Abstract
A large number of emerging services expose their data using various Application Programming Interfaces (APIs). Consuming and fusing data form various providers is a challenging task, since separate client implementation is usually required for each API. The Semantic Web provides a set of standards and mechanisms for unifying data representation on the Web, as well as means of uniform access via its query language – SPARQL. However, the lack of data protection mechanisms for the SPARQL query language and its HTTP-based data access protocol might be the main reason why it is not widely accepted as a data exchange and linking mechanism. This paper presents an authorization proxy that solves this problem using query interception and rewriting. For a given client, it solely returns the permitted data for the requested query, defined via a flexible policy language that combines the RDF and SPARQL standards for policy definition.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
The query can be obtained from a request parameter or header, which is configurable in this system.
- 9.
The explanation can be turned on/off, and header name can also changed using the proxy’s configuration.
- 10.
Jena ARQ algebra transformer http://bit.ly/2rgvvLw.
- 11.
Two quad pattern are matched if all of their element match, which is the case when at least one of those elements is a variable, or when they are same.
- 12.
Here hq[i] denotes the i-th element of the policy’s p:head_quad.
- 13.
- 14.
The Listings 4.8 and 4.7 omit the quad’s graph element for simplicity.
References
Abel, F., De Coi, J.L., Henze, N., Koesling, A.W., Krause, D., Olmedilla, D.: Enabling advanced and context-dependent access control in RDF stores. In: Aberer, K., et al. (eds.) ASWC/ISWC -2007. LNCS, vol. 4825, pp. 1–14. Springer, Heidelberg (2007). doi:10.1007/978-3-540-76298-0_1
Chen, W., Stuckenschmidt, H.: A model-driven approach to enable access control for ontologies. Wirtschaftsinformatik 1, 663–672 (2009)
Dietzold, S., Auer, S.: Access control on RDF triple stores from a semantic wiki perspective. In: ESWC Workshop on Scripting for the Semantic Web, Citeseer (2006)
Flouris, G., Fundulaki, I., Michou, M., Antoniou, G.: Controlling access to RDF graphs. In: Berre, A.J., Gómez-Pérez, A., Tutschku, K., Fensel, D. (eds.) FIS 2010. LNCS, vol. 6369, pp. 107–117. Springer, Heidelberg (2010). doi:10.1007/978-3-642-15877-3_12
Franzoni, S., Mazzoleni, P., Valtolina, S., Bertino, E.: Towards a fine-grained access control model and mechanisms for semantic databases. In: IEEE International Conference on Web Services (ICWS 2007), pp. 993–1000. IEEE (2007)
Godik, S., Anderson, A., Parducci, B., Humenn, P., Vajjhala, S.: Oasis extensible access control 2 markup language (xacml), vol. 3. Technical report, OASIS (2002)
Gutierrez, F.: Pro Spring Boot. Springer, Heidelberg (2016)
Heath, T., Bizer, C.: Linked data: evolving the web into a global data space. Synth. Lect. Semant. Web Theor. Technol. 1(1), 1–136 (2011)
Hollenbach, J., Presbrey, J., Berners-Lee, T.: Using rdf metadata to enable access control on the social semantic web. In: Proceedings of the Workshop on Collaborative Construction, Management and Linking of Structured Knowledge (CK 2009), vol. 514 (2009)
Kirrane, S.: Linked data with access control. Ph.D. thesis (2015)
Lopes, N., Kirrane, S., Zimmermann, A., Polleres, A., Mileo, A.: A logic programming approach for acess control over RDF. Ph.D. thesis (2012)
Muhleisen, H., Kost, M., Freytag, J.-C.: SWRL-based access policies for linked data. In: Procs of SPOT, vol. 80 (2010)
Oulmakhzoune, S., Cuppens-Boulahia, N., Cuppens, F., Morucci, S.: fQuery: SPARQL query rewriting to enforce data confidentiality. In: Foresti, S., Jajodia, S. (eds.) DBSec 2010. LNCS, vol. 6166, pp. 146–161. Springer, Heidelberg (2010). doi:10.1007/978-3-642-13739-6_10
Padia, A., Finin, T., Joshi, A.: Attribute-based fine grained access control for triple stores. In: 14th International Semantic Web Conference (2015)
Scarioni, C.: Pro Spring Security. Apress, Berkeley (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Stojanov, R., Jovanovik, M. (2017). Authorization Proxy for SPARQL Endpoints. In: Trajanov, D., Bakeva, V. (eds) ICT Innovations 2017. ICT Innovations 2017. Communications in Computer and Information Science, vol 778. Springer, Cham. https://doi.org/10.1007/978-3-319-67597-8_20
Download citation
DOI: https://doi.org/10.1007/978-3-319-67597-8_20
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-67596-1
Online ISBN: 978-3-319-67597-8
eBook Packages: Computer ScienceComputer Science (R0)