-
Notifications
You must be signed in to change notification settings - Fork 11
Security
The security ontology models all the security concepts needed in universAAL for Authentication, Authorisation, Session Management, Anonymization and many more.
The main container for all security tokens for an individual; part of the subprofiles for a user.
Representation of the credentials used to Authenticate a user. Its hierarchy includes the definition of the different factor types for multi factor authentication, as well as some standard authentication methods such as UserPassword
Used for Authorising the user to access certain Assets. The authorisation is role base authorisation, Roles can be defined in a hierarchical manner. Each role will have different AccessRights.
Defines the type of access to a particular Asset described as a TypeExpression; this provides the posibility of setting a set of individuals (through an enumeration), or through restrictions, describe the set of rules which individuals must comply in order to apply the access right.
Defines if the access right is read only, add (creating new instances), change (modify instances), or remove (delete instance).
is the concept of something that is protected by the authorisation mechanism.
This form enables authoriser (a user) to securely delegate some of its own Roles, or some special Role to a delegate (another user) so that the delegate can access information protected by the authorisation mechanism.
The anonymization system relies on the Anonymizable concept, any Resource may be subsceptible of bein anonymized by making Anonymizable a super class of it. The property that will be encrypted (anonymized for only authorised entities to read) will have to be declared as sub property of anonymous_resource property. See the following example: