Skip to main content
SpringerLink
Log in

Context-Aware Access Control with Imprecise Context Characterization Through a Combined Fuzzy Logic and Ontology-Based Approach

  • Conference paper
  • First Online:
On the Move to Meaningful Internet Systems. OTM 2017 Conferences (OTM 2017)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 10573))

Abstract

Context information plays a crucial role in dynamically changing environments and the different types of contextual conditions bring new challenges to access control. This information mostly can be derived from the crisp sets. For example, we can utilize a crisp set to derive a patient and nurse are co-located in the general ward of the hospital or not. Some of the context information characterizations cannot be made using crisp sets, however, they are equally important in order to make access control decisions. For example, a patient’s current health status is “critical” or “high critical” which are imprecise fuzzy facts, whereas “95% level of maximum blood pressure allowed” is precise. Thus, there is a growing need for integrating these kinds of fuzzy and other conditions to appropriately control context-specific access to information resources at different granularity levels. Towards this goal, this paper introduces an approach to Context-Aware Access Control using Fuzzy logic (FCAAC) for information resources. It includes a formal context model to represent the fuzzy and other contextual conditions. It also includes a formal policy model to specify the policies by utilizing these conditions. Using our formal approach, we combine the fuzzy model with an ontology-based approach that captures such contextual conditions and incorporates them into the policies, utilizing the ontology languages and the fuzzy logic-based reasoning. We justify the feasibility of our approach by demonstrating the practicality through a prototype implementation and a healthcare case study, and also evaluating the performance in terms of response time.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Weiser, M.: Some computer science issues in ubiquitous computing. Commun. ACM 36(7), 75–84 (1993)

    Article  Google Scholar 

  2. Kayes, A.S.M., Han, J., Colman, A.: OntCAAC: an ontology-based approach to context-aware access control for software services. Comput. J. 58(11), 3000–3034 (2015)

    Article  Google Scholar 

  3. Kayes, A.S.M., Han, J., Colman, A.W.: An ontological framework for situation-aware access control of software services. Inf. Syst. 53, 253–277 (2015)

    Article  Google Scholar 

  4. Bertino, E., Catania, B., Damiani, M.L., Perlasca, P.: GEO-RBAC: a spatially aware RBAC. In: SACMAT, pp. 29–37 (2005)

    Google Scholar 

  5. Joshi, J., Bertino, E., Latif, U., Ghafoor, A.: A generalized temporal role-based access control model. IEEE Trans. Knowl. Data Eng. 17(1), 4–23 (2005)

    Article  Google Scholar 

  6. Bonatti, P., Galdi, C., Torres, D.: Event-driven RBAC. J. Comput. Secur. 23(6), 709–757 (2015)

    Article  Google Scholar 

  7. Schefer-Wenzl, S., Strembeck, M.: Modelling context-aware RBAC models for mobile business processes. IJWMC 6(5), 448–462 (2013)

    Article  Google Scholar 

  8. Hosseinzadeh, S., Virtanen, S., Rodríguez, N.D., Lilius, J.: A semantic security framework and context-aware role-based access control ontology for smart spaces. In: SBD@SIGMOD, pp. 1–6 (2016)

    Google Scholar 

  9. Trnka, M., Cerný, T.: On security level usage in context-aware role-based access control. In: SAC, pp. 1192–1195 (2016)

    Google Scholar 

  10. Kayes, A.S.M., Han, J., Colman, A.: An ontology-based approach to context-aware access control for software services. In: Lin, X., Manolopoulos, Y., Srivastava, D., Huang, G. (eds.) WISE 2013. LNCS, vol. 8180, pp. 410–420. Springer, Heidelberg (2013). doi:10.1007/978-3-642-41230-1_34

    Chapter  Google Scholar 

  11. Kayes, A.S.M., Han, J., Colman, A., Islam, M.S.: RelBOSS: a relationship-aware access control framework for software services. In: CoopIS, pp. 258–276 (2014)

    Google Scholar 

  12. Kayes, A.S.M., Han, J., Colman, A.: PO-SAAC: a purpose-oriented situation-aware access control framework for software services. In: Jarke, M., Mylopoulos, J., Quix, C., Rolland, C., Manolopoulos, Y., Mouratidis, H., Horkoff, J. (eds.) CAiSE 2014. LNCS, vol. 8484, pp. 58–74. Springer, Cham (2014). doi:10.1007/978-3-319-07881-6_5

    Google Scholar 

  13. Kayes, A.S.M., Han, J., Colman, A.: A semantic policy framework for context-aware access control applications. In: TrustCom, pp. 753–762 (2013)

