Semantic Access Control Ashraful Alam Dr. Bhavani Thuraisingham.

Slides:



Advertisements
Similar presentations
ROWLBAC – Representing Role Based Access Control in OWL
Advertisements

Chapter 2 Database Environment.
1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.
Data Definition Language (DDL) Specification notation for defining the database schema –E.g. create table account ( account-number char(10), balance integer)
©Silberschatz, Korth and Sudarshan1.1Database System Concepts Chapter 1: Introduction Purpose of Database Systems View of Data Data Models Data Definition.
Lecture Two Database Environment Based on Chapter Two of this book:
Web-based Portal for Discovery, Retrieval and Visualization of Earth Science Datasets in Grid Environment Zhenping (Jane) Liu.
Audumbar Chormale Advisor: Dr. Anupam Joshi M.S. Thesis Defense
Chapter 2 Database System Concepts and Architecture
Introduction to Databases Transparencies 1. ©Pearson Education 2009 Objectives Common uses of database systems. Meaning of the term database. Meaning.
Database System Concepts and Architecture Lecture # 3 22 June 2012 National University of Computer and Emerging Sciences.
Dr. Bhavani Thuraisingham The University of Texas at Dallas Trustworthy Semantic Webs October 2013 Data and Applications Security.
Copyright © 2007 Ramez Elmasri and Shamkant B. Navathe Slide 1- 1 Chapter 2: Database System Concepts and Architecture - Outline Data Models and Their.
Trustworthy Semantic Webs Dr. Thuraisingham The University of Texas at Dallas December 2008.
2. Database System Concepts and Architecture
E.Bertino, L.Matino Object-Oriented Database Systems 1 Chapter.1 Introduction Seoul National University Department. of Computer Engineering OOPSLA Lab.
©Silberschatz, Korth and Sudarshan4.1Database System Concepts Database system,CSE-313, P.B. Dr. M. A. Kashem Associate. Professor. CSE, DUET, Gazipur.
1.file. 2.database. 3.entity. 4.record. 5.attribute. When working with a database, a group of related fields comprises a(n)…
Ihr Logo Fundamentals of Database Systems Fourth Edition El Masri & Navathe Chapter 2 Database System Concepts and Architecture.
Dr. Bhavani Thuraisingham February 2010 Building Trustworthy Semantic Webs Lecture #14 : OWL (Web Ontology Language) and Security.
Dr. Bhavani Thuraisingham August 2006 Building Trustworthy Semantic Webs Unit #1: Introduction to The Semantic Web.
DAGIS : Automatic Discovery of Geospatial Information Services Ashraful Alam Ganesh Subbiah Dr. Bhavani Thuraisingham Dr. Latifur Khan.
Elmasri and Navathe, Fundamentals of Database Systems, Fourth Edition Copyright © 2004 Pearson Education, Inc. Slide 2-1 Data Models Data Model: A set.
Dr. Bhavani Thuraisingham The University of Texas at Dallas Trustworthy Semantic Webs March 25, 2011 Data and Applications Security Developments and Directions.
Chapter 2 Database System Concepts and Architecture Dr. Bernard Chen Ph.D. University of Central Arkansas.
Database Systems: Design, Implementation, and Management Eighth Edition Chapter 1 Database Systems.
1 Chapter 1 Introduction to Databases Transparencies.
Trustworthy Semantic Webs Prof. Bhavani Thuraisingham The University of Texas at Dallas Collaborators: Profs. Latifur Khan Prof. Murat Kantarcioglu Prof.
Dr. Bhavani Thuraisingham September 2006 Building Trustworthy Semantic Webs Lecture #5 ] XML and XML Security.
Trustworthy Semantic Webs Bhavani Thuraisingham The University of Texas at Dallas June 14, 2007.
Dr. Bhavani Thuraisingham September 24, 2008 Building Trustworthy Semantic Webs Lecture #9: RDF and RDF Security.
The International RuleML Symposium on Rule Interchange and Applications Orlando, Florida: October 30-31, 2008 Orlando, Florida A RuleML Study on Integrating.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #3 Access Control in Data.
Secure Geospatial and Sensor Semantic Webs for Crime Analysis and Border Security Prof. Bhavani Thuraisingham, PhD Prof. Latifur Khan, PhD Mr. Alam Ashraful.
NSF Cyber Trust Annual Principal Investigator Meeting September 2005 Newport Beach, California UMBC an Honors University in Maryland Trust and Security.
Dr. Bhavani Thuraisingham The University of Texas at Dallas Trustworthy Semantic Webs February 2012 Secure Web Services and Cloud Computing.
Semantic Geospatial Data Exchange & Access Control Ashraful Alam Bhavani Thuraisingham Ganesh Subbiah Latifur Khan.
Scalable and E ffi cient Reasoning for Enforcing Role-Based Access Control Tyrone Cadenhead Advisors: Murat Kantarcioglu, and.
GALT 031 Distributed Programmable Authorisation David Chadwick.
Postgraduate Module Enterprise Database Systems Technological Educational Institution of Larisa in collaboration with Staffordshire University Larisa
ISC321 Database Systems I Chapter 2: Overview of Database Languages and Architectures Fall 2015 Dr. Abdullah Almutairi.
Trustworthy Semantic Webs Building Geospatial Semantic Webs Dr. Bhavani Thuraisingham The University of Texas at Dallas October 2006 Presented at OGC Meeting,
Chapter 2: Database System Concepts and Architecture - Outline
Chapter 2 Database System Concepts and Architecture
Database System Concepts and Architecture
Building Trustworthy Semantic Webs
WEB SERVICES.
Data and Applications Security Developments and Directions
OWL (Web Ontology Language) and Security Dr. Bhavani Thuraisingham
Chapter 2: Database System Concepts and Architecture
Data and Applications Security Developments and Directions
Scalable and Efficient Reasoning for Enforcing Role-Based Access Control
Information and Security Analytics
Lecture #6: RDF and RDF Security Dr. Bhavani Thuraisingham
Data and Applications Security Developments and Directions
Scalable and Efficient Reasoning for Enforcing Role-Based Access Control
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Data and Applications Security Developments and Directions
Scalable and Efficient Reasoning for Enforcing Role-Based Access Control
Data and Applications Security Developments and Directions
Access Control in Data Management Systems
Data and Applications Security Developments and Directions
Presentation transcript:

