Skip to main content
Springer Nature Link
Log in

Authorization Proxy for SPARQL Endpoints

  • Conference paper
  • First Online:
ICT Innovations 2017 (ICT Innovations 2017)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 778))

Included in the following conference series:

Abstract

A large number of emerging services expose their data using various Application Programming Interfaces (APIs). Consuming and fusing data form various providers is a challenging task, since separate client implementation is usually required for each API. The Semantic Web provides a set of standards and mechanisms for unifying data representation on the Web, as well as means of uniform access via its query language – SPARQL. However, the lack of data protection mechanisms for the SPARQL query language and its HTTP-based data access protocol might be the main reason why it is not widely accepted as a data exchange and linking mechanism. This paper presents an authorization proxy that solves this problem using query interception and rewriting. For a given client, it solely returns the permitted data for the requested query, defined via a flexible policy language that combines the RDF and SPARQL standards for policy definition.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    https://www.w3.org/TR/sparql11-protocol/.

  2. 2.

    https://www.w3.org/TR/sparql11-query/.

  3. 3.

    https://www.w3.org/TR/sparql11-federated-query/.

  4. 4.

    https://oauth.net/2/.

  5. 5.

    https://www.w3.org/wiki/WebID.

  6. 6.

    https://www.w3.org/TR/rdf-sparql-query/.

  7. 7.

    https://www.w3.org/RDF/.

  8. 8.

    The query can be obtained from a request parameter or header, which is configurable in this system.

  9. 9.

    The explanation can be turned on/off, and header name can also changed using the proxy’s configuration.

  10. 10.

    Jena ARQ algebra transformer http://bit.ly/2rgvvLw.

  11. 11.

    Two quad pattern are matched if all of their element match, which is the case when at least one of those elements is a variable, or when they are same.

  12. 12.

    Here hq[i] denotes the i-th element of the policy’s p:head_quad.

  13. 13.

    https://github.com/ristes/univ-datasets/ont/univ.owl.

  14. 14.

    The Listings 4.8 and 4.7 omit the quad’s graph element for simplicity.

References

  1. Abel, F., De Coi, J.L., Henze, N., Koesling, A.W., Krause, D., Olmedilla, D.: Enabling advanced and context-dependent access control in RDF stores. In: Aberer, K., et al. (eds.) ASWC/ISWC -2007. LNCS, vol. 4825, pp. 1–14. Springer, Heidelberg (2007). doi:10.1007/978-3-540-76298-0_1

    Chapter  Google Scholar 

  2. Chen, W., Stuckenschmidt, H.: A model-driven approach to enable access control for ontologies. Wirtschaftsinformatik 1, 663–672 (2009)

    Google Scholar 

  3. Dietzold, S., Auer, S.: Access control on RDF triple stores from a semantic wiki perspective. In: ESWC Workshop on Scripting for the Semantic Web, Citeseer (2006)

    Google Scholar 

  4. Flouris, G., Fundulaki, I., Michou, M., Antoniou, G.: Controlling access to RDF graphs. In: Berre, A.J., Gómez-Pérez, A., Tutschku, K., Fensel, D. (eds.) FIS 2010. LNCS, vol. 6369, pp. 107–117. Springer, Heidelberg (2010). doi:10.1007/978-3-642-15877-3_12

    Chapter  Google Scholar 

  5. Franzoni, S., Mazzoleni, P., Valtolina, S., Bertino, E.: Towards a fine-grained access control model and mechanisms for semantic databases. In: IEEE International Conference on Web Services (ICWS 2007), pp. 993–1000. IEEE (2007)

    Google Scholar 

  6. Godik, S., Anderson, A., Parducci, B., Humenn, P., Vajjhala, S.: Oasis extensible access control 2 markup language (xacml), vol. 3. Technical report, OASIS (2002)

    Google Scholar 

  7. Gutierrez, F.: Pro Spring Boot. Springer, Heidelberg (2016)

    Book  Google Scholar 

  8. Heath, T., Bizer, C.: Linked data: evolving the web into a global data space. Synth. Lect. Semant. Web Theor. Technol. 1(1), 1–136 (2011)

    Article  Google Scholar 

  9. Hollenbach, J., Presbrey, J., Berners-Lee, T.: Using rdf metadata to enable access control on the social semantic web. In: Proceedings of the Workshop on Collaborative Construction, Management and Linking of Structured Knowledge (CK 2009), vol. 514 (2009)

    Google Scholar 

  10. Kirrane, S.: Linked data with access control. Ph.D. thesis (2015)

    Google Scholar 

  11. Lopes, N., Kirrane, S., Zimmermann, A., Polleres, A., Mileo, A.: A logic programming approach for acess control over RDF. Ph.D. thesis (2012)

    Google Scholar 

  12. Muhleisen, H., Kost, M., Freytag, J.-C.: SWRL-based access policies for linked data. In: Procs of SPOT, vol. 80 (2010)

    Google Scholar 

  13. Oulmakhzoune, S., Cuppens-Boulahia, N., Cuppens, F., Morucci, S.: fQuery: SPARQL query rewriting to enforce data confidentiality. In: Foresti, S., Jajodia, S. (eds.) DBSec 2010. LNCS, vol. 6166, pp. 146–161. Springer, Heidelberg (2010). doi:10.1007/978-3-642-13739-6_10

    Chapter  Google Scholar 

  14. Padia, A., Finin, T., Joshi, A.: Attribute-based fine grained access control for triple stores. In: 14th International Semantic Web Conference (2015)

    Google Scholar 

  15. Scarioni, C.: Pro Spring Security. Apress, Berkeley (2013)

    Book  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Faculty of Computer Science and Engineering, Ss. Cyril and Methodius University in Skopje, Skopje, Macedonia

    Riste Stojanov & Milos Jovanovik

Authors
  1. Riste Stojanov
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Milos Jovanovik
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Riste Stojanov .

Editor information

Editors and Affiliations

  1. Computer Science and Engineering, Ss. Cyril and Methodius University, Skopje, Macedonia

    Dimitar Trajanov

  2. Computer Science and Engineering, Ss. Cyril and Methodius University , Skopje, Macedonia

    Verica Bakeva

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Stojanov, R., Jovanovik, M. (2017). Authorization Proxy for SPARQL Endpoints. In: Trajanov, D., Bakeva, V. (eds) ICT Innovations 2017. ICT Innovations 2017. Communications in Computer and Information Science, vol 778. Springer, Cham. https://doi.org/10.1007/978-3-319-67597-8_20

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-67597-8_20

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-67596-1

  • Online ISBN: 978-3-319-67597-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation