Paper at KES 2023 conference, Athens, Greece
September 6, 2023
OrBAC is a usage control model allowing the definition of dynamic security rules, that is to say which can be active (or not) depending on the context (a Boolean predicate) at the time they are verified. OrBAC also supports permission
, prohibition
or obligation
rules. This model is also very interesting because it has a tool for editing and testing security policies: MotOrBAC. This tool also provides a Java API which therefore makes it possible to integrate the use of such security policies into any Java project.
In this article we present how to translate OrBAC rules into SWRL, thus allowing us to use the power of expression of OrBAC without using either the dedicated MotOrBAC tool or its API. Any semantic web tool or library supporting SWRL can do the job (e.g. SWRL API developed by the Protégé team).