Tags:Access Control, Explainability, Inconsistency and Ontology
Abstract:
The development of secure and efficient solutions for access control is an important issue in a variety of applications. One of the main challenges is to avoid situations that make access control decision-making impossible. However, avoiding such situations hampers the evolution of the model, as it means either adding a large set of constraints or dealing with each conflict situation apart using priorities. It is, therefore, important to use methods that deal with conflicts as they arise while providing explanations of the decision taken. In this work, we develop an ontology to manage dynamic and abstract access control rules based on the OrBAC (Organization Based Access Control) model and integrate an ordering relation over any instance of the ontology. Our method takes advantage of the application of inconsistency-tolerant semantics to resolve conflicts and generate explanations for transparency and trust in decisions made. Our results show that the approach efficiently preserves the consistency of the decision taken and provides potentially useful and human-friendly explanations.
An Ontology-Based Approach for Handling Inconsistency in Explainable and Prioritized Access Control Models