Supporting Attribute-based Access Control in Authorization and Authentication Infrastructures with Ontologies

Torsten Priebe, Wolfgang Dobmeier, Christian Schläger, Nora Kamprath
2007 Journal of Software  
In highly open systems like the Internet, attributebased access control (ABAC) has proven its appropriateness. This is reflected in the utilization of ABAC in authentication and authorization infrastructures (AAIs). However, specification and maintenance of ABAC policies has turned out to be complex and error-prone even in federations of limited size, especially if heterogeneous attribute schemes are involved. Here, the arising Semantic Web can contribute to a solution. This paper describes an
more » ... rchitecture for embedding the access control process into a semantic context employing external knowledge in form of ontologies. We base our proposal on extensions of established open standards. Using the approach presented, policy management at the different sites of a federation is simplified by a semantic attribute management facility. Index Terms-Security, attribute-based access control, authorization and authentication infrastructures, attribute management, semantic web, ontologies.
doi:10.4304/jsw.2.1.27-38 fatcat:hilav6dqafbj3ji6iehnapw5j4