Title: Semantics-aware security policy specification for the semantic web data

Authors: Li Qin, Vijayalakshmi Atluri

Addresses: Department of Information Systems and Decision Sciences, Silberman College of Business, Fairleigh Dickinson University, 1000 River Road, Teaneck, NJ 07666, USA. ' CIMIC and MSIS Department, Rutgers University, 1 Washington Park, Newark, NJ 07102, USA

Abstract: The semantic web has been envisioned as a machine interpretable web, where data instances are described through concepts defined and related in ontologies. Though ontologies are publicly available as a crucial component of the semantic web infrastructure, many data instances are sensitive and should be kept confidential. Sensitive information can be illegally inferred from other seemingly unclassified information in combination with the underlying data semantics and interrelationships revealed by ontologies. In other words, the visibility of ontologies can pose inference threats to the security of data instances, and this requires that security policies be specified in such a way that the semantic relationships among data instances are taken into account. To protect the semantic web data or other semantics-rich data, this paper presents semantics-aware security policy specification. We propose concept-level, association-level and property-level access control models for different security objects, and that authorisations be propagated based on different inference patterns. These propagation policies can be used to generate safe and consistent access control authorisations.

Keywords: information security; inference patterns; access control authorisation; semantics; ontologies; semantic web data; security policy specification; modelling.

DOI: 10.1504/IJICS.2010.031859

International Journal of Information and Computer Security, 2010 Vol.4 No.1, pp.52 - 75

Published online: 26 Feb 2010 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article