nach oben

Erschienen in:

2016 | OriginalPaper | Buchkapitel

An Ontology Regulating Privacy Oriented Access Controls

verfasst von : Maherzia Belaazi, Hanen Boussi Rahmouni, Adel Bouhoula

Erschienen in: Risks and Security of Internet and Systems

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Access Control is one of the essential and traditional security weapons of data protection. In open and complex environments such as the Internet or cloud computing, the decision to grant access to a resource must ensure a secure management with a specific attention to privacy and data protection regulations. In recent years, many access control models and languages were proposed. Despite increasing legislative pressure, few of these propositions take care of privacy requirements in their specifications. In this paper we propose to enforce privacy compliance in access control policies. Based on a semantic modeling approach, specifically formal ontology, we will try to incorporate data protection legislation requirements in policies specification and implementation. This aims to abstract the complexity of legal requirements expression and to facilitate their automation and enforcement at execution level. Indeed, at run time, the interoperability of diverse information and the reference to the text law are addressed in a novel manner.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Addressing Privacy and Trust Issues in Cultural Heritage Modelling

Nächstes Kapitel A Literature Survey and Classifications on Data Deanonymisation

XACML privacy profile is a new profile proposed by the last XACML version 3.0 (at the time of writing this paper).

Personally identifiable information.

Damiani, E., Samarati, S.: New paradigms for access control in open environments. In: Proceedings of the Fifth IEEE International Symposium Signal Processing and Information Technology, pp. 540–545 (2005)

Reul, Q., Meersman, R.: Ontology-based access control policy interoperability. In: STARLab (2013)

Zhang, N.J., Todd, C.: A privacy agent in context-aware ubiquitous computing environments. In: Leitold, H., Markatos, E.P. (eds.) CMS 2006. LNCS, vol. 4237, pp. 196–205. Springer, Heidelberg (2006)CrossRef

Garcia, F.: Towards a base ontology for privacy protection in service-oriented architecture. In: IEEE International Conference on Service-Oriented Computing and Applications (SOCA) (2009)

Gruber, T.R.: A translation approach to portable ontology specifications. Knowl. Acquisition 5(2), 199–220 (1993)CrossRef

Gruber, T.R.: Toward principles for the design of ontologies used for knowledge sharing. Int. J. Hum. Comput. Stud. 43(5–6), 907–928 (1995)CrossRef

Spyns, P., Meersman, R.: An ontology engineering methodology for DOGMA. Appl. Ontology 3(1–2), 13–39 (2008)

Byun, J., Li, N.: Purpose based access control of complex data for privacy protection. In: Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies. ACM New York (2005)

Covington, M.J., Sastry, M.R.: A contextual attribute-based access control model. In: Meersman, R., Tari, Z., Herrero, P. (eds.) OTM 2006 Workshops. LNCS, vol. 4278, pp. 1996–2006. Springer, Heidelberg (2006)CrossRef

10.

Gilles, N., Kamel, M.: Ontology learning by analyzing XML document structure and content. In: Proceedings of the International Conference on Knowledge Engineering and Ontology Development KEOD Portugal (2009)

11.

Kamel, M., Rothenburger, B.: Eliciting hierarchical structures from enumerative structures for ontology learning. In: Proceedings of the 6th International Conference on Knowledge Capture K-CAP (2011)

12.

Noy, N.F., McGuiness, D.: An ontology development 101: a guide to creating your first ontology. Standford knowledge systems laboratory Technical report KSL-01-05 and standford medical informatics Technical report SMI-2001-0880 (2001)

13.

Ben Abacha, A., Da Silveira, M., Pruski, C.: Medical ontology validation through question answering. In: Peek, N., Marín Morales, R., Peleg, M. (eds.) AIME 2013. LNCS, vol. 7885, pp. 196–205. Springer, Heidelberg (2013)CrossRef

14.

Noy, N.F., Musen, M.A.: The protégé OWL plugin: an open development environment for semantic web applications. In: McIlraith, S.A., Plexousakis, D., Harmelen, F. (eds.) ISWC 2004. LNCS, vol. 3298, pp. 229–243. Springer, Heidelberg (2004)CrossRef

15.

Protege. http://protege.stanford.edu

16.

SWRL. http://www.w3.org/Submission/SWRL/

17.

OWL. http://www.w3.org/TR/owl-guide/

18.

OECD Privacy. http://www.ncbi.nlm.nih.gov

19.

EC: Data Protection in the European Union. European Commission (2010)

20.

Boussi, H.: Ontology based privacy compliance for health data disclosure in Europe. A thesis report (2010)

21.

Caralt, N.: Modelling legal knowledge through ontologies. A thesis report (2008)

22.

Horrocks, I.: OWL: a description logic based ontology language. In: van Beek, P. (ed.) CP 2005. LNCS, vol. 3709, pp. 5–8. Springer, Heidelberg (2005)

23.

Zhu, J., Smari, W.W.: Attribute based access control and security for collaboration environments. In: Aerospace and Electronics Conference (2008)

24.

Sandhu, R., Park, J.: Usage control: a vision for next generation access control. In: Gorodetsky, V., Popyack, L.J., Skormin, V.A. (eds.) MMM-ACNS 2003. LNCS, vol. 2776, pp. 17–31. Springer, Heidelberg (2003)CrossRef

25.

Oasis Web Site (2013). http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.html

26.

Anderson, A.H: A Comparison of Two Privacy Policy Languages: EPAL and XACML. GSun Microsystems Labs Technical report (2005)

27.

Özgü, C.A.N., Bursa, O., Ünalir, M.O.: Personalizable ontology-based access control. Gazi Univ. J. Sci. 23(4), 465–474 (2010)

Titel: An Ontology Regulating Privacy Oriented Access Controls
verfasst von: Maherzia Belaazi
Hanen Boussi Rahmouni
Adel Bouhoula
Verlag: Springer International Publishing
Buch: Risks and Security of Internet and Systems
Print ISBN: 978-3-319-31810-3

Electronic ISBN: 978-3-319-31811-0

Copyright-Jahr: 2016
DOI: https://doi.org/10.1007/978-3-319-31811-0_2

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner