Query Based Access Control for Linked Data

TL;DR

This paper introduces a query rewriting algorithm for Linked Data that enforces access control on SPARQL queries, ensuring security and correctness in data sharing applications.

Contribution

It proposes a novel query rewriting method for partial data access control and adapts verification criteria to ensure policy correctness.

Findings

The algorithm effectively restricts access to SPARQL queries.

Verification criteria can confirm access control policy correctness.

Enhances security in linked data applications.

Abstract

In recent years we have seen significant advances in the technology used to both publish and consume Linked Data. However, in order to support the next generation of ebusiness applications on top of interlinked machine readable data suitable forms of access control need to be put in place. Although a number of access control models and frameworks have been put forward, very little research has been conducted into the security implications associated with granting access to partial data or the correctness of the proposed access control mechanisms. Therefore the contributions of this paper are two fold: we propose a query rewriting algorithm which can be used to partially restrict access to SPARQL 1.1 queries and updates; and we demonstrate how a set of criteria, which was originally used to verify that an access control policy holds over different database states, can be adapted to verify the correctness of access control via query rewriting.