1 AIT Asian Institute of Technology

An ontology based model for trust negotiation in open systems

AuthorDoudpota, Sher Muhammad
Call NumberAIT Thesis no.CS-08-03
Subject(s)Personal information management
Patients---Databases--Access control

NoteA thesis submitted in partial fulfillment of the requirements for the degree of Master of Engineering in Computer Science, School of Engineering and Technology
PublisherAsian Institute of Technology
Series StatementThesis ; no. CS-08-03
AbstractIn this thesis, we present an ontology-based framework to derive a secure trust negotiation approach that can maintain, share and protect a user information system. We envision a Personal Health Record (PHR) system being a candidate case for our proposed framework. Such information systems are often used by individuals to store their personal health records. PHR are used to provide information to people such as a physician or family member(s) or friend (s). In existing systems such as Microsoft's HealthVault, access is allowed by verifying conventional usemame and password attributes which turns out to be difficult for a typical physician who may have tens or hundreds of such patients. In addition, since they provide unrestricted access, exposing undesired pieces of information. For example, a user may wish to show his/her diseases list to a physician but at the same time he might not want to show list of allergies available in same record. In our approach, we propose an access control mechanism on PHR using ontology-based trust negotiation model. In trust negotiation system, every resource is protected by an access control policy which defines the attribute of counterpart to be proved in order to gain access on that resource. Due to hierarchical structure of ontology-based PHR, record holder can define separate access control policies for each component in PHR. This means, PHR record holder can pariially share his/her record with any other person by defining access control policy for each component in PHR separately. In addition, ontology-based framework seems suitable since trust negotiation nonnally takes place between strangers often related to different domains. There is always a risk that participant in a negotiation session may refer to the same attribute with different names, such as confusing gender with sex. The negotiation agents on both sides may not know the relationship between these attributes. This may result in failure of negotiation. We assert the use of ontology on both ends of participants, which can hold the definition of all attributes of participant and relationship among those attributes using basic ontology properties such as isSameAs, isDiffenrentFrom, isOppsiteOf etc. We successfully demonstrate that use of ontologies in trust negotiation; can make access control policy specification and maintenance easier. The system also explains how ontologies could be used to avoid possession sensitive and other privacy attacks on negotiation.
Year2008
Corresponding Series Added EntryAsian Institute of Technology. Thesis ; no. CS-08-03
TypeThesis
SchoolSchool of Engineering and Technology (SET)
DepartmentDepartment of Information and Communications Technologies (DICT)
Academic Program/FoSComputer Science (CS)
Chairperson(s)Phan Minh Dung
Examination Committee(s)Guha, Samanta;Rajatheva, R. M. A. P.;
Scholarship Donor(s)Sukkur IBA, Pakistan; Asian Institute of Technology Fellowship
DegreeThesis (M.Eng.) - Asian Institute of Technology, 2008


Usage Metrics
View Detail0
Read PDF0
Download PDF0