Selective disclosure and inference leakage problem in the Linked Data

Tarek Sayah 1, 2
2 BD - Base de Données
LIRIS - Laboratoire d'InfoRmatique en Image et Systèmes d'information
Abstract : The emergence of the Semantic Web has led to a rapid adoption of the RDF (Resource Description Framework) to describe the data and the links between them. The RDF graph model is tailored for the representation of semantic relations between Web objects that are identified by IRIs (Internationalized Resource Identifier). The applications that publish and exchange potentially sensitive RDF data are increasing in many areas: bioinformatics, e-government, open data movement. The problem of controlling access to RDF content and selective exposure to information based on privileges of the requester becomes increasingly important. Our main objective is to encourage businesses and organizations worldwide to publish their RDF data into the linked data global space. Indeed, the published data may be sensitive, and consequently, data providers may avoid to release their information, unless they are certain that the desired access rights of different accessing entities are enforced properly, to their data. Hence the issue of securing RDF content and ensuring the selective disclosure of information to different classes of users is becoming all the more important. In this thesis, we focused on the design of a relevant access control for RDF data. The problem of providing access controls to RDF data has attracted considerable attention of both the security and the database community in recent years. New issues are raised by the introduction of the deduction mechanisms for RDF data (e.g., RDF/S, OWL), including the inference leakage problem. Indeed, when an owner wishes to prohibit access to information, she/he must also ensure that the information supposed secret, can’t be inferred through inference mechanisms on RDF data. In this PhD thesis we propose a fine-grained access control model for RDF data. We illustrate the expressiveness of the access control model with several conict resolution strategies including most specific takes precedence. To tackle the inference leakage problem, we propose a static verification algorithm and show that it is possible to check in advance whether such a problem will arise. Moreover, we show how to use the answer of the algorithm for diagnosis purposes. To handle the subjects' privileges, we define the syntax and semantics of a XACML inspired language based on the subjects' attributes to allow much finer access control policies. Finally, we propose a data-annotation approach to enforce our access control model, and show that our solution incurs reasonable overhead with respect to the optimal solution which consists in materializing the user's accessible subgraph to enforce our access control model, and show that our solution incurs reasonable overhead with respect to the optimal solution which consists in materializing the user's accessible subgraph
Document type :
Theses
Complete list of metadatas

Cited literature [34 references]  Display  Hide  Download

https://hal.archives-ouvertes.fr/tel-01364813
Contributor : Abes Star <>
Submitted on : Tuesday, December 6, 2016 - 2:17:07 PM
Last modification on : Wednesday, November 20, 2019 - 2:49:26 AM
Long-term archiving on : Monday, March 20, 2017 - 5:06:22 PM

File

TH2016SAYAHTAREK.pdf
Version validated by the jury (STAR)

Identifiers

  • HAL Id : tel-01364813, version 2

Citation

Tarek Sayah. Selective disclosure and inference leakage problem in the Linked Data. Computation and Language [cs.CL]. Université de Lyon, 2016. English. ⟨NNT : 2016LYSE1156⟩. ⟨tel-01364813v2⟩

Share

Metrics

Record views

455

Files downloads

1020