Encyclopedia of Big Data Technologies

2019 Edition
| Editors: Sherif Sakr, Albert Y. Zomaya

Security and Privacy Aspects of Semantic Data

  • Sabrina KirraneEmail author
Reference work entry
DOI: https://doi.org/10.1007/978-3-319-77525-8_290



Access control is a mechanism used to restrict access to data or systems, based on rules that grant subjects (e.g., individuals, groups, roles) access rights to resources (e.g., data or systems) (Sandhu and Samarati 1994). Enforcement is usually broken into two stages: authentication and authorization. Authentication involves the verification the data subjects identity or attributes, whereas authorization is a mechanism used to determine if the requester (i.e., the subject) has the access rights necessary to carry out the request.

Encryption is an effective means of ensuring the confidentiality and integrity of information stored locally or transferred over a network (Menezes et al. 1996). Encryption involves the translation of data into an unintelligible form through the use of a secret key. Decryption is the process of restoring data to its original form through the use of a key (which may or may not...

This is a preview of subscription content, log in to check access.


  1. Abel F, De Coi J, Henze N, Koesling A, Krause D, Olmedilla D (2007) Enabling advanced and context-dependent access control in RDF stores. In: The semantic web. Lecture notes in computer science, vol 4825. Springer, Berlin/Heidelberg, pp 1–14.  https://doi.org/10.1007/978-3-540-76298-0_1Google Scholar
  2. Artz D, Gil Y (2007) A survey of trust in computer science and the semantic web. Web Semant Sci Serv Agents World Wide Web 5(2):58–71CrossRefGoogle Scholar
  3. Beek W, Rietveld L, Schlobach S, van Harmelen F (2016) Lod laundromat: why the semantic web needs centralization (even if we don’t like it). IEEE Internet Comput 20(2):78–81CrossRefGoogle Scholar
  4. Berners-Lee T (2000) Semantic web – xml2000. https://www.w3.org/2000/Talks/1206-xml2k-tbl/slide10-0.html. Accessed 13 Jan 2018
  5. Bizer C, Oldakowski R (2004) Using context-and content-based trust policies on the semantic web. In: Proceedings of the 13th international World Wide Web conference on alternate track papers & posters. ACM, pp 228–229Google Scholar
  6. Bonatti P, Olmedilla D (2005) Driving and monitoring provisional trust negotiation with metapolicies. In: Sixth IEEE international workshop on policies for distributed systems and networks, pp 14–23Google Scholar
  7. Bonatti PA, Olmedilla D (2007) Rule-based policy representation and reasoning for the semantic web. In: Proceedings of the third international summer school conference on reasoning web, RW’07. Springer, pp 240–268. http://dl.acm.org/citation.cfm?id=2391482.2391488
  8. Bonatti P, Kirrane S, Polleres A, Wenning R (2017) Transparent personal data processing: the road ahead. In: International conference on computer safety, reliability, and security. Springer, London/New York, pp 337–349CrossRefGoogle Scholar
  9. Brickley D, Guha R (2014) RDF schema 1.1. W3C recommendation, W3C. Available at http://www.w3.org/TR/2014/REC-rdf-schema-20140225/Overview.html
  10. Cabrio E, Aprosio AP, Villata S (2014) These are your rights a natural language processing approach to automated RDF licenses generation. In: The semantic web: trends and challenges. Springer, Cham, pp 255–269CrossRefGoogle Scholar
  11. Dietzold S, Auer S (2006) Access control on RDF triple stores from a semantic wiki perspective. In: Proceedings of the ESWC’06 workshop on scripting for the semantic webGoogle Scholar
  12. Ding L, Zhou L, Finin TW (2003) Trust based knowledge outsourcing for semantic web agents. In: Proceedings IEEE/WIC international conference on web intelligence, pp 379–387Google Scholar
  13. Ding L, Kolari P, Finin T, Joshi A, Peng Y, Yesha Y (2005) On homeland security and the semantic web: a provenance and trust aware inference framework. In: AAAI spring symposium: AI technologies for homeland security, pp 157–160Google Scholar
  14. Dwork C (2006) Differential privacy. In: Proceedings of the 33rd international conference on automata, languages and programming – volume part II, ICALP’06. Springer, Berlin/Heidelberg, pp 1–12.  https://doi.org/10.1007/11787006_1Google Scholar
  15. Fernández JD, Kirrane S, Polleres A, Steyskal S (2017) Self-enforcing access control for encrypted RDF. In: European semantic web conference. Springer, pp 607–622Google Scholar
  16. Fernandez Garcia JD, Kiesling E, Kirrane S, Neuschmid J, Mizerski N, Polleres A, Sabou M, Thurner T, Wetz P (2016) Propelling the potential of enterprise linked data in Austria. Roadmap and report. https://www.linked-data.at/wp-content/uploads/2016/12/propel_book_web.pdf
  17. Gabillon A, Letouzey L (2010) A view based access control model for sparql. In: 2010 4th international conference on network and system security (NSS), pp 105–112Google Scholar
  18. Gavriloaie R, Nejdl W, Olmedilla D, Seamons KE, Winslett M (2004) No registration needed: how to use declarative policies and negotiation to access sensitive resources on the semantic web. In: ESWS. Springer, pp 342–356Google Scholar
  19. Gerbracht S (2008) Possibilities to encrypt an RDF-graph. In: Proceeding of information and communication technologies: from theory to applications, pp 1–6Google Scholar
