Protect Your RDF Data!

  • Sabrina Kirrane
  • Nuno Lopes
  • Alessandra Mileo
  • Stefan Decker
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7774)


The explosion of digital content and the heterogeneity of enterprise content sources have pushed existing data integration solutions to their boundaries. Although RDF can be used as a representation format for integrated data, enterprises have been slow to adopt this technology. One of the primary inhibitors to its widespread adoption in industry is the lack of fine grained access control enforcement mechanisms available for RDF. In this paper, we provide a summary of access control requirements based on our analysis of existing access control models and enforcement mechanisms. We subsequently: (i) propose a set of access control rules that can be used to provide support for these models over RDF data; (ii) detail a framework that enforces access control restrictions over RDF data; and (iii) evaluate our implementation of the framework over real-world enterprise data.


Access Control Resource Description Framework Policy Language Access Control Policy Access Control Model 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Amini, M., Jalili, R.: Multi-level authorisation model and framework for distributed semantic-aware environments. IET Information Security 4(4), 301 (2010)CrossRefGoogle Scholar
  2. 2.
    Bonatti, P.A., De Coi, J.L., Olmedilla, D., Sauro, L.: Rule-based policy representations and reasoning. In: Bry, F., Małuszyński, J. (eds.) Semantic Techniques for the Web. LNCS, vol. 5500, pp. 201–232. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  3. 3.
    Bradshaw, J.M., Dutfield, S., Benoit, P., Woolley, J.D.: KAoS: Toward an industrial-strength open agent architecture. In: Software Agents (1997)Google Scholar
  4. 4.
    Costabello, L., Villata, S., Delaforge, N.: Linked data access goes mobile: Context-aware authorization for graph stores. In: LDOW - 5th WWW Workshop on Linked Data on the Web (2012),
  5. 5.
    Cyganiak, R., Harth, A., Hogan, A.: N-Quads: Enxtending N-Triples with Context (2009)Google Scholar
  6. 6.
    Das, S., Sundara, S., Cyganiak, R.: R2RML: RDB to RDF Mapping Language. Candidate Recommendation, W3C (February 2012)Google Scholar
  7. 7.
    Evered, M.: A case study in access control requirements for a health information system. In: Second Workshop on Australasian Information Security (2004)Google Scholar
  8. 8.
    Griffiths, P.P.: An authorization mechanism for a relational database system. ACM Transactions on Database Systems 1(3), 242–255 (1976)CrossRefGoogle Scholar
  9. 9.
    Javanmardi, S., Amini, M., Jalili, R., GanjiSaffar, Y.: SBAC: A Semantic-Based Access Control Model. In: 11th Nordic Workshop on Secure IT-systems (NordSec 2006), Linköping, Sweden (2006)Google Scholar
  10. 10.
    Kagal, L., Finin, T.: A policy language for a pervasive computing environment. In: Proceedings of the IEEE 4th International Workshop on Policies for Distributed Systems and Networks, POLICY 2003, pp. 63–74. IEEE Comput. Soc. (2003)Google Scholar
  11. 11.
    Lopes, N., Polleres, A., Straccia, U., Zimmermann, A.: AnQL: SPARQLing Up Annotated RDFS. In: Patel-Schneider, P.F., Pan, Y., Hitzler, P., Mika, P., Zhang, L., Pan, J.Z., Horrocks, I., Glimm, B. (eds.) ISWC 2010, Part I. LNCS, vol. 6496, pp. 518–533. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  12. 12.
    Lopes, N., Bischof, S., Decker, S., Polleres, A.: On the Semantics of Heterogeneous Querying of Relational, XML and RDF Data with XSPARQL. In: Moura, P., Nogueira, V.B. (eds.) EPIA 2011 – COLA Track, Lisbon, Portugal (October 2011)Google Scholar
  13. 13.
    Lopes, N., Kirrane, S., Zimmermann, A., Polleres, A., Mileo, A.: A Logic Programming approach for Access Control over RDF. In: Technical Communications of ICLP 2012, vol. 17, pp. 381–392. Schloss Dagstuhl–Leibniz-Zentrum fuer Informatik (2012)Google Scholar
  14. 14.
    McCollum, C.J., Messing, J.R., Notargiacomo, L.: Beyond the pale of MAC and DAC-defining new forms of access control. In: Proceedings of the 1990 IEEE Computer Society Symposium on Research in Security and Privacy, pp. 190–200. IEEE (1990)Google Scholar
  15. 15.
    Qin, L., Atluri, V.: Concept-level access control for the Semantic Web. In: Proceedings of the 2003 ACM Workshop on XML Security - XMLSEC 2003, p. 94. ACM Press (2003)Google Scholar
  16. 16.
    Ryutov, T., Kichkaylo, T., Neches, R.: Access Control Policies for Semantic Networks. In: 2009 IEEE International Symposium on Policies for Distributed Systems and Networks, pp. 150–157. IEEE (July 2009)Google Scholar
  17. 17.
    Sacco, O., Passant, A., Decker, S.: An Access Control Framework for the Web of Data. In: 2011 IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications, pp. 456–463 (November 2011)Google Scholar
  18. 18.
    Samarati, P., de Capitani di Vimercati, S.: Access control: Policies, models, and mechanisms. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol. 2171, pp. 137–196. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  19. 19.
    Sandhu, R.S.: Role-based access control. In: Advances in Computers, pp. 554–563 (1998)Google Scholar
  20. 20.
    Seaborne, A., Prud’hommeaux, E.: SPARQL Query Language for RDF. W3C Recommendation, W3C (January 2008),
  21. 21.
    Stephens, S.: The Enterprise Semantic Web. In: Cardoso, J., Hepp, M., Lytras, M.D. (eds.) The Semantic Web: Real-World Applications from Industry. Semantic Web and Beyond Computing for Human Experience, vol. 6, pp. 17–37. Springer (2007)Google Scholar
  22. 22.
    Udrea, O., Recupero, D.R., Subrahmanian, V.S.: Annotated RDF. ACM Trans. Comput. Logic 11(2), 1–41 (2010)MathSciNetCrossRefGoogle Scholar
  23. 23.
    Zimmermann, A., Lopes, N., Polleres, A., Straccia, U.: A General Framework for Representing, Reasoning and Querying with Annotated Semantic Web Data. J. Web Sem. 11, 72–95 (2012)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Sabrina Kirrane
    • 1
    • 2
  • Nuno Lopes
    • 1
  • Alessandra Mileo
    • 1
  • Stefan Decker
    • 1
  1. 1.Digital Enterprise Research InstituteNational University of IrelandGalwayIreland
  2. 2.Storm TechnologyIreland

Personalised recommendations