A Framework for Situation-Aware Access Control in Federated Data-as-a-Service Systems Based on Query Rewriting

Thumbnail Image

Files

1036.pdf (653.33 KB)

Links to Files

https://ebiquity.umbc.edu/paper/html/id/947/A-Framework-for-Situation-Aware-Access-Control-in-Federated-Data-as-a-Service-Systems-Based-on-Query-Rewriting

Permanent Link

http://hdl.handle.net/11603/19714

Collections

UMBC Information Systems Department
UMBC Faculty Collection
UMBC Student Collection

Author/Creator

Author/Creator ORCID

Date

2020-10-19

Type of Work

conference proceeding prepints
Text

Department

Program

Citation of Original Publication

Samson Oni, Zhiyuan Chen, Adina Crainiceanu, Karuna Pande Joshi, and Don Needham, A Framework for Situation-Aware Access Control in Federated Data-as-a-Service Systems Based on Query Rewriting, IEEE International Conference on Services Computing (IEEE SCC), 2020

Rights

This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.
Public Domain Mark 1.0
This work was written as part of one of the author's official duties as an Employee of the United States Government and is therefore a work of the United States Government. In accordance with 17 U.S.C. 105, no copyright protection is available for such works under U.S. Law.

Subjects

Abstract

Organizations often need to share mission dependent data in a secure and flexible way. Examples include contact tracing for a contagious disease such as COVID-19, maritime search and rescue operations, or creating a collaborative bid for a contract. In such examples, the ability to access data may need to change dynamically, depending on the situation of a mission (e.g., whether a person tested positive for a disease, a ship is in distress, or a bid offer with given properties needs to be created). We present a novel framework to enable situation-aware access control in a federated Data-as a- Service architecture by using semantic web technologies. Our framework allows distributed query rewriting and semantic reasoning that automatically adds situation based constraints to ensure that users can only see results that they are allowed to access. We have validated our framework by applying it to two dynamic use cases: maritime search and rescue operations and contact tracing for surveillance of a contagious disease. This paper details our implemented solution and experimental results of the two use cases. Our framework can be adopted by organizations that need to share sensitive data securely during dynamic, limited duration scenarios.