Extending context descriptions in semantics-aware access control

E. Damiani, S. De Capitani di Vimercati, C. Fugazza, P. Samarati

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

4 Scopus citations


Security is a crucial concern for commercial and mission critical applications in Web-based environments. In our model, context information associated with Access Control management policies is defined according to basic operators that can be represented using the Web Ontology Language. Standard inference procedures of Description Logics are being used to check the consistency of context information referred to by policy conditions and, more interestingly, to pre-process context information for grounding policy propagation and enabling conflict resolution. In this paper, we extend the model to encompass part-of relations between entities in context descriptions and, consequently, revise the policy propagation criteria being applied to the model to take into account the newly introduced relations. Finally, we exemplify modality conflicts arising from part-of relations, a category of extensional conflicts (i.e., inconsistencies related to individuals) that cannot be foreseen by looking at the terminology underlying context information.

Original languageBritish English
Title of host publicationInformation Systems Security - 2nd International Conference, ICISS 2006, Proceedings
EditorsAditya Bagchi, Vijayalakshmi Atluri
PublisherSpringer Verlag
Number of pages15
ISBN (Print)9783540689621
StatePublished - 2006
Event2nd International Conference on Information Systems Security, ICISS 2006 - Kolkata, India
Duration: 19 Dec 200621 Dec 2006

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4332 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference2nd International Conference on Information Systems Security, ICISS 2006


Dive into the research topics of 'Extending context descriptions in semantics-aware access control'. Together they form a unique fingerprint.

Cite this