Browse > Article
http://dx.doi.org/10.13089/JKIISC.2008.18.2.49

Analysis of Access Authorization Conflict for Partial Information Hiding of RDF Web Document  

Kim, Jae-Hoon (Sogang University, Dept. of Computer Science and Engineering)
Park, Seog (Sogang University, Dept. of Computer Science and Engineering)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.18, no.2, 2008 , pp. 49-63 More about this Journal
Abstract
RDF is the base ontology model which is used in Semantic Web defined by W3C. OWL expands the RDF base model by providing various vocabularies for defining much more ontology relationships. Recently Jain and Farkas have suggested an RDF access control model based on RDF triple. Their research point is to introduce an authorization conflict problem by RDF inference which must be considered in RDF ontology data. Due to the problem, we cannot adopt XML access control model for RDF, although RDF is represented by XML. However, Jain and Farkas did not define the authorization propagation over the RDF upper/lower ontology concepts when an RDF authorization is specified. The reason why the authorization specification should be defined clearly is that finally, the authorizatin conflict is the problem between the authorization propagation in specifying an authorization and the authorization propagation in inferencing authorizations. In this article, first we define an RDF access authorization specification based on RDF triple in detail. Next, based on the definition, we analyze the authoriztion conflict problem by RDF inference in detail. Next, we briefly introduce a method which can quickly find an authorization conflict by using graph labeling techniques. This method is especially related with the subsumption relationship based inference. Finally, we present a comparison analysis with Jain and Farkas' study, and some experimental results showing the efficiency of the suggested conflict detection method.
Keywords
RDF data; Ontology; Inference; Access Control; Authorization Conflict;
Citations & Related Records
연도 인용수 순위
  • Reference
1 L. Qin, V. Atluri, "Concept-level Access Control for the Semantic Web", Proc. of ACM Workshop on XML Security 2003, pp. 94-103, Oct. 2003
2 S. Javanmardi, M. Amini, R. Jalili, "An Access Control Model for Protecting Semantic Web Resources", Proc. of the 2nd International Semantic Web Policy Workshop (SWPW'06), Nov. 2006
3 S. Kaushik, D. Wijesekera, P. Ammann, "Policy-based dissemination of partial web-ontologies", Proc. of the 2005 workshop on Secure web services, pp. 43-52, Nov. 2005
4 RDF Semantics, W3C Recommendation, http://www.w3.org/TR/rdf-mt/
5 OWL Web Ontology Language Overview, W3C Recommendation, http://www.w3.org/TR/owl-features/
6 E. Bertino, E. Ferrari, "Secure and selective dissemination of XML documents", ACM Transactions on Information and System Security, 5(3), pp. 290-331, 2002   DOI
7 E. Damiani, S. D. C. Vimercati, S. Paraboschi, P. Samarati, "A fine-grained access control system for XML documents", ACM Transactions on Information and System Security, 5(2), pp. 169-202, 2002   DOI
8 V. Christophides, G. Karvounarakis, D. Plexousakis, M. Scholl, S. Tourtounis, "Optimizing taxonomic semantic web queries using labeling schemes", Journal of Web Semantics, 11(1), pp. 207-228, Nov. 2003
9 A. Jain, C. Farkas, "Secure resource description framework: an access control model", Proc. of 11th ACM Symposium on Access Control Models and Technologies, pp. 121-129, June 2006
10 E. Bertino, S. Castano, E. Ferrari, M. Mesiti, "Specifying and enforcing access control policies for XML document sources", World Wide Web Journal, 3(3), pp. 139-151, 2000   DOI
11 P. Reddivari, T. Finin, A. Joshi, "Policy-Based Access Control for an RDF Store", Proc. of the Policy Management for the Web Workshop, pp. 78-83, May. 2005
12 RDF Primer, W3C Recommendation, http://www.w3.org/TR/rdf-primer/
13 G. Wu, K. Zhang, C. Liu, J. Li, "Adapting Prime Number Labeling Scheme for Directed Acyclic Graphs", DASFAA 2006, pp. 787-796, April 2006