RelBOSS: A Relationship-Aware Access Control Framework for Software Services
MetadataShow full item record
Context-awareness is an important aspect of the dynamically changing environments and the relationship context information brings new benefits to the access control systems. Existing relationship-aware access control approaches are highly domain-specific and consider the expression of access control policies in terms of the relationship context information. However, these approaches are unable to dynamically capture the granularity levels and strengths of the relevant relationship. To this end, in this paper we present a formal Relationship-Aware Access Control (RAAC) model for specifying the relevant relationship context information and the corresponding access control policies. Using the RAAC model, we introduce an ontology-based framework, Rel ationship- B ased access control O ntology for S oftware S ervices (RelBOSS). One of the main novelties of the framework is that it dynamically captures the relationship context information (the type/name, granularity levels and strengths of the relevant relationship). Experiments with a software prototype confirm the feasibility of our framework.
Lecture Notes in Computer Science
© 2014 Springer International Publishing AG. This is an electronic version of an article published in Lecture Notes In Computer Science (LNCS), volume 8841, pp 258-276, 2014. Lecture Notes In Computer Science (LNCS) is available online at: http://link.springer.com// with the open URL of your article.
Computer System Security
Information Systems Development Methodologies