Ontology-based Access Control Management: Two Use Cases

Malik Imran-Daud, David Sanchez, Alexandre Viejo


Access control management is an important area of research within the security field. Several models have been proposed to manage the access rights of users over restricted resources, which are mainly based on defining rules between specific entities and concrete resources. Though these approaches are enough to manage organizations involving a limited number of entities and resources, the specification of rules or constraints for large and heterogeneous scenarios may imply a considerable burden to the administrators. To palliate this problem, we propose a generic ontology-based solution to manage the access control that can greatly simplify and speed up the definition of rules in complex scenarios and that can also improve the interoperability between heterogeneous settings. Moreover, we show its potential by applying it in two highly dynamic and large scenarios, i.e., Online Social Networks (OSNs) and the Cloud.


  1. Aimeur, E., S. Gambs, et al. (2010). Towards a PrivacyEnhanced Social Networking Site. In ARES 7810, International Conference on Availability, Reliability, and Security.
  2. Beato, F., M. Kohlweiss, et al. (2009). Enforcing access control in social networks. HotPETs: 1-10.
  3. Ben-Fadhel, A., D. Bianculli, et al. (2015). "A comprehensive modeling framework for role-based access control policies." Journal of Systems and Software 107: 110-126.
  4. Carminati, B., E. Ferrari, et al. (2011). "Semantic webbased social network access control." Computers & Security 30 (2-3): 108-115.
  5. Cheng, Y., J. Park, et al. (2012). A User-to-User Relationship-Based Access Control Model for Online Social Networks. Data and Applications Security and Privacy XXVI, Springer Berlin Heidelberg. 7371: 8-24.
  6. Choi, C., J. Choi, et al. (2014). "Ontology-based access control model for security policy reasoning in cloud computing." The Journal of Supercomputing 67(3): 711-722.
  7. Cramer, M., J. Pang, et al. (2015). A Logical Approach to Restricting Access in Online Social Networks. Proceedings of the 20th ACM Symposium on Access Control Models and Technologies. Vienna, Austria, ACM: 75-86.
  8. Daud, M. I., D. Sánchez, et al. (2015). Ontology-Based Delegation of Access Control: An Enhancement to the XACML Delegation Profile. Trust, Privacy and Security in Digital Business. S. Fischer-Hübner, C. Lambrinoudakis and J. López, Springer International Publishing. 9264: 18-29.
  9. Jin, X., R. Krishnan, et al. (2012). A Unified AttributeBased Access Control Model Covering DAC, MAC and RBAC. Data and Applications Security and Privacy XXVI. N. Cuppens-Boulahia, F. Cuppens and J. Garcia-Alfaro, Springer Berlin Heidelberg. 7371: 41- 55.
  10. Liu, C.-L. (2014). "Cloud service access control system based on ontologies." Advances in Engineering Software 69: 26-36.
  11. Masoumzadeh, A. and J. Joshi (2010). "An ontology-based access control model for social networking systems." IEEE Social Computing (SocialCom): 751 - 759.
  12. Mika, P. (2007). "Ontologies are us: A unified model of social networks and semantics." Web Semantics: Science, Services and Agents on the World Wide Web 5(1): 5-15.
  13. Pang, J. and Y. Zhang (2014). A new access control scheme for Facebook-style social networks. Ninth International Conference on Availability, Reliability and Security (ARES), 2014, IEEE: 1-10.
  14. Smari, W. W., P. Clemente, et al. (2014). "An extended attribute based access control model with trust and privacy: Application to a collaborative crisis management system." Future Generation Computer Systems 31: 147-168.
  15. Viejo, A., J. Castellà-Roca, et al. (2013). Preserving the User's Privacy in Social Networking Sites. Trust, Privacy, and Security in Digital Business. S. Furnell, C. Lambrinoudakis and J. Lopez, Springer Berlin Heidelberg. 8058: 62-73.

Paper Citation

in Harvard Style

Imran-Daud M., Sanchez D. and Viejo A. (2016). Ontology-based Access Control Management: Two Use Cases . In Proceedings of the 8th International Conference on Agents and Artificial Intelligence - Volume 1: ICAART, ISBN 978-989-758-172-4, pages 244-249. DOI: 10.5220/0005777902440249

in Bibtex Style

author={Malik Imran-Daud and David Sanchez and Alexandre Viejo},
title={Ontology-based Access Control Management: Two Use Cases},
booktitle={Proceedings of the 8th International Conference on Agents and Artificial Intelligence - Volume 1: ICAART,},

in EndNote Style

JO - Proceedings of the 8th International Conference on Agents and Artificial Intelligence - Volume 1: ICAART,
TI - Ontology-based Access Control Management: Two Use Cases
SN - 978-989-758-172-4
AU - Imran-Daud M.
AU - Sanchez D.
AU - Viejo A.
PY - 2016
SP - 244
EP - 249
DO - 10.5220/0005777902440249