Abstract
The emergence of ubiquitous mobile devices, such as mobile phones, PDAs, and laptops, has sparked the growth of mobile web services. Unlike traditional identity/role based approaches for access control, access decisions for mobile web services will depend on the combination of the required attributes of user and the contextual information. As well as, it is crucial that the policy system can understand and interpret semantics of the context. This paper proposes a context-aware semantic-based access control model (called CASBAC) to be applied in mobile web services environment by combining semantic web technologies with context-aware policy mechanism. The proposed model adopts a context-centric policy method, and grants permissions to users according to current context information and allows high-level description and reasoning about contexts and policies. The model-theoretic semantics of CASBAC is an extension of the model-theoretic semantics defined in the OWL standard and SWRL.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Farley, P., Capp, M.: Mobile web Services. BT Technology Journal 23(2), 202–213 (2005)
Ercan, T., Yıldız, M.: Semantic Access Control for Corporate Mobile Devices. In: Hsu, C.-H., Yang, L.T., Park, J.H., Yeo, S.-S. (eds.) ICA3PP 2010. LNCS, vol. 6082, pp. 198–207. Springer, Heidelberg (2010)
Javanmardi, S., Amini, M., Jalili, R., Ganjisaffari, Y.: SBAC: semantic based access control. In: The 11th Nordic Workshop on Secure IT-Systems, pp. 157–168. IEEE Press, New York (2006)
Satish, N.S., Matthias, J., Wolfgang, P.: Security analysis of mobile web service provisioning. International Journal of Internet Technology and Secured Transactions 1(1), 151–171 (2007)
McGuinness, D.L., van Harmelen, F.: OWL web ontology language semantics and abstract syntax (2004), http://www.w3.org/TR/owl-semantics/
Horrocks, I., Patel-Schneider, P.F., Boley, H.: SWRL: A Semantic Web Rule Language Combining OWL and ReleML (2004), http://www.w3.org/Submission/SWRL/
Yuan, E., Tong, J.: Attributed Based Access Control (ABAC) for Web Services. In: The 2005 IEEE International Conference on Web Services (ICWS 2005), pp. 561–569. IEEE Press, New York (2005)
Shen, H.B., Hong, F.: An attribute-based access control model for web services. In: The Seventh International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT 2006), pp. 74–79. IEEE Press, New York (2006)
Michael, J.C., Manoj, R.S.: A contextual attribute-based access control model. In: Meersman, R., Tari, Z., Herrero, P. (eds.) OTM 2006 Workshops. LNCS, vol. 4278, pp. 1996–2006. Springer, Heidelberg (2006)
Toninelli, A., Montanari, R., Kagal, L., Lassila, O.: A semantic context-aware access control framework for secure collaborations in pervasive computing environments. In: The 5th International Semantic Web Conference on Collaborations in Pervasive Computing Environments, pp. 5–9. ACM Press, New York (2006)
Naumenko, A., Srirama, S., Terziyan, V.: Semantic authorization of mobile web services. Journal of Theoretical and Applied Electronic Commerce Research 1(1), 1–15 (2006)
Liu, M., Xie, D.Q., Li, P.: Semantic access control for web services. In: the International Conference on Networks Security, Wireless Communications and Trusted Computing (NSWCTC 2009), pp. 55–58. IEEE Press, New York (2009)
He, Z.Q., Huang, K.Y., Wu, L.F.: Using semantic Web techniques to implement access control for web service. In: The International Conference on Information Computing and Applications (ICICA 2010) 2010, pp. 258–266. IEEE Press, New York (2010)
Chen, H., Finin, T., Joshi, A.: An ontology for context-aware pervasive computing environments. Special Issue on Ontologies for Distributed Systems, Knowledge Engineering Review 18(3), 197–207 (2004)
Shen, H.B., Cheng, Y.: A semantic-aware context-based access control framework for mobile web services. In: The 3rd International Conference on Networks Security, Wireless Communications and Trusted Computing, NSWCTC 2011 (2011) (in press)
SPARQL Query Language for RDF (2008), http://www.w3.org/TR/rdf-sparql-query/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Shen, H., Cheng, Y. (2011). A Context-Aware Semantic-Based Access Control Model for Mobile Web Services. In: Shen, G., Huang, X. (eds) Advanced Research on Computer Science and Information Engineering. CSIE 2011. Communications in Computer and Information Science, vol 153. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-21411-0_21
Download citation
DOI: https://doi.org/10.1007/978-3-642-21411-0_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-21410-3
Online ISBN: 978-3-642-21411-0
eBook Packages: Computer ScienceComputer Science (R0)