Resolving authorization conflicts by ontology views for controlled access to a digital library

2015 ◽  
Vol 19 (1) ◽  
pp. 45-59 ◽  
Author(s):  
Subhasis Dasgupta ◽  
Pinakpani Pal ◽  
Chandan Mazumdar ◽  
Aditya Bagchi
Keyword(s):  
Access Control ◽  
Digital Library ◽  
Digital Libraries ◽  
Web Applications ◽  
Control Model ◽  
Access Control Model ◽  
Content Type ◽  
Proposed Model ◽  
Ontology Structure ◽  
Subject Areas

Purpose – This paper provides a new Digital Library architecture that supports polyhierarchic ontology structure where a child concept representing an interdisciplinary subject area can have multiple parent concepts. The paper further proposes an access control mechanism for controlled access to different concepts by different users depending on the authorizations available to each such user. The proposed model thus provides a better knowledge representation and faster searching possibility of documents for modern Digital Libraries with controlled access to the system. Design/methodology/approach – Since the proposed Digital Library Architecture considers polyhierarchy, the underlying hierarchical structure becomes a Directed Acyclic Graph instead of a tree. A new access control model has been developed for such a polyhierarchic ontology structure. It has been shown that such model may give rise to undecidability problem. A client specific view generation mechanism has been developed to solve the problem. Findings – The paper has three major contributions. First, it provides better knowledge representation for present-day digital libraries, as new interdisciplinary subject areas are getting introduced. Concepts representing interdisciplinary subject areas will have multiple parents, and consequently, the library ontology introduces a new set of nodes representing document classes. This concept also provides faster search mechanism. Secondly, a new access control model has been introduced for the ontology structure where a user gets authorizations to access a concept node only if its credential supports it. Lastly, a client-based view generation algorithm has been developed so that a client’s access remains limited to its view and avoids any possibility of undecidability in authorization specification. Research limitations/implications – The proposed model, in its present form, supports only read and browse facilities. It would later be extended for addition and update of documents. Moreover, the paper explains the model in a single user environment. It will be augmented later to consider simultaneous access from multiple users. Practical implications – The paper emphasizes the need for changing the present digital library ontology to a polyhierarchic structure to provide proper representation of knowledge related to the concepts covering interdisciplinary subject areas. Possible implementation strategies have also been mentioned. This design method can also be extended for other semantic web applications. Originality/value – This paper offers a new knowledge management strategy to cover the gradual proliferation of interdisciplinary subject areas along with a suitable access control model for a digital library ontology. This methodology can also be extended for other semantic web applications.

scholarly journals A New Scalable and Expandable Access Control Model for Distributed Database Systems in Data Security

2020 ◽  
Vol 2020 ◽  
pp. 1-10
Author(s):  
Mehmet Guclu ◽  
Cigdem Bakir ◽  
Veli Hakkoymaz
Keyword(s):  
Access Control ◽  
Database Systems ◽  
Distributed Database ◽  
Control Model ◽  
Access Control Model ◽  
Distributed Database Systems ◽  
Access Control Models ◽  
Control Models ◽  
Proposed Model ◽  
Private Network

Access control models are an important tool developed for securing today’s data systems. Institutions use the access control models specifically to define who their employees are, what they can do, which resources they can reach, and which processes they can perform and use them to manage the whole process. This is a very hard and costly process for institutions with distributed database systems. However, access control models cannot be implemented in a qualified way due to the fact that the conditions for defining users’ demands to reach resources distributed on different servers, one of which is consequentially bound to the other, the verification and authorization of those user demands, and being able to monitor the actions of the users cannot be configured in an efficient way all the time. With our model suggested in this study, the aim is to automatically calculate the permissions and access levels of all users defined in the distributed database systems for the objects, and, in this way, we will reach a more efficient decision as to which objects the users can access while preventing their access to the information they do not need. Our proposed model in this study has been applied to real life data clusters from organizations providing health and education services and a public service. With the proposed model, all models have been run on servers sharing resources in a private network. The performance of the proposed model has been compared to that of traditional access models. It was confirmed that the proposed model presented an access control model providing more accurate access level results as well as being scalable to many distributed database systems.

Parallel Access Control Model in Cross-Domain Grid Computing Environment

2018 ◽  
Vol 9 (1) ◽  
pp. 50-65
Author(s):  
Sarra Namane ◽  
Nassira Ghoualmi
Keyword(s):  
Access Control ◽  
Grid Computing ◽  
Control Model ◽  
Security Requirements ◽  
Access Control Model ◽  
Cross Domain ◽  
Proposed Model ◽  
Security Challenges ◽  
Role Mapping ◽  
Parallel Access

Despite the various attractive features that grid computing has to offer, it has many great security challenges, such as access control. With the expansion of the network scale, a large number of authorization requests have to be treated; on the other hand, the multi-domain nature of grid computing generates difficult to manage questions about cross-domain access control, and a variety of solutions use the role mapping mechanism to allow collaborations between domains. But this mechanism gives a potential risk of violating consistency properties of domains. This article aims to address this issue and proposes a parallel access control model in cross-domain grid computing architecture to be more convenient to the security requirements of the multi-domain environment. Finally, as a proof of concept, the authors implement a cross-domain and parallel authorization simulator (CD-PAS) where experiments are done. The obtained results show that the proposed model is sensitive to the number of authorization requests. In addition, it can effectively reduce the execution time of access control mechanism.

