Abstract
The Semantic Web gives users and applications the ability to access and retrieve decentralized resources which may be stored in triplestores. This paper describes a simple identification protocol dedicated to triplestores which is universal and appropriate for the distributed environment. We propose a mechanism based on the HTTP standard, extended with OAuth Protocol and Semantic Web ontology. One can optionally adopt Transport Layer Security protocol. We present a scalable method that allows user authentication and authorization to triplestores with data integrity and confidentiality. The identification mechanism enables users to access triplestore data without disclosing authentication and authorization data.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Prud’hommeaux, E., Seaborne, A.: SPARQL Query Language for RDF, World Wide Web Consortium (2008)
Schenk, S., Gearon P., Passant A.: SPARQL 1.1 Update, World Wide Web Consortium (2010)
Klyne, G., Carroll, J.J.: Resource Description Framework (RDF): Concepts and Abstract Syntax. World Wide Web Consortium (2004)
Carroll, J.J., Bizer, C., Hayes, P., Stickler, P.: Named graphs, provenance and trust. In: 14th International Conference on World Wide Web. ACM, New York (2005)
Hammer-Lahav, E.: The OAuth 1.0 Protocol. Internet Engineering Task Force (2010)
Mykletun, E., Narasimha, M., Tsudik, G.: Authentication and integrity in outsourced databases. ACM Transactions on Storage (2006)
Li, F., Hadjieleftheriou, M., Kollios, G., Reyzin, L.: Dynamic authenticated index structures for outsourced databases. In: Special Interest Group on Management Of Data. ACM, New York (2006)
Bertino, E., Haas, L.M.: Views and security in distributed database management systems. In: Schmidt, J.W., Missikoff, M., Ceri, S. (eds.) EDBT 1988. LNCS, vol. 303, Springer, Heidelberg (1988)
Ahn, G., Sandhu, R.: Role-based authorization constraints specification. ACM Transactions on Information and System Security, TISSEC (2000)
Hacigümüş, H., Iyer, B., Li, C., Mehrotra, S.: Efficient execution of aggregation queries over encrypted relational databases. Database systems for Advanced Applications (2004)
Paraboschi, S., Samarati, P.: Regarding access to semistructured information on the web. In: 16th IFIP TC11 Annual Working Conference on Information Security: Information Security for Global Information Infrastrukture (2000)
Bertino, E., Castano, S., Ferrari, E., Mesiti, M.: Controlled access and dissemination of XML documents. In: WIDM 1999 Proceedings of the 2nd International Workshop on Web Information and Data Management. ACM, New York (1999)
Jajodia, S., Kudo, M., Subrahmanian, V.S.: Provisional authorizations. E-commerce Security and Privacy (2001)
Recordon, D., Reed, D.: OpenID 2.0: a platform for user-centric identity management. In: The Second ACM Workshop on Digital Identity Management. ACM, New York (2006)
Kaila, P.: OAuth and OpenID 2.0. The Seminar on network security (2008)
Cantor, S., Kemp, J., Philpott, R., Maler, E.: Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0. Organization for the Advancement of Structured Information Standard (2005)
Moses, T.: eXtensible Access Control Markup Language (XACML) Version 2.0, Organization for the Advancement of Structured Information Standard (2005)
Reddivari, P., Finin, T., Joshi, A.: Policy based Access Control for a RDF Store. In: Proceedings of the Policy Management for the Web Workshop (2005)
Abel, F., Luca De Coi, J., Henze, N., Koesling, A.W., Krause, D., Olmedilla, D.: Enabling advanced and context-dependent access control in RDF stores. In: Aberer, K., Choi, K.-S., Noy, N., Allemang, D., Lee, K.-I., Nixon, L.J.B., Golbeck, J., Mika, P., Maynard, D., Mizoguchi, R., Schreiber, G., Cudré-Mauroux, P. (eds.) ASWC 2007 and ISWC 2007. LNCS, vol. 4825, pp. 1–14. Springer, Heidelberg (2007)
Kim, J., Jung, K., Park, S.: An introduction to authorization conflict problem in RDF access control. In: Lovrek, I., Howlett, R.J., Jain, L.C. (eds.) KES 2008, Part II. LNCS (LNAI), vol. 5178, pp. 583–592. Springer, Heidelberg (2008)
Jain, A., Farkas, C.: Secure resource description framework: an access control model. In: 11th ACM Symposium on Access Control Models and Technologies. ACM, New York (2006)
Golbeck, J., Parsia, B., Hendler, J.: Trust networks on the semantic web. In: Klusch, M., Omicini, A., Ossowski, S., Laamanen, H. (eds.) CIA 2003. LNCS(LNAI), vol. 2782, pp. 238–249. Springer, Heidelberg (2003)
Richardson, M., Agrawal, R., Domingos, P.: Trust management for the semantic web. In: Fensel, D., Sycara, K., Mylopoulos, J. (eds.) ISWC 2003. LNCS, vol. 2870, pp. 351–368. Springer, Heidelberg (2003)
Story, H., Harbulot, B., Jacobi, I., Jones, M.: FOAF+SSL: RESTful Authentication for the Social Web. In: European Semantic Web Conference (2009)
Gamble, M., Goble, C.: Standing on the Shoulders of the Trusted Web: Trust, Scholarship and Linked Data. In: Web Science Conference (2010)
Khare, R., Rifkin, A.: Weaving a Web of trust. World Wide Web Journal - Special issue: Web security: a matter of trust (1997)
Bizer, C., Heath, T., Berners-Lee, T.: Linked Data - The Story So Far. International Journal on Semantic Web and Information Systems (2009)
Brickley, D., Miller, L.: FOAF Vocabulary Specification 0.98. FOAF Project (2010)
Beckett, D., Berners-Lee, T.: Turtle - Terse RDF Triple Language. In: World Wide Web Consortium (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Tomaszuk, D., Rybiński, H. (2011). OAuth+UAO: A Distributed Identification Mechanism for Triplestores. In: Jędrzejowicz, P., Nguyen, N.T., Hoang, K. (eds) Computational Collective Intelligence. Technologies and Applications. ICCCI 2011. Lecture Notes in Computer Science(), vol 6922. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-23935-9_27
Download citation
DOI: https://doi.org/10.1007/978-3-642-23935-9_27
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-23934-2
Online ISBN: 978-3-642-23935-9
eBook Packages: Computer ScienceComputer Science (R0)