Towards Integrating Attribute-Based Access Control into Ontologies

Access control is a security technique that specifies which users can access particular resources in a computing environment. Over the years, numerous access control models have been developed to address various aspects of computer security. In this paper, we focus on a modern approach, attribute-based access control (ABAC), which has been proposed in order to overcome limitations of traditional models: discretionary access control (DAC), mandatory access control (MAC) and role-based access control (RBAC). The work on integrating access control mechanisms in semantic web technologies is developing into two directions: (1) to use semantic web technologies for modeling and analyzing access control policies and (2) to protect knowledge encoded in an ontology. In this paper we focus on the first issue and investigate how ABAC can be integrated into ontology languages.