Abstract Access Control Model for Dynamic RDF Datasets

author: Irini Fundulaki, Foundation for Research and Technology - Hellas (FORTH)
published: July 16, 2012,   recorded: June 2012,   views: 3348
Categories

Slides

Related content

Report a problem or upload files

If you have found a problem with this lecture or would like to send us extra material, articles, exercises, etc., please use our ticket system to describe your request and upload the data.
Enter your e-mail into the 'Cc' field, and we will keep you updated with your request's status.
Lecture popularity: You need to login to cast your vote.
  Delicious Bibliography

Description

Given the increasing amount of sensitive RDF data available on the Web, it becomes increasingly critical to guarantee secure access to this content. Access control is complicated when RDFS inference rules and other dependencies between access permissions of triples need to be considered; this is necessary, e.g., when we want to associate the access permissions of inferred triples with the access permissions of the ones that contributed to the implication of the former. The standard way to enforce selective access to sensitive information is using access control tags.

Unfortunately, this simple scheme is problematic in the above setting, because after every change in the dataset, or in the access control tags, one has to recompute the access permissions for the entire dataset. To address this problem, we consider abstract access control models, which use abstract tokens and operators to describe the access permission of a triple. This way, the access label of a triple is a complex expression that encodes how said label was produced. This allows us to know exactly the effects of any possible change, thereby avoiding a complete recomputation of the labels after a change. An additional side-effect of our approach is that it allows the simultaneous enforcement of different access control policies by different applications accessing the same data, as well as the easy experimentation with different policies by the same application. This is achieved using the different concretization of the access labels and operators through concrete access control policies, that are used to determine the access permissions of triples.

See Also:

Download slides icon Download slides: dataforum2012_fundulaki_rdf_datasets_01.pdf (668.4 KB)


Help icon Streaming Video Help

Link this page

Would you like to put a link to this lecture on your homepage?
Go ahead! Copy the HTML snippet !

Write your own review or comment:

make sure you have javascript enabled or clear this field: