research-article

Towards fine grained RDF access control

Authors:

Jyothsna Rachapalli,

Vaibhav Khadilkar,

Murat Kantarcioglu,

Bhavani ThuraisinghamAuthors Info & Claims

SACMAT '14: Proceedings of the 19th ACM symposium on Access control models and technologies

Pages 165 - 176

https://doi.org/10.1145/2613087.2613092

Published: 25 June 2014 Publication History

Abstract

The Semantic Web is envisioned as the future of the current web, where the information is enriched with machine understandable semantics. According to the World Wide Web Consortium (W3C), "The Semantic Web provides a common framework that allows data to be shared and reused across application, enterprise, and community boundaries". Among the various technologies that empower Semantic Web, the most significant ones are Resource Description Framework (RDF) and SPARQL, which facilitate data integration and a means to query respectively. Although Semantic Web is elegantly and effectively equipped for data sharing and integration via RDF, lack of efficient means to securely share data pose limitations in practice. In order to make data sharing and integration pragmatic for Semantic Web, we present a query language based secure data sharing mechanism. We extend SPARQL with a new query form called SANITIZE which comprises a set of sanitization operations that are used to sanitize or mask sensitive data within an RDF graph. The sanitization operations can be further leveraged towards RDF access control and anonymization, thus enabling secure sharing of RDF data.

References

[1]

S. Chaudhuri, R. Kaushik, and R. Ramamurthy. Database Access Control and Privacy: Is there a common ground? In CIDR, 2011.

[2]

R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-Based Access Control Models. Computer, 29(2):38--47, February 1996.

Digital Library

[3]

S. Jajodia, P. Samarati, M. L. Sapino, and V. S. Subrahmanian. Flexible support for multiple access control policies. ACM Trans. Database Syst., 26(2), 2001.

Digital Library

[4]

M. Bishop. Introduction to Computer Security. Addison-Wesley Professional, 2004.

Digital Library

[5]

L. Sweeney. k-anonymity: A model for protecting privacy. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, 10(05):557--570, 2002.

Digital Library

[6]

C. Dwork. Differential privacy. Automata, languages and programming, 2006.

Digital Library

[7]

Oracle. Fine-Grained Access Control for RDF Data. http://goo.gl/WJSNB.

[8]

L. Kagal, T. W. Finin, and A. Joshi. A Policy Based Approach to Security for the Semantic Web. In ISWC, 2003.

Digital Library

[9]

T. W. Finin, A. Joshi, L. Kagal, J. Niu, R. S. Sandhu, W. H. Winsborough, and B. M. Thuraisingham. R OWL BAC: Representing Role Based Access Control in OWL. In SACMAT, 2008.

Digital Library

[10]

J. Hollenbach, J. Presbrey, and T. Berners-Lee. Using RDF Metadata To Enable Access Control on the Social Semantic Web. In CK2009, volume 514, 2009.

[11]

B. Carminati, E. Ferrari, R. Heatherly, M. Kantarcioglu, and B. Thuraisingham. A semantic web based framework for social network access control. In SACMAT, 2009.

Digital Library

[12]

S. H. Garlik, A. Seaborne, and E. Prud'hommeaux. SPARQL 1.1 Query Language. http://www.w3.org/TR/sparql11-query/.

[13]

O. Lassila, R. R. Swick, and World Wide Web Consortium. Resource Description Framework (RDF) Model and Syntax Specification, 1998.

[14]

L. Moreau, B. Clifford, and J. Freire et. al. The Open Provenance Model core specification (v1.1). Future Generation Computer Systems (FGCS), 27, 2011.

Digital Library

[15]

O. Hartig and J. Zhao. Provenance Vocabulary Core Ontology Specification, 2010.

[16]

J. Péerez, M. Arenas, and C. Gutierrez. Semantics and Complexity of SPARQL. In ISWC, 2006.

Digital Library

[17]

M. Arenas, S. Conca, and J. Pérez. Counting beyond a Yottabyte, or how SPARQL 1.1 property paths will prevent adoption of the standard. In WWW, 2012.

Digital Library

[18]

D. A. Schmidt. Denotational semantics: A methodology for language development. William C. Brown Publishers, Dubuque, IA, USA, 1986.

Digital Library

[19]

T. Cadenhead, V. Khadilkar, M. Kantarcioglu, and B. Thuraisingham. A Language for Provenance Access Control. In CODASPY. ACM, 2011.

Digital Library

[20]

M. Bishop, J. Cummins, S. Peisert, A. Singh, B. Bhumiratana, and D. A. Agarwal. Relationships and Data Sanitization: A Study in Scarlet. In NSPW, 2010.

