Access Control Enforcement for Selective Disclosure of Linked Data

  • Tarek Sayah
  • Emmanuel Coquery
  • Romuald Thion
  • Mohand-Saïd Hacid
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9871)

Abstract

The Semantic Web technologies enable Web-scaled data linking between large RDF repositories. However, it happens that organizations cannot publish their whole datasets but only some subsets of them, due to ethical, legal or confidentiality considerations. Different user profiles may have access to different authorized subsets. In this case, selective disclosure appears as a promising incentive for linked data. In this paper, we show that modular, fine-grained and efficient selective disclosure can be achieved on top of existing RDF stores. We use a data-annotation approach to enforce access control policies. Our results are grounded on previously established formal results proposed in [14]. We present an implementation of our ideas and we show that our solution for selective disclosure scales, is independent of the user query language, and incurs reasonable overhead at runtime.

Keywords

RDF Authorization Enforcement Linked Data 

References

  1. 1.
    Abel, F., Coi, J.L., Henze, N., Koesling, A.W., Krause, D., Olmedilla, D.: Enabling advanced and context-dependent access control in RDF stores. In: Aberer, K., et al. (eds.) ASWC/ISWC -2007. LNCS, vol. 4825, pp. 1–14. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  2. 2.
    Angles, R., Gutiérrez, C.: Survey of graph database models. ACM Comput. Surv. 40(1), 1–39 (2008)CrossRefGoogle Scholar
  3. 3.
    Atre, M., Chaoji, V., Zaki, M.J., Hendler, J.A.: Matrix “bit” loaded: a scalable lightweight join query processor for RDF data. In: WWW, pp. 41–50 (2010)Google Scholar
  4. 4.
    Berners-Lee, T.: Linked data-design issues (2006). https://www.w3.org/DesignIssues/LinkedData.html
  5. 5.
    Bizer, C., Heath, T., Berners-Lee, T.: Linked data - the story so far. Int. J. Semantic Web Inf. Syst. 5(3), 1–22 (2009)CrossRefGoogle Scholar
  6. 6.
    Costabello, L., Villata, S., Delaforge, N., et al.: Linked data access goes mobile: context-aware authorization for graph stores. In: LDOW-5th WWW Workshop (2012)Google Scholar
  7. 7.
    Flouris, G., Fundulaki, I., Michou, M., Antoniou, G.: Controlling access to RDF graphs. In: Berre, A.J., Gómez-Pérez, A., Tutschku, K., Fensel, D. (eds.) FIS 2010. LNCS, vol. 6369, pp. 107–117. Springer, Heidelberg (2010). doi:10.1007/978-3-642-15877-3_12 CrossRefGoogle Scholar
  8. 8.
    Hayes, P.J., Patel-Schneider, P.F.: RDF 1.1 semantics. W3C recommendation (2014). http://www.w3.org/TR/rdf11-mt/
  9. 9.
    Jain, A., Farkas, C.: Secure resource description framework: an access control model. In: SACMAT, pp. 121–129. ACM (2006)Google Scholar
  10. 10.
    Lopes, N., Kirrane, S., Zimmermann, A., Polleres, A., Mileo, A.: A logic programming approach for access control over RDF. In: ICLP, pp. 381–392 (2012)Google Scholar
  11. 11.
    Papakonstantinou, V., Michou, M., Fundulaki, I., Flouris, G., Antoniou, G.: Access control for RDF graphs using abstract models. In: SACMAT, pp. 103–112 (2012)Google Scholar
  12. 12.
    Pérez, J., Arenas, M., Gutierrez, C.: Semantics and complexity of SPARQL. ACM Trans. Database Syst. 34(3), 1–45 (2009)CrossRefGoogle Scholar
  13. 13.
    Reddivari, P., Finin, T., Joshi, A.: Policy-based access control for an RDF store. In: WWW, pp. 78–81 (2005)Google Scholar
  14. 14.
    Sayah, T., Coquery, E., Thion, R., Hacid, M.-S.: Inference leakage detection for authorization policies over RDF data. In: Samarati, P. (ed.) DBSec 2015. LNCS, vol. 9149, pp. 346–361. Springer, Heidelberg (2015). doi:10.1007/978-3-319-20810-7_24 CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  • Tarek Sayah
    • 1
  • Emmanuel Coquery
    • 1
  • Romuald Thion
    • 1
  • Mohand-Saïd Hacid
    • 1
  1. 1.Université de Lyon, CNRS, Université Lyon 1, LIRIS, UMR5205LyonFrance

Personalised recommendations