Access Control for HTTP Operations on Linked Data

  • Luca Costabello
  • Serena Villata
  • Oscar Rodriguez Rocha
  • Fabien Gandon
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7882)

Abstract

Access control is a recognized open issue when interacting with RDF using HTTP methods. In literature, authentication and authorization mechanisms either introduce undesired complexity such as SPARQL and ad-hoc policy languages, or rely on basic access control lists, thus resulting in limited policy expressiveness. In this paper we show how the Shi3ld attribute-based authorization framework for SPARQL endpoints has been progressively converted to protect HTTP operations on RDF. We proceed by steps: we start by supporting the SPARQL 1.1 Graph Store Protocol, and we shift towards a SPARQL-less solution for the Linked Data Platform. We demonstrate that the resulting authorization framework provides the same functionalities of its SPARQL-based counterpart, including the adoption of Semantic Web languages only.

Keywords

Access Control Access Condition Access Policy Access Control Model SPARQL Query 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Abel, F., De Coi, J.L., Henze, N., Koesling, A.W., Krause, D., Olmedilla, D.: Enabling Advanced and Context-Dependent Access Control in RDF Stores. In: Aberer, K., et al. (eds.) ISWC/ASWC 2007. LNCS, vol. 4825, pp. 1–14. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  2. 2.
    Corby, O., Faron-Zucker, C.: The KGRAM Abstract Machine for Knowledge Graph Querying. In: Procs. of WI, pp. 338–341. IEEE (2010)Google Scholar
  3. 3.
    Corradi, A., Montanari, R., Tibaldi, D.: Context-Based Access Control Management in Ubiquitous Environments. In: Procs. of NCA, pp. 253–260. IEEE (2004)Google Scholar
  4. 4.
    Costabello, L., Villata, S., Gandon, F.: Context-Aware Access Control for RDF Graph Stores. In: Procs. of ECAI, pp. 282–287 (2012)Google Scholar
  5. 5.
    Covington, M.J., Long, W., Srinivasan, S., Dey, A.K., Ahamad, M., Abowd, G.D.: Securing Context-aware Applications using Environment Roles. In: Procs. of SACMAT, pp. 10–20. ACM (2001)Google Scholar
  6. 6.
    Cuppens, F., Cuppens-Boulahia, N.: Modeling Contextual Security Policies. Int. J. Inf. Sec. 7(4), 285–305 (2008)CrossRefGoogle Scholar
  7. 7.
    Dey, A.K.: Understanding and using context. Personal and Ubiquitous Computing 5, 4–7 (2001)CrossRefGoogle Scholar
  8. 8.
    Duckham, M.: Moving Forward: Location Privacy and Location Awareness. In: Procs. of SPRINGL, pp. 1–3. ACM (2010)Google Scholar
  9. 9.
    Finin, T.W., Joshi, A., Kagal, L., Niu, J., Sandhu, R.S., Winsborough, W.H., Thuraisingham, B.M.: ROWLBAC: representing role based access control in OWL. In: Procs. of SACMAT, pp. 73–82. ACM (2008)Google Scholar
  10. 10.
    Flouris, G., Fundulaki, I., Michou, M., Antoniou, G.: Controlling Access to RDF Graphs. In: Berre, A.J., Gómez-Pérez, A., Tutschku, K., Fensel, D. (eds.) FIS 2010. LNCS, vol. 6369, pp. 107–117. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  11. 11.
    Giereth, M.: On Partial Encryption of RDF-Graphs. In: Gil, Y., Motta, E., Benjamins, V.R., Musen, M.A. (eds.) ISWC 2005. LNCS, vol. 3729, pp. 308–322. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  12. 12.
    Giunchiglia, F., Zhang, R., Crispo, B.: Ontology Driven Community Access Control. In: Procs. of SPOT (2009)Google Scholar
  13. 13.
    Hollenbach, J., Presbrey, J., Berners-Lee, T.: Using RDF Metadata to Enable Access Control on the Social Semantic Web. In: Procs. of CK (2009)Google Scholar
  14. 14.
    Hulsebosch, R., Salden, A., Bargh, M., Ebben, P., Reitsma, J.: Context Sensitive Access Control. In: Procs. of SACMAT, pp. 111–119. ACM (2005)Google Scholar
  15. 15.
    Krumm, J.: A Survey of Computational Location Privacy. Personal Ubiquitous Comput. 13(6), 391–399 (2009)CrossRefGoogle Scholar
  16. 16.
    Kulkarni, D., Tripathi, A.: Context-aware Role-based Access Control in Pervasive Computing Systems. In: Procs. of SACMAT, pp. 113–122. ACM (2008)Google Scholar
  17. 17.
    Muhleisen, H., Kost, M., Freytag, J.C.: SWRL-based Access Policies for Linked Data. In: Procs. of SPOT (2010)Google Scholar
  18. 18.
    Priebe, T., Fernández, E.B., Mehlau, J.I., Pernul, G.: A Pattern System for Access Control. In: Procs. of DBSec, pp. 235–249. Kluwer (2004)Google Scholar
  19. 19.
    Sacco, O., Passant, A., Decker, S.: An Access Control Framework for the Web of Data. In: Proc. of TrustCom, pp. 456–463. IEEE (2011)Google Scholar
  20. 20.
    Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-Based Access Control Models. IEEE Computer 29(2), 38–47 (1996)CrossRefGoogle Scholar
  21. 21.
    Shen, H., Cheng, Y.: A Semantic Context-Based Model for Mobile Web Services Access Control. I. J. Computer Network and Information Security 1, 18–25 (2011)CrossRefGoogle Scholar
  22. 22.
    Toninelli, A., Montanari, R., Kagal, L., Lassila, O.: A Semantic Context-Aware Access Control Framework for Secure Collaborations in Pervasive Computing Environments. In: Cruz, I., Decker, S., Allemang, D., Preist, C., Schwabe, D., Mika, P., Uschold, M., Aroyo, L.M. (eds.) ISWC 2006. LNCS, vol. 4273, pp. 473–486. Springer, Heidelberg (2006)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Luca Costabello
    • 1
  • Serena Villata
    • 1
  • Oscar Rodriguez Rocha
    • 2
  • Fabien Gandon
    • 1
  1. 1.INRIA Sophia AntipolisFrance
  2. 2.Politecnico di TorinoItaly

Personalised recommendations