Ontology-based Access Control for FAIR Data

Christopher Brewster; Barry Nouwt; Stephan Raaijmakers; Jack Verhoosel

doi:10.1162/dint_a_00029

Ontology-based Access Control for FAIR Data

Christopher Brewster^*, Barry Nouwt, Stephan Raaijmakers, Jack Verhoosel

^*Corresponding author for this work

Research output: Contribution to journal › Article › Academic › peer-review

Abstract

This paper focuses on fine-grained, secure access to FAIR data, for which we propose ontology-based data access policies. These policies take into account both the FAIR aspects of the data relevant to access (such as provenance and licence), expressed as metadata, and additional metadata describing users. With this tripartite approach (data, associated metadata expressing FAIR information, and additional metadata about users), secure and controlled access to object data can be obtained. This yields a security dimension to the "A" (accessible) in FAIR, which is clearly needed in domains like security and intelligence. These domains need data to be shared under tight controls, with widely varying individual access rights. In this paper, we propose an approach called Ontology-Based Access Control (OBAC), which utilizes concepts and relations from a data set's domain ontology. We argue that ontology-based access policies contribute to data reusability and can be reconciled with privacy-aware data access policies. We illustrate our OBAC approach through a proof-of-concept and propose that OBAC to be adopted as a best practice for access management of FAIR data.

Original language	English
Pages (from-to)	66-77
Number of pages	12
Journal	Data Intelligence
Volume	2
Issue number	1-2
DOIs	https://doi.org/10.1162/dint_a_00029
Publication status	Published - 1 Jan 2020

Keywords

Access control
Semantic technology
Ontology
Security
FAIR

Access to Document

10.1162/dint_a_00029Licence: CC BY

https://www.mitpressjournals.org/doi/abs/10.1162/dint_a_00029

Cite this

@article{ca41a65ff8c04d6f8fb6715774bc86b5,

title = "Ontology-based Access Control for FAIR Data",

abstract = "This paper focuses on fine-grained, secure access to FAIR data, for which we propose ontology-based data access policies. These policies take into account both the FAIR aspects of the data relevant to access (such as provenance and licence), expressed as metadata, and additional metadata describing users. With this tripartite approach (data, associated metadata expressing FAIR information, and additional metadata about users), secure and controlled access to object data can be obtained. This yields a security dimension to the {"}A{"} (accessible) in FAIR, which is clearly needed in domains like security and intelligence. These domains need data to be shared under tight controls, with widely varying individual access rights. In this paper, we propose an approach called Ontology-Based Access Control (OBAC), which utilizes concepts and relations from a data set's domain ontology. We argue that ontology-based access policies contribute to data reusability and can be reconciled with privacy-aware data access policies. We illustrate our OBAC approach through a proof-of-concept and propose that OBAC to be adopted as a best practice for access management of FAIR data.",

keywords = "Access control, Semantic technology, Ontology, Security, FAIR",

author = "Christopher Brewster and Barry Nouwt and Stephan Raaijmakers and Jack Verhoosel",

note = "Funding Information: Part of this work was supported by the Titanium Project (funded by the European Comission under grant agreement 740558). The work was also supported by TNO{\textquoteright}s internal research project “ERP AI”. Publisher Copyright: {\textcopyright} 2019 Chinese Academy of Sciences Published under a Creative Commons Attribution 4.0 International (CC BY 4.0) license.",

year = "2020",

month = jan,

day = "1",

doi = "10.1162/dint_a_00029",

language = "English",

volume = "2",

pages = "66--77",

journal = "Data Intelligence",

issn = "2641-435X",

publisher = "The MIT Press",

number = "1-2",

}

TY - JOUR

T1 - Ontology-based Access Control for FAIR Data

AU - Brewster, Christopher

AU - Nouwt, Barry

AU - Raaijmakers, Stephan

AU - Verhoosel, Jack

N1 - Funding Information: Part of this work was supported by the Titanium Project (funded by the European Comission under grant agreement 740558). The work was also supported by TNO’s internal research project “ERP AI”. Publisher Copyright: © 2019 Chinese Academy of Sciences Published under a Creative Commons Attribution 4.0 International (CC BY 4.0) license.

PY - 2020/1/1

Y1 - 2020/1/1

N2 - This paper focuses on fine-grained, secure access to FAIR data, for which we propose ontology-based data access policies. These policies take into account both the FAIR aspects of the data relevant to access (such as provenance and licence), expressed as metadata, and additional metadata describing users. With this tripartite approach (data, associated metadata expressing FAIR information, and additional metadata about users), secure and controlled access to object data can be obtained. This yields a security dimension to the "A" (accessible) in FAIR, which is clearly needed in domains like security and intelligence. These domains need data to be shared under tight controls, with widely varying individual access rights. In this paper, we propose an approach called Ontology-Based Access Control (OBAC), which utilizes concepts and relations from a data set's domain ontology. We argue that ontology-based access policies contribute to data reusability and can be reconciled with privacy-aware data access policies. We illustrate our OBAC approach through a proof-of-concept and propose that OBAC to be adopted as a best practice for access management of FAIR data.

AB - This paper focuses on fine-grained, secure access to FAIR data, for which we propose ontology-based data access policies. These policies take into account both the FAIR aspects of the data relevant to access (such as provenance and licence), expressed as metadata, and additional metadata describing users. With this tripartite approach (data, associated metadata expressing FAIR information, and additional metadata about users), secure and controlled access to object data can be obtained. This yields a security dimension to the "A" (accessible) in FAIR, which is clearly needed in domains like security and intelligence. These domains need data to be shared under tight controls, with widely varying individual access rights. In this paper, we propose an approach called Ontology-Based Access Control (OBAC), which utilizes concepts and relations from a data set's domain ontology. We argue that ontology-based access policies contribute to data reusability and can be reconciled with privacy-aware data access policies. We illustrate our OBAC approach through a proof-of-concept and propose that OBAC to be adopted as a best practice for access management of FAIR data.

KW - Access control

KW - Semantic technology

KW - Ontology

KW - Security

KW - FAIR

U2 - 10.1162/dint_a_00029

DO - 10.1162/dint_a_00029

M3 - Article

SN - 2641-435X

VL - 2

SP - 66

EP - 77

JO - Data Intelligence

JF - Data Intelligence

IS - 1-2

ER -