  20. Giereth M (2005) On partial encryption of RDF-graphs. In: Proceeding of international semantic web conference, vol 3729, pp 308–322Google Scholar
  21. Heitmann B, Hermsen F, Decker S (2017) k-RDF-neighbourhood anonymity: combining structural and attribute-based anonymisation for linked data. In: Proceedings of the 5th workshop on society, privacy and the semantic web – policy and technology (PrivOn2017) (PrivOn). http://ceur-ws.org/Vol-1951/#paper-03
  22. Iannella R, Villata S (2018) ODRL information model 2.2. W3C proposed recommendation, W3C. Available at https://www.w3.org/TR/odrl-model/
  23. Jain A, Farkas C (2006) Secure resource description framework: an access control model. In: Proceedings of the eleventh ACM symposium on access control models and technologies, SACMAT ’06. ACM, pp 121–129. http://doi.acm.org/10.1145/1133058.1133076
  24. Kasten A, Scherp A, Armknecht F, Krause M (2013) Towards search on encrypted graph data. In: Proceeding of the international conference on society, privacy and the semantic web-policy and technology, pp 46–57Google Scholar
  25. Kasten A, Scherp A, Schauß P (2014) A framework for iterative signing of graph data on the web. Springer International Publishing, Cham, pp 146–160.  https://doi.org/10.1007/978-3-319-07443-6_11.Google Scholar
  26. Kirrane S (2015) Linked data with access control. PhD thesis, INSIGHT Centre for Data Analytics, National University of Ireland, Galway. https://aran.library.nuigalway.ie/handle/10379/4903
  27. Kirrane S, Abdelrahman A, Mileo A, Decker S (2013) Secure manipulation of linked data. In: The semantic web – ISWC 2013. Lecture notes in computer science, vol 8218. Springer, Berlin/Heidelberg, pp 248–263.  https://doi.org/10.1007/978-3-642-41335-3_16CrossRefGoogle Scholar
  28. Kirrane S, Mileo A, Decker S (2017) Access control and the resource description framework: a survey. Semant Web 8(2):311–352. http://www.semantic-web-journal.net/system/files/swj1280.pdfCrossRefGoogle Scholar
  29. Laufer C, Schwabe D (2017) On modeling political systems to support the trust process. In: Proceedings of the 5th workshop on society, privacy and the semantic web – policy and technology (PrivOn2017) (PrivOn). http://ceur-ws.org/Vol-1951/#paper-07
  30. Li N, Li T, Venkatasubramanian S (2007) t-closeness: privacy beyond k-anonymity and l-diversity. In: IEEE 23rd international conference on data engineering, ICDE 2007. IEEE, pp 106–115Google Scholar
  31. Lin Z (2016) From isomorphism-based security for graphs to semantics-preserving security for the resource description framework (RDF). Master’s thesis, University of WaterlooGoogle Scholar
  32. Machanavajjhala A, Gehrke J, Kifer D, Venkitasubramaniam M (2006) l-diversity: privacy beyond k-anonymity. In: Proceedings of the 22nd international conference on data engineering, ICDE’06. IEEE, pp 24–24Google Scholar
  33. Manola F, Miller E (2004) RDF primer. W3C recommendation, W3C. Available at http://www.w3.org/TR/rdf-primer/
  34. Menezes AJ, Van Oorschot PC, Vanstone SA (1996) Handbook of applied cryptography. CRC press, Boca RatonzbMATHCrossRefGoogle Scholar
  35. Radulovic F, García Castro R, Gómez-Pérez A (2015) Towards the anonymisation of RDF data.  https://doi.org/10.18293/SEKE2015-167
  36. Reddivari P, Finin T, Joshi A (2005) Policy-based access control for an RDF store. In: Proceedings of the policy management for the web workshop, pp 78–83Google Scholar
  37. Sacco O, Passant A (2011) A privacy preference ontology (PPO) for linked data. In: Linked data on the web, CEUR-WS. http://ceur-ws.org/Vol-813/ldow2011-paper01.pdfGoogle Scholar
  38. Samarati P, Sweeney L (1998) Protecting privacy when disclosing information: k-anonymity and its enforcement through generalization and suppression. Technical report, SRI InternationalGoogle Scholar
  39. Sandhu RS, Samarati P (1994) Access control: principle and practice. IEEE Commun Mag 32(9):40–48CrossRefGoogle Scholar
  40. Seaborne A, Prud’hommeaux E (2008) SPARQL query language for RDF. W3C recommendation, W3C. Available at http://www.w3.org/TR/rdf-sparql-query/
  41. Silva RRC, Leal BC, Brito FT, Vidal VMP, Machado JC (2017) A differentially private approach for querying RDF data of social networks. In: Proceedings of the 21st international database engineering & applications symposium, IDEAS 2017. ACM, New York, pp 74–81. http://doi.acm.org/10.1145/3105831.3105838CrossRefGoogle Scholar
  42. Sporny M, Inkster T, Story H, Harbulot B, Bachmann-Gmr R (2011) WebID 1.0 – web identification and discovery. W3C working draft, W3C. Available at http://www.w3.org/2005/Incubator/webid/spec/
  43. Steyskal S, Kirrane S (2015) If you can’t enforce it, contract it: enforceability in policy-driven (linked) data markets. In: SEMANTiCS (posters & demos), pp 63–66Google Scholar
  44. Steyskal S, Polleres A (2014) Defining expressive access policies for linked data using the odrl ontology 2.0. In: Proceedings of the 10th international conference on semantic systems. ACM, pp 20–23Google Scholar
  45. Villata S, Delaforge N, Gandon F, Gyrard A (2011) An access control model for linked data. In: On the move to meaningful internet systems: OTM 2011 workshops, pp 454–463CrossRefGoogle Scholar
  46. W3C (n.d.) Webaccesscontrol. Available at https://www.w3.org/wiki/WebAccessControl. Accessed 13 Jan 2018

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Vienna University of Economics and BusinessViennaAustria