Ontology-based Access Control Management: Two Use Cases

Access control management is an important area of research within the security field. Several models have been proposed to manage the access rights of users over restricted resources, which are mainly based on defining rules between specific entities and concrete resources. Though these approaches are enough to manage organizations involving a limited number of entities and resources, the specification of rules or constraints for large and heterogeneous scenarios may imply a considerable burden to the administrators. To palliate this problem, we propose a generic ontology-based solution to manage the access control that can greatly simplify and speed up the definition of rules in complex scenarios and that can also improve the interoperability between heterogeneous settings. Moreover, we show its potential by applying it in two highly dynamic and large scenarios, i.e., Online Social Networks (OSNs) and the Cloud.