web as our studying environment and an extension of the SBAC model named MA(DL)2 as our access control model. To control accesses in the selected environment, we divide semantic web into some security domains. Each security domain contains a Security Authority to specify the security policy in the domain, and a Security Agent to enforce those policies. In this thesis, we focus on the security agent framework and describe how to infer about an access request based on the MA(DL)2 logic. Some semantic web technologies such as ontologies are used to satisfy the specified security policies in the domain. In order to infer whether the access is allowed or not, different information of different entities including contextual information should be involved. From access control viewpoint, we divide the entities in semantic web into three categories: resources (objects), requesters (subjects), and environment (infrastructure, time, and location). Our proposed framework is a semantic-based context-aware access control framework to be applied in semantic web. To handle the context in the framework, we propose a context ontology to represent the contextual information and employ it in the inference engine. The proposed ontology classifies the context of a semantic web environment and represents the elements of contextual information and their relationship in an abstract level. We illustrate that how the access control framework handles the contextual information with the proposed context ontology. This thesis describes the mechanisms designed for a semantic-based context-aware access control framework, through a typical implementation for semantic web
  9. Keywords:
  10. Semantic Web ; Access Control ; Semantic Based Access Control (SBAC) ; Context Handling

 Digital Object List

 Bookmark

No TOC