Access Control for Linked Building Data based on Decentralized Role Paths

Tracking #: 1635-2847

This paper is currently under review
Jyrki Oraskari

Responsible editor: 
Guest Editors ST Built Environment 2017

Submission type: 
Ontology Description
Building data is produced and managed in a decentralized and fragmented way across different network-structured organizations separately established to the design, construction, maintenance, and renovation phases of a building. Linked Building Data is an ongoing effort to produce ontologies and tools to enable decentralized publication and granular online sharing of various types of building data as Linked Data. Before these technologies can be taken in practical use, proper access control scheme becomes crucial for reasons of security, privacy, competition, and IPRs. This paper studies a way to assign access rights to resources based on the complex relations of data producers and data consumers in relevant network organizations. The relations are represented as role paths from data to a consumer. A design and implementation of the approach is presented, based on the use of WebID for authentication and role paths for access control rules. An access control ontology incorporating role paths is presented, together with a draft of a domain ontology for construction projects.
Full PDF Version: 
Under Review