Control de acceso basado en roles para RDF =Role based access control for RDF

Abstract

n order to control the access to the information available on the Semantic Web, different access control mechanisms have been proposed. As RDF is the standard format for publishing data on the Semantic Web, some of these mechanisms are able to enforce access restrictions on the granularity level of triples. However, there exists the need for a finergrained access control that manages the access to the subject, predicate and object of the triples, since there exist information requests that could be satisfied with only a part of a triple, while still prohibiting the access to sensible data. The purpose of this thesis is to formalize an access control policy model for RDF data, for which the smallest unit of protection are the parts of a triple, this is, its subject, predicate and object. First, we present the syntax and semantics of our policies, which are based on permissions. A permission consists of two parts: an APPLY statement that specifies the parts of the triples managed by the permission and a query SELECT -WHERE that determines the triples to which the permission applies. The set of allowed and forbidden permissions will respectively grant or deny access to data. In case of conflict deny overwrites an allow permission. Then, we study under what conditions the leaks of hidden information are possible for our policies. We found that our policies are consistent, which means that the answers of a series of queries, performed on a graph, cannot be combined to safely obtain triples that are hidden. After that, we propose an algorithm to enforce the policies defined with our model, in which the process of computing the answers to queries is divided in three parts: obtaining for each triple the permissions that apply on it, anonymizing the graph according to the permissions, and performing the queries over the anonymized graph. The analysis of the running time shows that enforcing a policy is done in polynomial time over the size of the graph under data complexity, and the space analysis shows that the maximum space that will be used to store one anonymized graph for each role is twice the size of the original graph. Finally, considering these results and the fact that RDF graphs can be large enough that storing multiple copies of the same information becomes infeasible for multiple roles, we propose an algorithm that can store the anonymized data in a more compact way. Our time cost analysis concludes that enforcing the policies for multiple roles is still done in polynomial time over the size of the graph, even though it is slightly more inefficient than the first algorithm. It shows too that the maximum space that will be used to store the anonymized data is independent from the number of roles, and it is eight times the size of the original graph.