Generic Access Control Model and Semantic Mapping Between Heterogeneous Policies

Generic Access Control Model and Semantic Mapping Between Heterogeneous Policies

Samira Haguouche (Computer Science Department, Cadi Ayyad University, LISI Laboratory, Marrakech, Morocco) and Zahi Jarir (Computer Science Department, Cadi Ayyad University, Marrakech, Morocco)
Copyright: © 2018 |Pages: 14
DOI: 10.4018/IJTD.2018100104

Abstract

This article aims to ensure a dynamic set up of access control policies across collaborating organizations where these organizations adopt heterogeneous access control models. To attain this objective, this contribution started with a survey on existing access control models, and their specificities on collaboration. Based on this survey, it remains that the topic on access control collaboration still open despite the efforts made. Therefore, in this article a generic representation of access control concepts is proposed. This generic representation considers the process of semantic mapping between policies of heterogeneous access control systems. In this fact an ontology-based semantic mapping is proposed. This mapping has the advantage to optimize the administrators' involvement by combining linguistic-based and upper-ontology based matching techniques with a user-based constraint strategy for ontology matching.
Article Preview
Top

Genericness Of Access Control Model Concepts

The abstraction of access control involves three elements of access control systems (Samarati & Capitani, 2001):

  • 1.

    The policy that defines the high-level rules according to which access control is regulated;

  • 2.

    The model that provides a formal representation of the access control policies and tries to ensure a level of abstraction over the access control components;

  • 3.

    The mechanism that defines the low-level functions that implement the controls imposed by the policy and formally stated in the model.

Several models for access control exist in the literature such as IBAC (Shen & Dewan, 1992), RBAC (Sandhu, Coyne, Feinstein, & Youman, 1996), ABAC (Yuan & Tong, 2005), etc. In (Haguouche & Jarir, 2015b), we studied access control models characterized by innovative elements or abstractions to describe access control policies. Thereafter we identified four main common entities:

Complete Article List

Search this Journal:
Reset
Open Access Articles
Volume 12: 4 Issues (2021): Forthcoming, Available for Pre-Order
Volume 11: 4 Issues (2020)
Volume 10: 4 Issues (2019)
Volume 9: 4 Issues (2018)
Volume 8: 4 Issues (2017)
Volume 7: 4 Issues (2016)
Volume 6: 4 Issues (2015)
Volume 5: 4 Issues (2014)
Volume 4: 4 Issues (2013)
Volume 3: 4 Issues (2012)
Volume 2: 4 Issues (2011)
Volume 1: 4 Issues (2010)
View Complete Journal Contents Listing