Query-Based Access Control for Ontologies
From International Center for Computational Logic
Query-Based Access Control for Ontologies
Martin KnechtelMartin Knechtel, Heiner StuckenschmidtHeiner Stuckenschmidt
Martin Knechtel, Heiner Stuckenschmidt
Query-Based Access Control for Ontologies
In P. Hitzler and T. Lukasiewicz, eds., Proceedings of the 4th International Conference on Web Reasoning and Rule Systems (RR 2010), volume 6333 of Lecture Notes in Computer Science, 73-87, 2010
Query-Based Access Control for Ontologies
In P. Hitzler and T. Lukasiewicz, eds., Proceedings of the 4th International Conference on Web Reasoning and Rule Systems (RR 2010), volume 6333 of Lecture Notes in Computer Science, 73-87, 2010
- KurzfassungAbstract
Role-based access control is a standard mechanism in information systems. Based on the role a user has, certain information is kept from the user even if requested. For ontologies representing knowledge, deciding what can be told to a user without revealing secrets is more difficult as the user might be able to infer secret knowledge using logical reasoning. In this paper, we present two approaches to solving this problem: query rewriting vs. axiom filtering, and show that while both approaches prevent the unveiling of secret knowledge, axiom filtering is more complete in the sense that it does not suppress knowledge the user is allowed to see while this happens frequently in query rewriting. Axiom filtering requires that each axiom carries a label representing its access level. We present methods to find an optimal axiom labeling to enforce query-based access restrictions and report experiments on real world data showing that a significant number of results are retained using the axiom filtering method. - Forschungsgruppe:Research Group: AutomatentheorieAutomata Theory
@inproceedings{ KnSt-RR-10,
author = {Martin {Knechtel} and Heiner {Stuckenschmidt}},
booktitle = {Proceedings of the 4th International Conference on Web Reasoning and Rule Systems (RR 2010)},
editor = {P. {Hitzler} and T. {Lukasiewicz}},
pages = {73--87},
series = {Lecture Notes in Computer Science},
title = {Query-Based Access Control for Ontologies},
volume = {6333},
year = {2010},
}