Access Control for HTTP Operations on Linked Data
نویسندگان
چکیده
Access control is a recognized open issue when interacting with RDF using HTTP methods. In literature, authentication and authorization mechanisms either introduce undesired complexity such as SPARQL and ad-hoc policy languages, or rely on basic access control lists, thus resulting in limited policy expressiveness. In this paper we show how the Shi3ld attribute-based authorization framework for SPARQL endpoints has been progressively converted to protect HTTP operations on RDF. We proceed by steps: we start by supporting the SPARQL 1.1 Graph Store Protocol, and we shift towards a SPARQL-less solution for the Linked Data Platform. We demonstrate that the resulting authorization framework provides the same functionalities of its SPARQL-based counterpart, including the adoption of Semantic Web languages only.
منابع مشابه
Context-aware access control and presentation of linked data. (Contrôle d'accès et présentation contextuelle pour le Web des données)
This thesis discusses the influence of mobile context awareness on Web of Data access from handheld devices. The work dissects this issue into three research questions: how to declaratively describe context by complying with Linked Data best practices, how to enable context-aware adaptation for Linked Data consumption, and how to protect access to RDF stores from context-aware devices. The firs...
متن کاملNetwork Working Group G. Clemm Request for Comments: 3744 Ibm Category: Standards Track
This document specifies a set of methods, headers, message bodies, properties, and reports that define Access Control extensions to the WebDAV Distributed Authoring Protocol. This protocol permits a client to read and modify access control lists that instruct a server whether to allow or deny operations upon a resource (such as HyperText Transfer Protocol (HTTP) method invocations) by a given p...
متن کاملEnforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کاملTowards Specification and Execution of Linked Systems
We introduce the formalism of Linked Systems for specifying and executing dynamical systems that operate over ReadWrite Linked Data. Linked Systems cover user agents (components that emit HTTP requests) and servers (components that receive HTTP requests). The formalisation is inspired by automata theory and the concepts of state transition systems and state machines. For the proposed formalism ...
متن کاملData Encapsulation in Component-based Software Systems
A component-based system consists of components linked by connectors. Data can reside in components and/or in external data stores. Operations on data, such as access, update and transfer are carried out during computations performed by components. Typically, in current component models, control, computation and data are mixed up in the components, while control and data are both communicated b...
متن کامل