By Topic

Towards an authorisation model for distributed systems based on the Semantic Web

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $31
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)

Authorisation is a crucial process in current information systems. Nowadays, many of the current authorisation systems do not provide methods to describe the semantics of the underlying information model which they are protecting. This fact can lead to mismatch problems between the semantics of the authorisation model and the semantics of the underlying data and resources being protected. In order to solve this problem, this paper describes an authorisation model based on Semantic Web technologies. This authorisation model uses the common information model (CIM) to represent the underlying information model. For this reason, a new conversion process of CIM into the Semantic Web languages has been proposed converting properly the semantics available in the CIM model. This representation provides a suitable information model based on a well-known logic formalism for implementing the authorisation model and a formal language for describing concisely the semantic of the information models being protected. The formal authorisation model supports role-based access control (RBAC), hierarchical RBAC, conditional RBAC and object hierarchies, among other features. Moreover, this paper describes an authorisation architecture for distributed systems taking into account aspects such as privacy among parties and trust management. Finally, some implementation aspects of this system have also been described.

Published in:

Information Security, IET  (Volume:4 ,  Issue: 4 )