https://orcid.org/0000-0001-9269-4684
![Sample our Engineering & Technology journals, sign in here to start your access, latest two full volumes FREE to you for 14 days]({"type":"image" , "src" : "/sda/5933/TOC-Subject-Sample-2021-Engineering-Tech.jpg"})
ABSTRACT
Organisations interact with each other for mutual benefits. Federation refers to one such interaction where each organisation functions independently yet is bound by contracts with others. Rural business process outsourcing (RBPO), multi-institution course management system, and video streaming services are a few examples of federations. Security of shared resources is an important concern in such scenarios. Since each organisation is independent, it is difficult to communicate the precise semantics of access control policies to other participating organisations for correct enforcement. Over the years, ontology has been employed across different domains and can be used for sharing access control semantics across organisations. In this work, we describe a network-aware digital object-based access control model (NA-DOBAM) as an extension of the popular role-based access control model to address the specific needs of security in federations. The relationship between web ontology language and NA-DOBAM model is studied. We have used an ontology-based approach for specification and implementation of NA-DOBAM in the context of RBPO where the access control policy depends on the structure of the users and objects along with the network state. We demonstrate the applicability of ontology for RBPO case studies for extracting meaningful access control information using queries as well as for enforcing access control policies including separation of duty and delegation.
ACKNOWLEDGEMENTS
The first author would like to acknowledge the support provided by Indian Institute of Technology, Mandi where most part of this research was carried out.
DISCLOSURE STATEMENT
No potential conflict of interest was reported by the authors.
Additional information
Notes on contributors
Reena Singh
Reena Singh is currently working as an Assistant Professor at MIT, Manipal. She received PhD in computer science from School of Computing and Electrical Engineering (SCEE), Indian Institute of Technology Mandi, India in 2017. She has received MTech degree in computer science in 2009 and BE degree in computer science & engineering in 2007. Her research interests include access control, distributed applications, security and computer networks.
T. A. Gonsalves
T A Gonsalves received PhD in electrical engineering from Stanford University in 1986. He is currently the Director of Indian Institute of Technology Mandi and a professor in School of Computing and Electrical Engineering (SCEE), Indian Institute of Technology Mandi. His research interests are distributed applications, quality of service, network protocols and mobile/voice-based applications. He has guided/co-guided 4 PhD and 30+ MS theses, and 100+ MTech/BTech projects. Working in the areas of Networking and Distributed Applications, he has published over 50 papers in journals and conference proceedings, and 2 chapters in books. He is a member of IEEE, CSI and senior member of ACM. Email: [email protected]