Title: Creating and enforcing access control policies using description logic techniques

Authors: Brian Shields, Owen Molloy

Addresses: Department of Information Technology, National University of Ireland, University Road, Galway, Ireland. ' Department of Information Technology, National University of Ireland, University Road, Galway, Ireland

Abstract: The quantity of generated information we store and need to access is colossal. Security of this information is becoming an issue of greater importance as the techniques and granularity with which it can be accessed become more advanced. Availability of information is a key component of any security system, although the information must be protected, it must also be available to the people who need it as and when they request it. However, increasing the methods by which it is accessible automatically increases the chance it maybe compromised. Security systems are now using advanced levels of encryption, digital signatures containing biometric data and highly complex access control policies. We are proposing an access control system which reduces the complexity involved in defining authorisation permissions, particularly in structured documents such as XML where the user may be granted restricted access. Our solution employs techniques usually reserved for intelligent systems and the semantic web.

Keywords: access control; description logic; rules; information security; authorisation permission; structured documents; XML documents.

DOI: 10.1504/IJITST.2011.041295

International Journal of Internet Technology and Secured Transactions, 2011 Vol.3 No.3, pp.253 - 278

Received: 02 Nov 2008
Accepted: 28 Mar 2009
Published online: 29 Nov 2014 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article