论文信息 - Inference Leakage Detection for Authorization Policies over RDF Data

Inference Leakage Detection for Authorization Policies over RDF Data

The Semantic Web technologies include entailment regimes that produce new RDF data from existing ones. In the presence of access control, once a user has legitimately received the answer of a query, she/he can derive new data entailed from the answer that should have been forbidden if carried out inside of the RDF store. In this paper, we define a fine-grained authorization model for which it is possible to check in advance whether such a problem will arise. To this end, we provide a static analysis algorithm which can be used at the time of writing the authorization policy and does not require access to the data. We illustrate the expressiveness of the access control model with several conflict resolution strategies including most specific takes precedence as well as the applicability of the algorithm for diagnosis purposes.

[1] Amit Jain,et al. Secure resource description framework: an access control model , 2006, SACMAT '06.

[2] Grigoris Antoniou,et al. Access control for RDF graphs using abstract models , 2012, SACMAT '12.

[3] Grigoris Antoniou,et al. Controlling Access to RDF Graphs , 2010, FIS.

[4] Marcelo Arenas,et al. Semantics and Complexity of SPARQL , 2006, International Semantic Web Conference.

[5] Steve Barker,et al. Protecting deductive databases from unauthorized retrieval and update requests , 2002, Data Knowl. Eng..

[6] Serge Abiteboul,et al. Foundations of Databases , 1994 .

[7] Timothy W. Finin,et al. Policy-Based Access Control for an RDF Store , 2005, IJCAI 2007.

[8] Nicola Henze,et al. Enabling Advanced and Context-Dependent Access Control in RDF Stores , 2007, ISWC/ASWC.

[9] Axel Polleres,et al. From SPARQL to rules (and back) , 2007, WWW '07.

[10] Flemming Nielson,et al. The logic of XACML , 2011, Sci. Comput. Program..

[11] Alberto Martelli,et al. An Efficient Unification Algorithm , 1982, TOPL.

[12] Axel Polleres,et al. A Logic Programming approach for Access Control over RDF , 2012, ICLP.

[13] Sushil Jajodia,et al. The inference problem: a survey , 2002, SKDD.

[14] Bhavani M. Thuraisingham,et al. Towards fine grained RDF access control , 2014, SACMAT '14.