Inference Leakage Detection for Authorization Policies over RDF Data - Data and Applications Security and Privacy XXIX
Conference Papers Year : 2015

Inference Leakage Detection for Authorization Policies over RDF Data

Tarek Sayah
Emmanuel Coquery
Romuald Thion
Mohand-Said Hacid

Abstract

The Semantic Web technologies include entailment regimes that produce new RDF data from existing ones. In the presence of access control, once a user has legitimately received the answer of a query, she/he can derive new data entailed from the answer that should have been forbidden if carried out inside of the RDF store. In this paper, we define a fine-grained authorization model for which it is possible to check in advance whether such a problem will arise. To this end, we provide a static analysis algorithm which can be used at the time of writing the authorization policy and does not require access to the data. We illustrate the expressiveness of the access control model with several conflict resolution strategies including most specific takes precedence as well as the applicability of the algorithm for diagnosis purposes.
Fichier principal
Vignette du fichier
340025_1_En_24_Chapter.pdf (525.67 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01745813 , version 1 (28-03-2018)

Licence

Identifiers

Cite

Tarek Sayah, Emmanuel Coquery, Romuald Thion, Mohand-Said Hacid. Inference Leakage Detection for Authorization Policies over RDF Data. 29th IFIP Annual Conference on Data and Applications Security and Privacy (DBSEC), Jul 2015, Fairfax, VA, United States. pp.346-361, ⟨10.1007/978-3-319-20810-7_24⟩. ⟨hal-01745813⟩
416 View
172 Download

Altmetric

Share

More