RelBOSS: A Relationship-Aware Access Control Framework for Software Services

Abstract

Context-awareness is an important aspect of the dynamically changing environments and the relationship context information brings new benefits to the access control systems. Existing relationship-aware access control approaches are highly domain-specific and consider the expression of access control policies in terms of the relationship context information. However, these approaches are unable to dynamically capture the granularity levels and strengths of the relevant relationship. To this end, in this paper we present a formal Relationship-Aware Access Control (RAAC) model for specifying the relevant relationship context information and the corresponding access control policies. Using the RAAC model, we introduce an ontology-based framework, Rel ationship- B ased access control O ntology for S oftware S ervices (RelBOSS). One of the main novelties of the framework is that it dynamically captures the relationship context information (the type/name, granularity levels and strengths of the relevant relationship). Experiments with a software prototype confirm the feasibility of our framework.