查看文章

The main idea of Semantic Web is creating web pages which are also understood by machines and using ontologies to unify data. Improving a secure Semantic Web is one of the main works in Semantic Web research area. For this purpose, policies are used. Policy is a set of rules and provides an access control mechanism for a resource without making any change in that resource. Policy management in Semantic Web is used to define rules for accessing a resource and to provide users to interpret and comply with these rules. One of the key features to develop successful personalized Semantic Web applications is to build user profiles. In this paper, we developed an Ontology-Based Access Control (OBAC) model. This model represents domain and profile information semantically and has a profile based policy approach in order to achieve a personalized policy management for Semantic Web. We store personal information in profiles and model this information semantically to make it part of access control model. Thus, we created two kinds of policies: domain and profile based policies. We implemented an Ontology-Based Access Control application which creates, modifies, and deletes policy ontologies. Policy conflicts are also resolved to provide fine-grained policies in OBAC model. The main contributions of this work are: defining semantically rich resource and entity policies for an OntologyBased Access Control mechanism and making use of these policies in terms of the personalization scope.