论文信息 - Rewriting of SPARQL/Update Queries for Securing Data Access

Rewriting of SPARQL/Update Queries for Securing Data Access

Several access control models for database management systems (DBMS) only consider how to manage select queries and then assume that similar mechanism would apply to update queries. However they do not take into account that updating data may possibly disclose some other sensitive data whose access would be forbidden through select queries. This is typically the case of current relational DBMS managed through SQL which are wrongly specified and lead to inconsistency between select and update queries. In this paper, we show how to solve this problem in the case of SPARQL queries. We present an approach based on rewriting SPARQL/Update queries. It involves two steps. The first one satisfies the update constraints. The second one handles consistency between select and update operators. Query rewriting is done by adding positive and negative filters (corresponding respectively to permissions and prohibitions) to the initial query.

[1] Alban Gabillon. A Formal Access Control Model for XML Databases , 2005, Secure Data Management.

[2] E. Prud hommeaux,et al. SPARQL query language for RDF , 2011 .

[3] Ramaswamy Chandramouli,et al. The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[4] Nora Cuppens-Boulahia,et al. fQuery: SPARQL Query Rewriting to Enforce Data Confidentiality , 2010, DBSec.

[5] Frédéric Cuppens,et al. Organization based access control , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[6] Jeremy J. Carroll,et al. Resource description framework (rdf) concepts and abstract syntax , 2003 .

[7] Michael Stonebraker,et al. Access control in a relational data base management system by query modification , 1974, ACM '74.