Secure XML querying with security views
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Named graphs, provenance and trust
WWW '05 Proceedings of the 14th international conference on World Wide Web
Secure resource description framework: an access control model
Proceedings of the eleventh ACM symposium on Access control models and technologies
Proceedings of the twenty-sixth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
On Graph Features of Semantic Web Schemas
IEEE Transactions on Knowledge and Data Engineering
An Introduction to Authorization Conflict Problem in RDF Access Control
KES '08 Proceedings of the 12th international conference on Knowledge-Based Intelligent Information and Engineering Systems, Part II
On explicit provenance management in RDF/S graphs
TAPP'09 First workshop on on Theory and practice of provenance
Semantics and complexity of SPARQL
ACM Transactions on Database Systems (TODS)
Coloring RDF Triples to Capture Provenance
ISWC '09 Proceedings of the 8th International Semantic Web Conference
An inference control algorithm for RDF(S) repository
PAISI'07 Proceedings of the 2007 Pacific Asia conference on Intelligence and security informatics
Enabling advanced and context-dependent access control in RDF stores
ISWC'07/ASWC'07 Proceedings of the 6th international The semantic web and 2nd Asian conference on Asian semantic web conference
Containment and minimization of RDF/S query patterns
ISWC'05 Proceedings of the 4th international conference on The Semantic Web
PoweRGen: A power-law based generator of RDFS schemas
Information Systems
A generic approach for correcting access restrictions to a consequence
ESWC'10 Proceedings of the 7th international conference on The Semantic Web: research and Applications - Volume Part I
Hi-index | 0.00 |
The Resource Description Framework (RDF) has become the defacto standard for representing information in the Semantic Web. Given the increasing amount of sensitive RDF data available on the Web, it becomes increasingly critical to guarantee secure access to this content. In this paper we advocate the use of an abstract access control model to ensure the selective exposure of RDF information. The model is defined by a set of abstract operators and tokens. Tokens are used to label RDF triples with access information. Abstract operators model RDF Schema inference rules and propagation of labels along the RDF Schema(RDFS) class and property hierarchies. In this way, the access label of a triple is a complex expression that involves the labels of the triples and the operators applied to obtain said label. Different applications can then adopt different concrete access policies that encode an assignment of the abstract tokens and operators to concrete (specific) values. Following this approach, changes in the interpretation of abstract tokens and operators can be easily implemented resulting in a very flexible mechanism that allows one to easily experiment with different concrete access policies (defined per context or user). To demonstrate the feasibility of the approach, we implemented our ideas on top of the MonetDB and PostgreSQL open source database systems. We conducted an initial set of experiments which showed that the overhead for using abstract expressions is roughly linear to the number of triples considered; performance is also affected by the characteristics of the dataset, such as the size and depth of class and property hierarchies as well as the considered concrete policy.