Abstract
The Semantic Web technologies enable Web-scaled data linking between large RDF repositories. However, it happens that organizations cannot publish their whole datasets but only some subsets of them, due to ethical, legal or confidentiality considerations. Different user profiles may have access to different authorized subsets. In this case, selective disclosure appears as a promising incentive for linked data. In this paper, we show that modular, fine-grained and efficient selective disclosure can be achieved on top of existing RDF stores. We use a data-annotation approach to enforce access control policies. Our results are grounded on previously established formal results proposed in [14]. We present an implementation of our ideas and we show that our solution for selective disclosure scales, is independent of the user query language, and incurs reasonable overhead at runtime.
This work is supported by Thomson Reuters in the framework of the Partner University Fund project: “Cybersecurity Collaboratory: Cyberspace Threat Identification, Analysis and Proactive Response”. The Partner University Fund is a program of the French Embassy in the United States and the FACE Foundation and is supported by American donors and the French government.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
- 3.
Proofs are provided at http://liris.cnrs.fr/~tsayah/STM2016/.
- 4.
- 5.
- 6.
- 7.
References
Abel, F., Coi, J.L., Henze, N., Koesling, A.W., Krause, D., Olmedilla, D.: Enabling advanced and context-dependent access control in RDF stores. In: Aberer, K., et al. (eds.) ASWC/ISWC -2007. LNCS, vol. 4825, pp. 1–14. Springer, Heidelberg (2007)
Angles, R., Gutiérrez, C.: Survey of graph database models. ACM Comput. Surv. 40(1), 1–39 (2008)
Atre, M., Chaoji, V., Zaki, M.J., Hendler, J.A.: Matrix “bit” loaded: a scalable lightweight join query processor for RDF data. In: WWW, pp. 41–50 (2010)
Berners-Lee, T.: Linked data-design issues (2006). https://www.w3.org/DesignIssues/LinkedData.html
Bizer, C., Heath, T., Berners-Lee, T.: Linked data - the story so far. Int. J. Semantic Web Inf. Syst. 5(3), 1–22 (2009)
Costabello, L., Villata, S., Delaforge, N., et al.: Linked data access goes mobile: context-aware authorization for graph stores. In: LDOW-5th WWW Workshop (2012)
Flouris, G., Fundulaki, I., Michou, M., Antoniou, G.: Controlling access to RDF graphs. In: Berre, A.J., Gómez-Pérez, A., Tutschku, K., Fensel, D. (eds.) FIS 2010. LNCS, vol. 6369, pp. 107–117. Springer, Heidelberg (2010). doi:10.1007/978-3-642-15877-3_12
Hayes, P.J., Patel-Schneider, P.F.: RDF 1.1 semantics. W3C recommendation (2014). http://www.w3.org/TR/rdf11-mt/
Jain, A., Farkas, C.: Secure resource description framework: an access control model. In: SACMAT, pp. 121–129. ACM (2006)
Lopes, N., Kirrane, S., Zimmermann, A., Polleres, A., Mileo, A.: A logic programming approach for access control over RDF. In: ICLP, pp. 381–392 (2012)
Papakonstantinou, V., Michou, M., Fundulaki, I., Flouris, G., Antoniou, G.: Access control for RDF graphs using abstract models. In: SACMAT, pp. 103–112 (2012)
Pérez, J., Arenas, M., Gutierrez, C.: Semantics and complexity of SPARQL. ACM Trans. Database Syst. 34(3), 1–45 (2009)
Reddivari, P., Finin, T., Joshi, A.: Policy-based access control for an RDF store. In: WWW, pp. 78–81 (2005)
Sayah, T., Coquery, E., Thion, R., Hacid, M.-S.: Inference leakage detection for authorization policies over RDF data. In: Samarati, P. (ed.) DBSec 2015. LNCS, vol. 9149, pp. 346–361. Springer, Heidelberg (2015). doi:10.1007/978-3-319-20810-7_24
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing AG
About this paper
Cite this paper
Sayah, T., Coquery, E., Thion, R., Hacid, MS. (2016). Access Control Enforcement for Selective Disclosure of Linked Data. In: Barthe, G., Markatos, E., Samarati, P. (eds) Security and Trust Management. STM 2016. Lecture Notes in Computer Science(), vol 9871. Springer, Cham. https://doi.org/10.1007/978-3-319-46598-2_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-46598-2_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-46597-5
Online ISBN: 978-3-319-46598-2
eBook Packages: Computer ScienceComputer Science (R0)