Policy-Based Access Control for an RDF Store

No Thumbnail Available

Links to Files

https://ebiquity.umbc.edu/paper/html/id/334/Policy-Based-Access-Control-for-an-RDF-Store

Permanent Link

http://hdl.handle.net/11603/12111

Collections

UMBC Computer Science and Electrical Engineering Department
UMBC Faculty Collection

Author/Creator

Author/Creator ORCID

Date

2007-01-07

Type of Work

conference papers and proceedings preprints
Text

Department

Program

Citation of Original Publication

Rights

This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.

Subjects

Policy-Based
Resource Description Format (RDF)
Semantic Web
UMBC Ebiquity Research Group

Abstract

Specialized stores for RDF data are essential parts of many Semantic Web applications. Current RDF stores have primarily focused on efficiently storing and querying large volumes of data and little attention has been given other features common to many database systems, including how information can updated and maintained or access to data controlled. The problem is complicated by the fact that the addition or deletion of a simple fact (i.e., an RDF triple) are not atomic since they can trigger reasoning that can result in adding or deleting derived triples. Current access control mechanisms for RDF stores largely ignore this aspect. We describe a policy based mechanism to determine access control for an RDF store. RAP is a prototype implementation of an RDF store with integrated maintenance capabilities and access control using user defined policies. All actions to the store are routed through RAP policy engine, to determine whether the action is permitted or prohibited. In the RAP framework, the same RDF store is also used to store the policy, as well as metadata about the triples, allowing greater range in policy specification.