Semantic Web and ontology-based applications for digital libraries

2018 ◽  
Vol 36 (5) ◽  
pp. 826-841 ◽  
Author(s):  
Shakeel Ahmad Khan ◽  
Rubina Bhatti
Keyword(s):  
Semantic Web ◽  
Digital Library ◽  
Digital Libraries ◽  
Information Needs ◽  
Web Applications ◽  
Library Services ◽  
Semantic Web Technologies ◽  
Content Type ◽  
Web Technologies ◽  
Practical Implications

Purpose The purpose of this paper is to explore useful Semantic Web technologies and ontology-based applications for digital libraries. It also investigates the perceptions of university librarians and academicians in Pakistan about Semantic Web technologies and their use in digital libraries. Design/methodology/approach An exploratory research design based on Delphi research strategy was conducted to answer the research questions. Interviews were conducted with a purposive sample of 50 key informants including university librarians and academicians to explore their perceptions about Semantic Web technologies and their use in digital libraries. Thematic analysis of interview data was conducted to obtain results. Findings The results of this paper showed that DuraCloud, Semantic information mashup, OntoEdit and resource description framework (RDF) are the various Semantic Web applications which are useful for digital libraries to develop semantic relationships among digital contents and increase their accessibility in the web environment. Findings revealed that Semantic Web provides precise results and meets user information needs in an effective way. Results also showed that next-generation digital libraries use context-awareness technology, intelligent agent software and detecting sensors to analyze user information needs and provide dynamic information services. This paper recommended that librarians should embrace the use of emerging web technologies in libraries and offer library services through the medium of the web. Practical implications This paper envisaged the future of digital library services and Semantic Web applications that can be used to re-structure metadata of digital library. This paper has practical implications for librarians to consider the useful applications of Semantic Web for digital library and enhance the interoperability of metadata among heterogeneous information systems. Practically, results obtained from this paper are highly useful for library schools and LIS teachers to up-date their curriculum by incorporating new contents related to web languages and Semantic Web applications for digital libraries. Originality/value This paper identifies various Semantic Web applications which are useful for developing Semantic Digital Libraries.

scholarly journals An Algebraic Model to Analyze Role-Based Access Control Policies

2018 ◽  
Vol 12 (10) ◽  
pp. 50
Author(s):  
Khair Eddin Sabri
Keyword(s):  
Access Control ◽  
Algebraic Model ◽  
Control Model ◽  
Role Based Access Control ◽  
Access Control Model ◽  
Prototype Tool ◽  
Access Control Policies ◽  
Proposed Model ◽  
Access Information ◽  
Role Based

Role-Based Access Control (RBAC) is a well known access control model used to preserve the confidentiality of information by specifying the ability of users to access information based on their roles. Usually these policies would be manipulated by combining or comparing them especially when defined in a distributed way. Furthermore, these policies should satisfy predefined authorization constraints. In this paper, we present an algebraic model for specifying and analyzing RBAC policies. The proposed model enables us to specify policies and verify the satisfaction of predefined authorization constraints. Furthermore, the model allows us to combine policies and analyze their effect on predefined constraints. The model consists of few operators that give simplicity in specifying polices. We present a prototype tool used for facilitating the analysis.

scholarly journals A Watermark-Based in-Situ Access Control Model for Image Big Data

2018 ◽  
Vol 10 (8) ◽  
pp. 69 ◽  
Author(s):  
Jinyi Guo ◽  
Wei Ren ◽  
Yi Ren ◽  
Tianqin Zhu
Keyword(s):  
Big Data ◽  
Access Control ◽  
Control Model ◽  
Single Image ◽  
Access Control Model ◽  
Control Policies ◽  
Fine Grained ◽  
Access Control Policies ◽  
Proposed Model

When large images are used for big data analysis, they impose new challenges in protecting image privacy. For example, a geographic image may consist of several sensitive areas or layers. When it is uploaded into servers, the image will be accessed by diverse subjects. Traditional access control methods regulate access privileges to a single image, and their access control strategies are stored in servers, which imposes two shortcomings: (1) fine-grained access control is not guaranteed for areas/layers in a single image that need to maintain secret for different roles; and (2) access control policies that are stored in servers suffers from multiple attacks (e.g., transferring attacks). In this paper, we propose a novel watermark-based access control model in which access control policies are associated with objects being accessed (called an in-situ model). The proposed model integrates access control policies as watermarks within images, without relying on the availability of servers or connecting networks. The access control for images is still maintained even though images are redistributed again to further subjects. Therefore, access control policies can be delivered together with the big data of images. Moreover, we propose a hierarchical key-role-area model for fine-grained encryption, especially for large size images such as geographic maps. The extensive analysis justifies the security and performance of the proposed model

Sign in / Sign up

Export Citation Format

Share Document