%0 Conference Proceedings
%T Inference Leakage Detection for Authorization Policies over RDF Data
%+ Base de Données (BD)
%A Sayah, Tarek
%A Coquery, Emmanuel
%A Thion, Romuald
%A Hacid, Mohand-Said
%Z Part 8: Information Flow and Inference
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 29th IFIP Annual Conference on Data and Applications Security and Privacy (DBSEC)
%C Fairfax, VA, United States
%Y Pierangela Samarati
%I Springer International Publishing
%3 Data and Applications Security and Privacy XXIX
%V LNCS-9149
%P 346-361
%8 2015-07-13
%D 2015
%R 10.1007/978-3-319-20810-7_24
%K Semantic reasoning
%K Inference leakage
%K Authorization
%Z Computer Science [cs]Conference papers
%X The Semantic Web technologies include entailment regimes that produce new RDF data from existing ones. In the presence of access control, once a user has legitimately received the answer of a query, she/he can derive new data entailed from the answer that should have been forbidden if carried out inside of the RDF store. In this paper, we define a fine-grained authorization model for which it is possible to check in advance whether such a problem will arise. To this end, we provide a static analysis algorithm which can be used at the time of writing the authorization policy and does not require access to the data. We illustrate the expressiveness of the access control model with several conflict resolution strategies including most specific takes precedence as well as the applicability of the algorithm for diagnosis purposes.
%G English
%Z TC 11
%Z WG 11.3
%2 https://inria.hal.science/hal-01745813/document
%2 https://inria.hal.science/hal-01745813/file/340025_1_En_24_Chapter.pdf
%L hal-01745813
%U https://inria.hal.science/hal-01745813
%~ CNRS
%~ UNIV-LYON1
%~ UNIV-LYON2
%~ INSA-LYON
%~ EC-LYON
%~ LIRIS
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-WG11-3
%~ IFIP-DBSEC
%~ LABEXIMU
%~ IFIP-LNCS-9149
%~ INSA-GROUPE
%~ UDL
%~ UNIV-LYON