This paper focuses on fine-grained,secure access to FAIR data,for which we propose ontology-based data access policies.These policies take into account both the FAIR aspects of the data relevant to access(such as prov...This paper focuses on fine-grained,secure access to FAIR data,for which we propose ontology-based data access policies.These policies take into account both the FAIR aspects of the data relevant to access(such as provenance and licence),expressed as metadata,and additional metadata describing users.With this tripartite approach(data,associated metadata expressing FAIR information,and additional metadata about users),secure and controlled access to object data can be obtained.This yields a security dimension to the“A”(accessible)in FAIR,which is clearly needed in domains like security and intelligence.These domains need data to be shared under tight controls,with widely varying individual access rights.In this paper,we propose an approach called Ontology-Based Access Control(OBAC),which utilizes concepts and relations from a data set's domain ontology.We argue that ontology-based access policies contribute to data reusability and can be reconciled with privacy-aware data access policies.We illustrate our OBAC approach through a proof-of-concept and propose that OBAC to be adopted as a best practice for access management of FAIR data.展开更多
基金Part of this work was supported by the Titanium Project(funded by the European Comission under grant agreement 740558)The work was also supported by TNO’s internal research project“ERP AI”.
文摘This paper focuses on fine-grained,secure access to FAIR data,for which we propose ontology-based data access policies.These policies take into account both the FAIR aspects of the data relevant to access(such as provenance and licence),expressed as metadata,and additional metadata describing users.With this tripartite approach(data,associated metadata expressing FAIR information,and additional metadata about users),secure and controlled access to object data can be obtained.This yields a security dimension to the“A”(accessible)in FAIR,which is clearly needed in domains like security and intelligence.These domains need data to be shared under tight controls,with widely varying individual access rights.In this paper,we propose an approach called Ontology-Based Access Control(OBAC),which utilizes concepts and relations from a data set's domain ontology.We argue that ontology-based access policies contribute to data reusability and can be reconciled with privacy-aware data access policies.We illustrate our OBAC approach through a proof-of-concept and propose that OBAC to be adopted as a best practice for access management of FAIR data.
