Semantic Access Control in Web Based Communities

Elahi, Najeeb; Chowdhury, Mohammad M. R.; Noll, Josef

doi:10.1109/iccgi.2008.46

Cited by 24 publications

(15 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In particular, recent work proposed to adopt semantic policies to control access to resources in social networking applications, such as Facebook [16] [17]. Both works propose, with some differ-ences, to represent policies as Semantic Web Rule Language (SWRL) rules 7 : by reasoning on the social knowledge base, represented in OWL, they derive the set of active permissions.…”

Section: Related Workmentioning

confidence: 99%

“…Finally, only few solutions provide user-interfaces. In particular, [3] provides a user-interface, which however requires to deal with concepts like strong/weak conditions that might not be intuitive to define in practice, while [17] requires to deal directly with a SWRL editor. Our GUI allows non technical users to specify policies without dealing with the underlying SPARQL model.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Policy-Based Access Control in Mobile Social Ecosystems

Hachem

Toninelli

Pathak

et al. 2011

2011 IEEE International Symposium on Policies for Distributed Systems and Networks

View full text Add to dashboard Cite

Abstract-The novel scenarios enabled by emerging mobile social applications raise serious concerns regarding access control of users' contextual and social data. Given the variety of existing and upcoming social applications, it is important to provide (i) generic yet flexible policy models that combine expressivity with personalization, (ii) actual running infrastructures to enforce policy-based access control on heterogenous devices with minimal development/deployment effort, and (iii) user-interfaces to allow the easy specification of policies without dealing with the complexity of the underlying policy and data models. Toward this goal, in this paper we make three contributions. First, we present a novel policy framework for controlling access to social data in mobile applications. The framework allows the representation of expressive policies based on users' social interactions, which can be easily extended with new domain data models, while keeping policy model compatibility intact. Secondly, we demonstrate how we integrated the policy framework as part of Yarta, a middleware for managing mobile users' social ecosystems, implemented and deployed on laptops and smart phones. Third, we show the graphical policy editor provided with the policy framework to allow non-technology savvy users to easily specify and manage their access control policies.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Policy-Based Access Control in Mobile Social Ecosystems

Hachem

Toninelli

Pathak

et al. 2011

2011 IEEE International Symposium on Policies for Distributed Systems and Networks

View full text Add to dashboard Cite

show abstract

“…The complex relations considered in Online Social Networks (OSNs) and the associated applications highlight the need for semantic organisation of the contained knowledge and for semantic access control mechanisms. In this context, the work presented in [12] leverages ontologies for representing relationships with the individuals and the community in order to determine the access restrictions to community resources. Carminati et al provide in [6] a much richer OWL ontology for modelling various aspects of OSNs, while also proposing authorisation, administration and filtering policies that depend on trust relationships among various users.…”

Section: Related Workmentioning

confidence: 99%

“…In most cases, they focus on and capture a limited number of concepts, constraints and access parameters, missing the necessary expressiveness for the specification of complex provisions and access structures. For instance, only few of these models (e.g., [6] [12][25] [34]) are privacy-aware, yet they do not provide support for separation and binding of duty constraints, whereas presenting limited, if any, context-awareness. Moreover, the semantic taxonomies created within existing approaches are typically limited to very basic hierarchies (e.g., of roles), with no support for relations beyond is-a generalisations, or complex expressions and logical relations thereof.…”

Section: Related Workmentioning

confidence: 99%

Leveraging Ontologies upon a Holistic Privacy-Aware Access Control Model

Papagiannakopoulou

Koukovini

Lioudakis

et al. 2014

Foundations and Practice of Security

View full text Add to dashboard Cite

Abstract. Access control is a crucial concept in both ICT security and privacy, providing for the protection of system resources and personal data. The increasing complexity of nowadays systems has led to a vast family of solutions fostering comprehensive access control models, with the ability to capture a variety of parameters and to incorporate them in the decision making process. However, existing approaches are characterised by limitations regarding expressiveness. We present an approach that aims at overcoming such limitations. It is fully based on ontologies and grounded on a rich in semantics information model. The result is a privacy-aware solution that takes into consideration a variety of aspects and parameters, including attributes, context, dependencies between actions and entities participating therein, as well as separation and binding of duty constraints.

show abstract

“…Recently, semantic web technologies have been used to model and express finegrained access control policies for OSNs (e.g., [5,10,21]). Especially, Carminati et al [5] proposed a semantic web based access control framework for social networks.…”

Section: Related Workmentioning

confidence: 99%

Multiparty Authorization Framework for Data Sharing in Online Social Networks

Ahn

2011

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Online social networks (OSNs) have experienced tremendous growth in recent years and become a de facto portal for hundreds of millions of Internet users. These OSNs offer attractive means for digital social interactions and information sharing, but also raise a number of security and privacy issues. While OSNs allow users to restrict access to shared data, they currently do not provide effective mechanisms to enforce privacy concerns over data associated with multiple users. In this paper, we propose a multiparty authorization framework that enables collaborative management of shared data in OSNs. An access control model is formulated to capture the essence of multiparty authorization requirements. We also demonstrate the applicability of our approach by implementing a proof-of-concept prototype hosted in Facebook.

show abstract

Semantic Access Control in Web Based Communities

Cited by 24 publications

References 4 publications

Policy-Based Access Control in Mobile Social Ecosystems

Policy-Based Access Control in Mobile Social Ecosystems

Leveraging Ontologies upon a Holistic Privacy-Aware Access Control Model

Multiparty Authorization Framework for Data Sharing in Online Social Networks

Contact Info

Product

Resources

About