Semantic Access Control Ashraful Alam Dr. Bhavani Thuraisingham

Semantic Access Control (SAC) Traditional Access Control Traditional Access Control Semantic Web Semantic Access Control

Motivation Shortcomings of Traditional Access Control Proprietary systems Lack of modularity Changes in access control schemas break the system Changes in data schemas break the system Path to resources (e.g., XPATH) is clumsy //school/department/professor/personal/ssn – LONG! Non-optimal for distributed/federation environment

Modularity Problem People this policy applies to Resources this policy applies to Actions allowed for this policy Target Box

SAC Ontology Written in OWL ( Web Ontology Language ) User-centric Modular Easily extensible Available at :

SAC Components Subjects: Software Agents or Human clients Resources: Assets exposed through WS Actions: Read, Write, Execute Conditions: Additional constraints (e.g., geospatial parameters) on policy enforcement Resources Subjects Actions Condition Policy Set

Application: Geo-WS Security Data providers (e.g., geospatial clearinghouses, research centers) need access control on serviceable resources. Access policies have geospatial dimension Bob has access on Building A Bob does NOT have access on Building B Building A and B have overlapping area Current access control mechanisms are static and non- modular.

Geo-WS Security: Architecture Client DAGISDAGIS DAGISDAGIS Geospatial Semantic WS Provider Enforcement Module Decision Module Authorization Module Semantic-enabled Policy DB Web Service Client SideWeb Service Provider Side

Geo-WS Security: Semantics Policy rules are based on description logic (DL). DL allows machine-processed deductions on policy base. Example 1: DL Rule: ‘Stores’ Inverse ‘Is Stored In’ Fact: Airplane_Hanger(X) ‘stores’ Airplane(Y) Example 2: DL Rule: ‘Is Located In’ is Transitive. Fact: Polygon(S) ‘Is Located In’ Polygon(V) Polygon(V) ‘Is Located In’ Polygon(T)

Secure Inferencing Geospatial Data Store Semantic-enabled Policy DB Inferencing Module Obvious facts Deduced facts

Geo-WS Security: Example Resource := Washington, Oregon, California, West Coast Rule:= West Coast = WA Union OR Union CA Policy:= Subject:= Bob Resources:= WA, OR, CA Action:=Read Query: Retrieve Interstate Highway topology of West Coast

SAC in Action Environment: University Campus Campus Ontology Main Resources Computer Science Building Pharmacy Building Electric Generator in each Building

SAC in Action User Access: Bob has ‘execute’ access to all Building Resources Bob doesn’t have any access to CS Building Bob has ‘modify’ access to Building resources within a certain geographic extent Policy File located at

SAC Improvements Subjects, Resources, Actions and Conditions are defined independently Reduced policy look-up cost -- only policies related to the requester is processed No long path name!

Distributed Access Control Travel SiteReimbursement SiteBank Site Travel Data & Ontology Reimbursement Data Bank Site & Ontology Client Query Interface Middleware

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.