    Google Scholar 

  14. Almenárez, F., Marín, A., Campo, C., García R., C.: TrustAC: Trust-based Access Control for pervasive devices. In: Hutter, D., Ullmann, M. (eds.) SPC 2005. LNCS, vol. 3450, pp. 225–238. Springer, Heidelberg (2005). doi:10.1007/11414360_22

    Chapter  Google Scholar 

  15. Cheng, P.C., Rohatgi, P., Keser, C., Karger, P.A., Wagner, G.M., Reninger, A.S.: Fuzzy multi-level security: an experiment on quantified risk-adaptive access control. In: IEEE Symposium on Security and Privacy, pp. 222–230. IEEE (2007)

    Google Scholar 

  16. Takabi, H., Amini, M., Jalili, R.: Trust-based user-role assignment in role-based access control. In: AICCSA, pp. 807–814. IEEE (2007)

    Google Scholar 

  17. Martínez-García, C., Navarro-Arribas, G., Borrell, J.: Fuzzy role-based access control. Inf. Process. Lett. 111(10), 483–487 (2011)

    Article  MATH  MathSciNet  Google Scholar 

  18. Feng, L., Dillon, T.S.: Using fuzzy linguistic representations to provide explanatory semantics for data warehouses. IEEE Trans. Knowl. Data Eng. 15(1), 86–102 (2003)

    Article  Google Scholar 

  19. Dey, A.K.: Understanding and using context. Pers. Ubiquitous Comput. 5(1), 4–7 (2001)

    Article  Google Scholar 

  20. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. IEEE Comput. 29, 38–47 (1996)

    Article  Google Scholar 

  21. Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST standard for role-based access control. ACM TISSEC 4(3), 224–274 (2001)

    Article  Google Scholar 

  22. Riboni, D., Bettini, C.: OWL 2 modeling and reasoning with complex human activities. Pervasive Mob. Comput. 7, 379–395 (2011)

    Article  Google Scholar 

  23. OWL: Web ontology language (2017). http://www.w3.org/2007/owl/

  24. SWRL: Semantic web rule language (2017). http://www.w3.org/submission/swrl/

  25. Protégé: Protégé-OWL API (2017). http://protege.stanford.edu/

  26. Jess: Jess rule engine (2017). http://herzberg.ca.sandia.gov/

  27. jFuzzyLogic: Fuzzy concepts and fuzzy control system in Java (2017). http://sourceforge.net/projects/jfuzzylogic

  28. Wong, A.K.Y., Wong, J.H.K., Lin, W.W.K., Dillon, T.S., Chang, E.J.: Semantically Based Clinical TCM Telemedicine Systems. SCI, vol. 587. Springer, Heidelberg (2015). doi:10.1007/978-3-662-46024-5

    Google Scholar 

  29. Chang, E., Hussain, F., Dillon, T.: Trust and Reputation for Service-Oriented Environments: Technologies for Building Business Intelligence and Consumer Confidence. Wiley, London (2006)

    Book  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. La Trobe University, Melbourne, Australia

    A. S. M. Kayes, Wenny Rahayu & Tharam Dillon

  2. University of New South Wales, Canberra, Australia

    Elizabeth Chang

  3. Swinburne University of Technology, Melbourne, Australia

    Jun Han

Authors
  1. A. S. M. Kayes
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Wenny Rahayu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tharam Dillon
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Elizabeth Chang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Jun Han
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to A. S. M. Kayes .

Editor information

Editors and Affiliations

  1. University of Lorraine, Nancy, France

    Hervé Panetto

  2. Odisee University College, Brussels, Belgium

    Christophe Debruyne

  3. Télécom SudParis, Évry, France

    Walid Gaaloul

  4. Tilburg University, Tilburg, The Netherlands

    Mike Papazoglou

  5. Freie Universität Berlin and Fraunhofer FOKUS, Berlin, Germany

    Adrian Paschke

  6. Università degli Studi di Milano, Crema, Italy

    Claudio Agostino Ardagna

  7. TU Graz, Graz, Austria

    Robert Meersman

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Kayes, A.S.M., Rahayu, W., Dillon, T., Chang, E., Han, J. (2017). Context-Aware Access Control with Imprecise Context Characterization Through a Combined Fuzzy Logic and Ontology-Based Approach. In: Panetto, H., et al. On the Move to Meaningful Internet Systems. OTM 2017 Conferences. OTM 2017. Lecture Notes in Computer Science(), vol 10573. Springer, Cham. https://doi.org/10.1007/978-3-319-69462-7_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-69462-7_10

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-69461-0

  • Online ISBN: 978-3-319-69462-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation