ABSTRACT
The Semantic Web is envisioned as the future of the current web, where the information is enriched with machine understandable semantics. According to the World Wide Web Consortium (W3C), "The Semantic Web provides a common framework that allows data to be shared and reused across application, enterprise, and community boundaries". Among the various technologies that empower Semantic Web, the most significant ones are Resource Description Framework (RDF) and SPARQL, which facilitate data integration and a means to query respectively. Although Semantic Web is elegantly and effectively equipped for data sharing and integration via RDF, lack of efficient means to securely share data pose limitations in practice. In order to make data sharing and integration pragmatic for Semantic Web, we present a query language based secure data sharing mechanism. We extend SPARQL with a new query form called SANITIZE which comprises a set of sanitization operations that are used to sanitize or mask sensitive data within an RDF graph. The sanitization operations can be further leveraged towards RDF access control and anonymization, thus enabling secure sharing of RDF data.
- S. Chaudhuri, R. Kaushik, and R. Ramamurthy. Database Access Control and Privacy: Is there a common ground? In CIDR, 2011.Google Scholar
- R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-Based Access Control Models. Computer, 29(2):38--47, February 1996. Google ScholarDigital Library
- S. Jajodia, P. Samarati, M. L. Sapino, and V. S. Subrahmanian. Flexible support for multiple access control policies. ACM Trans. Database Syst., 26(2), 2001. Google ScholarDigital Library
- M. Bishop. Introduction to Computer Security. Addison-Wesley Professional, 2004. Google ScholarDigital Library
- L. Sweeney. k-anonymity: A model for protecting privacy. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, 10(05):557--570, 2002. Google ScholarDigital Library
- C. Dwork. Differential privacy. Automata, languages and programming, 2006. Google ScholarDigital Library
- Oracle. Fine-Grained Access Control for RDF Data. http://goo.gl/WJSNB.Google Scholar
- L. Kagal, T. W. Finin, and A. Joshi. A Policy Based Approach to Security for the Semantic Web. In ISWC, 2003.Google ScholarDigital Library
- T. W. Finin, A. Joshi, L. Kagal, J. Niu, R. S. Sandhu, W. H. Winsborough, and B. M. Thuraisingham. R OWL BAC: Representing Role Based Access Control in OWL. In SACMAT, 2008. Google ScholarDigital Library
- J. Hollenbach, J. Presbrey, and T. Berners-Lee. Using RDF Metadata To Enable Access Control on the Social Semantic Web. In CK2009, volume 514, 2009.Google Scholar
- B. Carminati, E. Ferrari, R. Heatherly, M. Kantarcioglu, and B. Thuraisingham. A semantic web based framework for social network access control. In SACMAT, 2009. Google ScholarDigital Library
- S. H. Garlik, A. Seaborne, and E. Prud'hommeaux. SPARQL 1.1 Query Language. http://www.w3.org/TR/sparql11-query/.Google Scholar
- O. Lassila, R. R. Swick, and World Wide Web Consortium. Resource Description Framework (RDF) Model and Syntax Specification, 1998.Google Scholar
- L. Moreau, B. Clifford, and J. Freire et. al. The Open Provenance Model core specification (v1.1). Future Generation Computer Systems (FGCS), 27, 2011. Google ScholarDigital Library
- O. Hartig and J. Zhao. Provenance Vocabulary Core Ontology Specification, 2010.Google Scholar
- J. Péerez, M. Arenas, and C. Gutierrez. Semantics and Complexity of SPARQL. In ISWC, 2006. Google ScholarDigital Library
- M. Arenas, S. Conca, and J. Pérez. Counting beyond a Yottabyte, or how SPARQL 1.1 property paths will prevent adoption of the standard. In WWW, 2012. Google ScholarDigital Library
- D. A. Schmidt. Denotational semantics: A methodology for language development. William C. Brown Publishers, Dubuque, IA, USA, 1986. Google ScholarDigital Library
- T. Cadenhead, V. Khadilkar, M. Kantarcioglu, and B. Thuraisingham. A Language for Provenance Access Control. In CODASPY. ACM, 2011. Google ScholarDigital Library
- M. Bishop, J. Cummins, S. Peisert, A. Singh, B. Bhumiratana, and D. A. Agarwal. Relationships and Data Sanitization: A Study in Scarlet. In NSPW, 2010. Google ScholarDigital Library
- R. Horne, V. Sassone, and N. Gibbins. Operational Semantics for SPARQL Update. In JIST, 2011. Google ScholarDigital Library
- T. Cadenhead, V. Khadilkar, M. Kantarcioglu, and B. Thuraisingham. Transforming Provenance using Redaction. In SACMAT, 2011. Google ScholarDigital Library
Index Terms
- Towards fine grained RDF access control
Recommendations
The RDF foundry: call for an initiative to build enhanced RDF resources for biological data integration
WIMS '11: Proceedings of the International Conference on Web Intelligence, Mining and SemanticsCurrently, the OBO Foundry plays an important role by setting guidelines to formalise the concepts within the biomedical domain. The ontologies within the OBO Foundry are usually represented in the OBO ontology language. While being human-readable, this ...
RDF, Jena, SparQL and the 'Semantic Web'
SIGUCCS '09: Proceedings of the 37th annual ACM SIGUCCS fall conference: communication and collaborationThe Resource Description Format (RDF) is used to represent information modeled as a "graph": a set of individual objects, along with a set of connections among those objects. In that role, RDF is one of the pillars of the so-called Semantic Web. This ...
REDACT: a framework for sanitizing RDF data
WWW '13 Companion: Proceedings of the 22nd International Conference on World Wide WebResource Description Framework (RDF) is the foundational data model of the Semantic Web, and is essentially designed for integration of heterogeneous data from varying sources. However, lack of security features for managing sensitive RDF data while ...
Comments