An architecture for specification and enforcement of temporal access control constraints using OWL

摘要

The Semantic Web is an extension of the World Wide Web that has been growing in recent years. One important issue in the Semantic Web environment is access control. Integrating Role-Based Access Control (RBAC) models, which have been accepted as a powerful approach to security management, with the Semantic Web helps to reduce the complexity of Web security management. The Generalized Temporal RBAC (GTRBAC) model combines the key features of the RBAC model with a temporal framework to address situations where processes and functions may have limited time spans or periodic temporal durations, and it is useful for applications with inherent temporal semantics such as workflow-based systems. There have been several attempts to adopt basic components of the RBAC to the Semantic Web using Web Ontology Language (OWL). In this paper, we show how to model temporal constraints and restrictions in GTRBAC using OWL. In order to do this, we define OWL ontologies that represent temporal constraints in GTRBACand describe implementation of a scalable architecture for specification and enforcement of GTRBAC policies. The applicability of the represented model is shown using a running example.