Semantics-aware security policy specification for the semantic web data

Research output: Contribution to journalArticlepeer-review

5 Scopus citations


The semantic web has been envisioned as a machine-interpretable web, where data instances are described through concepts defined and related in ontologies. Though ontologies are publicly available as a crucial component of the semantic web infrastructure, many data instances are sensitive and should be kept confidential. Sensitive information can be illegally inferred from other seemingly unclassified information in combination with the underlying data semantics and interrelationships revealed by ontologies. In other words, the visibility of ontologies can pose inference threats to the security of data instances, and this requires that security policies be specified in such a way that the semantic relationships among data instances are taken into account. To protect the semantic web data or other semantics-rich data, this paper presents semantics-aware security policy specification. We propose concept-level, association-level and property-level access control models for different security objects, and that authorisations be propagated based on different inference patterns. These propagation policies can be used to generate safe and consistent access control authorisations.

Original languageEnglish (US)
Pages (from-to)52-75
Number of pages24
JournalInternational Journal of Information and Computer Security
Issue number1
StatePublished - Feb 2010

All Science Journal Classification (ASJC) codes

  • Software
  • Safety, Risk, Reliability and Quality
  • Hardware and Architecture
  • Computer Networks and Communications


  • Access control
  • Inference problem
  • Information security
  • Ontologies
  • Semantic web
  • Semantics

Fingerprint Dive into the research topics of 'Semantics-aware security policy specification for the semantic web data'. Together they form a unique fingerprint.

Cite this