OBAC: towards agent-based identification and classification of roles, objects, permissions (ROP) in distributed environment Sidra Aslam 1 & Mansoor Ahmed 1 & Imran Ahmed 2,3 & Abid Khan 1 & Awais Ahmad 2,3 & Muhammad Imran 1 & Adeel Anjum 1 & Shahid Hussain 1 Received: 17 April 2019 /Revised: 1 October 2019 /Accepted: 17 February 2020 # Springer Science+Business Media, LLC, part of Springer Nature 2020 Abstract Access control is used to prevent data from access of unauthorized users. Over the years, several access control models have been proposed to meet requirements of various applications and domains. Role-based access control model is one such model which enforces security based on the roles. However, role-based access control model is static in nature and does not provide the dynamism of collaboration required in the multi-domain environment. This paper presents an Ontology-Based Access Control (OBAC) model, which provides a solution by using an ontology-based approach. In OBAC model, agents are used for the identification and classification of Roles, Objects and Permissions (ROP) in distributed environment. The proposed method exploits the ontology-based approach, where agent learns and adapts changes to identify roles, objects and permissions from a given dataset and classify them into ontology according to rules and policies. The proposed ontology also provides extensibility and reusability. Moreover, we simulated our technique on datasets of two different domains. The first dataset is related to the university environment and the second one is about hospital domain. The promising experimental results indicates the effectiveness of proposed approach. Keywords Semantic Web . Ontology . Agent . Role-Based Access Control . Role . Objects . Permissions . Access Control . Distributed Systems 1 Introduction Role Based Access Control (RBAC) model is used to protect information from unauthorized individuals. RBAC has four parameters; user, role, object, and permission. The role defines user identity to access the system, such as a teacher, student, or manager etc. The object can be Multimedia Tools and Applications https://doi.org/10.1007/s11042-020-08764-2 * Awais Ahmad aahmad.marwat@gmail.com Extended author information available on the last page of the article