Abstract
In recent years, Access Control became an important issue, as organizations are required to manage the confidentiality of the data they maintain. To the end, organizations need to define their policies regarding access to data. One of the interesting challenges in this context is how to represent the
required knowledge for these data-access policies. One of the common techniques for representing knowledge is using an Ontology, in particular, we observe the progressively use of Web Ontology Language (OWL). As a result, a requirement for a methodology that will assist developers to build valuable ontologies arises.
In this paper we define a set of twelve valuable criteria for ontologies, based on a literature search. The set of criteria include six criteria that are inherent to an ontology (e.g., reflection of reality and structure and uniformity). Six other criteria are derived from the ontology's usage (e.g., non-redundancy and consistency).
We then examine the proposed criteria against an ontology that we previously introduced - Situation-Based Access Control (SitBAC) OWL ontology. SitBAC ontology is used for representing access-control policies for electronic medical records, where health organizations can specify their access
regulations to patients’ data according to the context of the request. On top of the SitBAC ontology, we provide an associated reasoning-based inference method, for real time reasoning about new incoming data-access requests.
required knowledge for these data-access policies. One of the common techniques for representing knowledge is using an Ontology, in particular, we observe the progressively use of Web Ontology Language (OWL). As a result, a requirement for a methodology that will assist developers to build valuable ontologies arises.
In this paper we define a set of twelve valuable criteria for ontologies, based on a literature search. The set of criteria include six criteria that are inherent to an ontology (e.g., reflection of reality and structure and uniformity). Six other criteria are derived from the ontology's usage (e.g., non-redundancy and consistency).
We then examine the proposed criteria against an ontology that we previously introduced - Situation-Based Access Control (SitBAC) OWL ontology. SitBAC ontology is used for representing access-control policies for electronic medical records, where health organizations can specify their access
regulations to patients’ data according to the context of the request. On top of the SitBAC ontology, we provide an associated reasoning-based inference method, for real time reasoning about new incoming data-access requests.
Original language | English |
---|---|
Title of host publication | 6th Mediterranean Conference on Information Systems, IS |
Subtitle of host publication | Crossroads of Technology, People, Organizations and Markets |
Number of pages | 13 |
State | Published - 2011 |