RelBOSS: A Relationship-Aware Access Control Framework for Software Services

Loading...
Thumbnail Image
File version

Accepted Manuscript (AM)

Author(s)
Kayes, ASM
Han, Jun
Colman, Alan
Islam, Md Saiful
Griffith University Author(s)
Primary Supervisor
Other Supervisors
Editor(s)

Meersman, R

Panetto, H

Dillon, T

Missikoff, M

Liu, L

Pastor, O

Cuzzocrea, A

Sellis, T

Date
2014
Size
File type(s)
Location
License
Abstract

Context-awareness is an important aspect of the dynamically changing environments and the relationship context information brings new benefits to the access control systems. Existing relationship-aware access control approaches are highly domain-specific and consider the expression of access control policies in terms of the relationship context information. However, these approaches are unable to dynamically capture the granularity levels and strengths of the relevant relationship. To this end, in this paper we present a formal Relationship-Aware Access Control (RAAC) model for specifying the relevant relationship context information and the corresponding access control policies. Using the RAAC model, we introduce an ontology-based framework, Rel ationship- B ased access control O ntology for S oftware S ervices (RelBOSS). One of the main novelties of the framework is that it dynamically captures the relationship context information (the type/name, granularity levels and strengths of the relevant relationship). Experiments with a software prototype confirm the feasibility of our framework.

Journal Title

Lecture Notes in Computer Science

Conference Title
Book Title
Edition
Volume

8841

Issue
Thesis Type
Degree Program
School
Publisher link
Patent number
Funder(s)
Grant identifier(s)
Rights Statement
Rights Statement

© 2014 Springer International Publishing AG. This is an electronic version of an article published in Lecture Notes In Computer Science (LNCS), volume 8841, pp 258-276, 2014. Lecture Notes In Computer Science (LNCS) is available online at: http://link.springer.com// with the open URL of your article.

Item Access Status
Note
Access the data
Related item(s)
Subject

Cybersecurity and privacy not elsewhere classified

Information systems development methodologies and practice

Persistent link to this record
Citation
Collections