Abstract
The Semantic Web aims at enabling sophisticated and autonomic machine to machine interactions without human intervention, by providing machines not only with data but also with its meaning (semantics). In this setting, traditional security mechanisms are not suitable anymore. For example, identity-based access control assumes that parties are known in advance. Then, a machine first determines the identity of the requester in order to either grant or deny access, depending on its associated information (e.g., by looking up its set of permissions). In the Semantic Web, any two strangers can interact with each other automatically and therefore this assumption does not hold. Hence, a semantically enriched process is required in order to regulate an automatic access to sensitive information. Policy-based access control provide sophisticated means in order to support protecting sensitive resources and information disclosure. This chapter provides an introduction to policy-based security and privacy protection, by analyzing several existing policy languages. Furthermore, it shows how these languages can be used in a number of Semantic Web scenarios.

URL:
http://rewerse.net/publications/rewerse-publications.html#REWERSE-RP-2007-060

BibTeX:

@article{REWERSE-RP-2007-060,
	author = {Daniel Olmedilla},
	title = {Security and Privacy on the Semantic Web},
	journal = {},
	year = {2007},
	pages = {399--415},
	url = {http://rewerse.net/publications/rewerse-publications.html#REWERSE-RP-2007-060}
}