Towards a fine-grained access control model and mechanisms for semantic databases

Abstract

A growing number of domains are adopting semantic models as a centralized gateway to heterogeneous data sources, or directly for modeling and managing relevant information. In such contexts, it is crucial to grant access to the semantic model and its data only to the authorized users. In this paper, we present a fine-grained access control model specifically tailored to semantic models. One of the relevant features of the model is the granularity of the resources that can be protected. Access control can be enforced at the level of both the model's concepts and the concepts ' instances by means of a query rewriting strategy. The proposed model has been implemented adopting the XACML standard and the SeRQL query language; services exposed by the implementation can be used to transparetly integrate authorization into existing systems. © 2007 IEEE.