1. Field of the Invention
This disclosure relates to access control of assets and resources and more specifically to a fine-grained access control mechanism that uses ontology semantic references as access criteria for the authorization of access.
2. Description of the Related Art
In a system there may be resources or objects that require protection. A system may seek to restrict a user or a group of users from accessing certain assets or objects that may be stored or contained on the system. Controlling access may be achieved by an access control policy. Fine-grained asset control systems allow flexibility in specifying the access rights of individual users using an access control policy. The access control policy defines who can see what content that may be in the system. The access control policy may determine authorization and the level of authorization access to system resources.
In one example, a knowledge system may categorize its assets or resources into various industries. There may be a telecommunications industry sector, a retail industry sector, and a banking industry sector. Within each sector, there may be resources categorized under that sector. Default access policy normally grants users affiliated with a given sector (such as telecommunications) the access right to resources categorized under the sector with which the user is affiliated. Specifically, a user affiliated with the telecommunications sector may not be authorized to have access to assets or resources that are categorized under the retail industry sector. Similarly, a user in the retail industry sector may not be authorized to have access to resources that are categorized under the banking industry sector. Users outside of a particular sector may use explicit access control criteria to access resources that are categorized within the sector.