ISSN : 1796-217X
Volume : 2    Issue : 1    Date : February 2007

Supporting Attribute-based Access Control in Authorization and Authentication Infrastructures
with Ontologies
Torsten Priebe, Wolfgang Dobmeier, Christian Schläger, and Nora Kamprath
Page(s): 27-38
Full Text:
PDF (655 KB)

In highly open systems like the Internet, attributebased access control (ABAC) has proven its
appropriateness. This is reflected in the utilization of ABAC in authentication and authorization
infrastructures (AAIs). However, specification and maintenance of ABAC policies has turned out to
be complex and error-prone even in federations of limited size, especially if heterogeneous attribute
schemes are involved. Here, the arising Semantic Web can contribute to a solution. This paper
describes an architecture for embedding the access control process into a semantic context
employing external knowledge in form of ontologies. We base our proposal on extensions of
established open standards. Using the approach presented, policy management at the different
sites of a federation is simplified by a semantic attribute management facility.

Index Terms
Security, attribute-based access control, authorization and authentication infrastructures