Digital Library

[21]

R. Horne, V. Sassone, and N. Gibbins. Operational Semantics for SPARQL Update. In JIST, 2011.

Digital Library

[22]

T. Cadenhead, V. Khadilkar, M. Kantarcioglu, and B. Thuraisingham. Transforming Provenance using Redaction. In SACMAT, 2011.

Digital Library

Cited By

Padmaja KSeshadri R(2019)Analytics on real time security attacks in healthcare, retail and banking applications in the cloudEvolutionary Intelligence10.1007/s12065-019-00337-zOnline publication date: 18-Dec-2019
https://doi.org/10.1007/s12065-019-00337-z
Lin ZTripunitara MAhn GPretschner AGhinita G(2017)Graph Automorphism-Based, Semantics-Preserving Security for the Resource Description Framework (RDF)Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy10.1145/3029806.3029827(337-348)Online publication date: 22-Mar-2017
https://dl.acm.org/doi/10.1145/3029806.3029827
Sayah TCoquery EThion RHacid M(2015)Inference Leakage Detection for Authorization Policies over RDF DataData and Applications Security and Privacy XXIX10.1007/978-3-319-20810-7_24(346-361)Online publication date: 23-Jun-2015
https://doi.org/10.1007/978-3-319-20810-7_24
Show More Cited By

Index Terms

Towards fine grained RDF access control
1. Security and privacy
  1. Security services
    1. Access control
  2. Systems security
    1. Operating systems security
2. Software and its engineering
  1. Software notations and tools
    1. General programming languages
      1. Language features
        Data types and structures

Recommendations

REDACT: a framework for sanitizing RDF data
WWW '13 Companion: Proceedings of the 22nd International Conference on World Wide Web

Resource Description Framework (RDF) is the foundational data model of the Semantic Web, and is essentially designed for integration of heterogeneous data from varying sources. However, lack of security features for managing sensitive RDF data while ...
RDF-X: a language for sanitizing RDF graphs
WWW '14 Companion: Proceedings of the 23rd International Conference on World Wide Web

With the advent of Semantic Web and Resource Description Framework (RDF), the web is likely to witness an unprecedented wealth of knowledge, resulting from seamless integration of various data sources. Data integration is one of the key features of RDF, ...
The RDF foundry: call for an initiative to build enhanced RDF resources for biological data integration
WIMS '11: Proceedings of the International Conference on Web Intelligence, Mining and Semantics

Currently, the OBO Foundry plays an important role by setting guidelines to formalise the concepts within the biomedical domain. The ontologies within the OBO Foundry are usually represented in the OBO ontology language. While being human-readable, this ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SACMAT '14: Proceedings of the 19th ACM symposium on Access control models and technologies

June 2014

234 pages

ISBN:9781450329392

DOI:10.1145/2613087

General Chair:
Sylvia Osborn
University of Western Ontario, Canada
,
Program Chairs:
Mahesh V. Tripunitara
University of Waterloo, Canada
,
Ian M. Molloy
IBM Research, USA

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 25 June 2014

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Conference

SACMAT '14

Sponsor:

SIGSAC

SACMAT '14: 19th ACM Symposium on Access Control Models and Technologies

June 25 - 27, 2014

Ontario, London, Canada

Acceptance Rates

SACMAT '14 Paper Acceptance Rate 17 of 58 submissions, 29%;

Overall Acceptance Rate 177 of 597 submissions, 30%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
196
Total Downloads

Downloads (Last 12 months)5
Downloads (Last 6 weeks)0

Reflects downloads up to 30 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Padmaja KSeshadri R(2019)Analytics on real time security attacks in healthcare, retail and banking applications in the cloudEvolutionary Intelligence10.1007/s12065-019-00337-zOnline publication date: 18-Dec-2019
https://doi.org/10.1007/s12065-019-00337-z
Lin ZTripunitara MAhn GPretschner AGhinita G(2017)Graph Automorphism-Based, Semantics-Preserving Security for the Resource Description Framework (RDF)Proceedings of the Seventh ACM on Conference on Data and Application Security and Privacy10.1145/3029806.3029827(337-348)Online publication date: 22-Mar-2017
https://dl.acm.org/doi/10.1145/3029806.3029827
Sayah TCoquery EThion RHacid M(2015)Inference Leakage Detection for Authorization Policies over RDF DataData and Applications Security and Privacy XXIX10.1007/978-3-319-20810-7_24(346-361)Online publication date: 23-Jun-2015
https://doi.org/10.1007/978-3-319-20810-7_24
Rachapalli JKhadilkar VKantarcioglu MThuraisingham BOsborn STripunitara MMolloy I(2014)Redaction based RDF access control languageProceedings of the 19th ACM symposium on Access control models and technologies10.1145/2613087.2613108(177-180)Online publication date: 25-Jun-2014
https://dl.acm.org/doi/10.1145/2613087.2613108

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents