论文信息 - Query Based Access Control for Linked Data

Query Based Access Control for Linked Data

In recent years we have seen significant advances in the technology used to both publish and consume Linked Data. However, in order to support the next generation of ebusiness applications on top of interlinked machine readable data suitable forms of access control need to be put in place. Although a number of access control models and frameworks have been put forward, very little research has been conducted into the security implications associated with granting access to partial data or the correctness of the proposed access control mechanisms. Therefore the contributions of this paper are two fold: we propose a query rewriting algorithm which can be used to partially restrict access to SPARQL 1.1 queries and updates; and we demonstrate how a set of criteria, which was originally used to verify that an access control policy holds over different database states, can be adapted to verify the correctness of access control via query rewriting.

Axel Polleres | Alessandra Mileo | Stefan Decker | Sabrina Kirrane

[1] Tom Heath,et al. Linked Data: Evolving the Web into a Global Data Space , 2011, Linked Data.

[2] Stefano Valtolina,et al. Towards a Fine-Grained Access Control Model and Mechanisms for Semantic Databases , 2007, IEEE International Conference on Web Services (ICWS 2007).

[3] Nora Cuppens-Boulahia,et al. Privacy Policy Preferences Enforced by SPARQL Query Rewriting , 2012, 2012 Seventh International Conference on Availability, Reliability and Security.

[4] Hannes Mühleisen,et al. SWRL-based Access Policies for Linked Data , 2010 .

[5] Heiner Stuckenschmidt,et al. A Model-driven Approach to enable Access Control for Ontologies , 2009, Wirtschaftsinformatik.

[6] Serena Villata,et al. Linked Data Access Goes Mobile: Context-Aware Authorization for Graph Stores , 2012, LDOW.

[7] Nicola Henze,et al. Enabling Advanced and Context-Dependent Access Control in RDF Stores , 2007, ISWC/ASWC.

[8] Jian Li,et al. Query Rewriting for Access Control on Semantic Web , 2008, Secure Data Management.

[9] Jorge Lobo,et al. On the Correctness Criteria of Fine-Grained Access Control in Relational Databases , 2007, VLDB.

[10] James A. Hendler,et al. Web Science: Understanding the Emergence of Macro-Level Features on the World Wide Web , 2013, Found. Trends Web Sci..

[11] Nora Cuppens-Boulahia,et al. fQuery: SPARQL Query Rewriting to Enforce Data Confidentiality , 2010, DBSec.