Securing Access to Sensitive RDF Data

Publication Date: 
Wednesday, 28 May, 2014
Published in: 
European Semantic Web Conference 2014 (ESWC2014)
V. Papakonstantinou, G. Flouris, I. Fundulaki, and H. Kondylakis.

Given the increasing amount of sensitive RDF data available on theWeb, it becomes critical to guarantee secure access to this content. The problem becomes even more challenging in the presence of RDFS inference, where inferred knowledge needs to be protected in the same way as explicit one. State of the art models for RDF access control annotate triples with concrete values that denote whether a triple can be accessed or not. In such approaches, the computation of the corresponding values
for the inferred triples is hard-coded; this creates several problems in the presence of updates in the data, or, most importantly, when the access control policies change. We answer the above challenges by proposing an abstract model where the access labels are abstract tokens, and the computation of inferred labels is modelled through abstract operators. We demonstrate our model through the HACEA (Health Access Control Enforcement Application) that provides simple access control/privacy functionalities in the context of a medical use case.

PDF icon eswc2014pd_submission_14.pdf456.68 KB
PDF icon Poster_Flouris.pdf284.8 KB