Modified Query-Roles Based Access Control Model (Q-RBAC) for Interactive Access of Ontology Data

The data access model plays an important role during accessing and querying the stored data from the database. It provides an access right and authorization of accessing data into a database. It can distinguish the access boundaries between the administrators and the users where the database administrators can create certain policies either from the client application side or directly from the database side, depending upon the nature of running application. However, the emerging technology on the ontology repository has forced some database developers to adapt most of the access policies from the traditional database system and many of the policies were inherited from the relational database. This method of adopting or borrowing access policies from other storage system has created an unnecessary layer between the ontology repository and database. Most of the emerging ontology repositories lack an independent access model that provides or distinguishes access right between the administrators and users or between the ontology data. This paper proposed the improved access layer from the ontology repository with an additional users’ policy creation layer that will lead to increase data security and also increase the performance of querying data. Our effort relies on re-modifying the role based access control model from the traditional one to the new proposed model that organized by the rich users’ policies and perfect query rewriting layer. Although it is associated with query module, the proposed model has an additional security layer to restrict unauthorized users from accessing stored data in order to improve querying and data access performance Keywords: Access methods, Access control, Rule based access control model. Oracle NoSQL database, Virtual data layer, Ontology Query

Privacy for Peer Profiling in Collective Adaptive Systems

Part 5: Project Workshops and Tutorial PapersInternational audienceIn this paper, we introduce a privacy-enhanced Peer Manager, which is a fundamental building block for the implementation of a privacy-preserving collective adaptive systems computing platform. The Peer Manager is a user-centered identity management platform that keeps information owned by a user private and is built upon an attribute-based privacy policy. Furthermore, this paper explores the ethical, privacy and social values aspects of collective adaptive systems and their extensive capacity to transform lives. We discuss the privacy, social and ethical issues around profiles and present their legal privacy requirements from the European legislation perspective

Access Control via Lightweight Ontologies

The paper presents Relation Based Access Control RelBAC, a model and a logic for access control which models communities, possibly nested, and resources, possibly organized inside complex file systems, as lightweight ontologies, and permissions as relations between subjects and objects. RelBAC allows us to represent expressive access control rules beyond the current state of the art, and to deal with the strong dynamics of subjects, objects and permissions which arise in Web 2.0 applications (e.g. social networks). Finally, as shown in the paper, using RelBAC, it becomes possible to reason about access control policies and, in particular to compute candidate permissions by matching subject ontologies (representing their interests) with resource ontologies (describing their characteristics). "(c) 2011 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other users, including reprinting/ republishing this material for advertising or promotional purposes, creating new collective works for resale or redistribution to servers or lists, or reuse of any copyrighted components of this work in other works." Published version is available at: http://dx.doi.org/10.1109/ICSC.2011.23. Giunchiglia, F. and Crispo, B. and Rui Zhang “Access control via lightweight ontologies”, in 2011 Fifth IEEE International Conference on Semantic Computing (ICSC), Piscataway (NJ), Institute of Electrical and Electronics Engineers, 2011, pp. 352-355 (ISBN: 978-1-4577-1648-5)