Abstract
Data provides the basis for emerging scientific and interdisciplinary data-centric applications with the potential of improving the quality of life for the citizens. However, effective data-centric applications demand data management techniques able to process a large volume of data which may include sensitive data, e.g., financial transactions, medical procedures, or personal data. Managing sensitive data requires the enforcement of privacy and access control regulations, particularly, during the execution of queries against datasets that include sensitive and non-sensitive data. In this paper, we tackle the problem of enforcing privacy regulations during query processing, and propose BOUNCER, a privacy-aware query engine over federations of RDF datasets. BOUNCER allows for the description of RDF datasets in terms of RDF molecule templates, i.e., abstract descriptions of the properties of the entities in an RDF dataset and their privacy regulations. Furthermore, BOUNCER implements query decomposition and optimization techniques able to identify query plans over RDF datasets that not only contain the relevant entities to answer a query, but that are also regulated by policies that allow for accessing these relevant entities. We empirically evaluate the effectiveness of the BOUNCER privacy-aware techniques over state-of-the-art benchmarks of RDF datasets. The observed results suggest that BOUNCER can effectively enforce access control regulations at different granularity without impacting the performance of query processing.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
Predicates \(project(Di, p_{ij}, C_{ij})\), \(join\_fed(Di, p_{ij}, C_{ij})\) and \(join\_local(Di, p_{ij}, C_{ij})\) are part of T for all properties in triple patterns in Q that can be answered by Di.
- 2.
For readability, \(\text {UNION}_{di\in SD+i}\) represents SPARQL UNION operator.
- 3.
SERVICE corresponds to the SPARQL SERVICE clause.
- 4.
DJOIN- is a dependent JOIN [14].
References
Acosta, M., Vidal, M.-E., Lampo, T., Castillo, J., Ruckhaus, E.: ANAPSID: an adaptive query processing engine for SPARQL endpoints. In: Aroyo, L., et al. (eds.) ISWC 2011. LNCS, vol. 7031, pp. 18–34. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25073-6_2
Amini, M., Jalili, R.: Multi-level authorisation model and framework for distributed semantic-aware environments. IET Inf. Secur. 4(4), 301–321 (2010)
Bater, J., Elliott, G., Eggen, C., Goel, S., Kho, A., Rogers, J.: SMCQL: secure querying for federated databases. Proc. VLDB Endow. 10(6), 673–684 (2017)
Bonatti, P.A., Olmedilla, D.: Rule-based policy representation and reasoning for the semantic web. In: Antoniou, G., et al. (eds.) Reasoning Web 2007. LNCS, vol. 4636, pp. 240–268. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74615-7_4
Costabello, L., Villata, S., Gandon, F.: Context-aware access control for RDF graph stores. In: ECAI-20th European Conference on Artificial Intelligence (2012)
De Capitani, S., di Vimercati, S., Foresti, S., Jajodia, S.P., Samarati, P.: Authorization enforcement in distributed query evaluation. JCS 19(4), 751–794 (2011)
Endris, K.M., Galkin, M., Lytra, I., Mami, M.N., Vidal, M.-E., Auer, S.: MULDER: querying the linked data web by bridging RDF molecule templates. In: Benslimane, D., Damiani, E., Grosky, W.I., Hameurlain, A., Sheth, A., Wagner, R.R. (eds.) DEXA 2017. LNCS, vol. 10438, pp. 3–18. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-64468-4_1
Khan, Y., et al.: SAFE: SPARQL federation over RDF data cubes with access control. J. Biomed. Semant. 8(1) (2017)
Kirrane, S., Abdelrahman, A., Mileo, A., Decker, S.: Secure manipulation of linked data. In: Alani, H., et al. (eds.) ISWC 2013. LNCS, vol. 8218, pp. 248–263. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-41335-3_16
Kost, M., Freytag, J.-C.: SWRL-based access policies for linked data (2010)
Schwarte, A., Haase, P., Hose, K., Schenkel, R., Schmidt, M.: FedX: optimization techniques for federated query processing on linked data. In: Aroyo, L., et al. (eds.) ISWC 2011. LNCS, vol. 7031, pp. 601–616. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25073-6_38
Unbehauen, J., Frommhold, M., Martin, M.: Enforcing scalable authorization on SPARQL queries. In: SEMANTiCS (Posters, Demos, SuCCESS) (2016)
Vidal, M.-E., Ruckhaus, E., Lampo, T., Martínez, A., Sierra, J., Polleres, A.: Efficiently joining group patterns in SPARQL queries. In: Aroyo, L., et al. (eds.) ESWC 2010. LNCS, vol. 6088, pp. 228–242. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13486-9_16
Zadorozhny, V., Raschid, L., Vidal, M., Urhan, T., Bright, L.: Efficient evaluation of queries in a mediator for websources. In: ACM SIGMOD (2002)
Acknowledgements
This work has been funded by the EU H2020 RIA under the Marie Skłodowska-Curie grant agreement No. 642795 (WDAqua) and EU H2020 Programme for the project No. 727658 (IASIS).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Endris, K.M., Almhithawi, Z., Lytra, I., Vidal, ME., Auer, S. (2018). BOUNCER: Privacy-Aware Query Processing over Federations of RDF Datasets. In: Hartmann, S., Ma, H., Hameurlain, A., Pernul, G., Wagner, R. (eds) Database and Expert Systems Applications. DEXA 2018. Lecture Notes in Computer Science(), vol 11029. Springer, Cham. https://doi.org/10.1007/978-3-319-98809-2_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-98809-2_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-98808-5
Online ISBN: 978-3-319-98809-2
eBook Packages: Computer ScienceComputer Science (R0)