Inference Leakage Detection for Authorization Policies over RDF Data

Tarek Sayah 1 Emmanuel Coquery 1 Romuald Thion 1 Mohand-Said Hacid 1
1 BD - Base de Données
LIRIS - Laboratoire d'InfoRmatique en Image et Systèmes d'information
Abstract : The Semantic Web technologies include entailment regimes that produce new RDF data from existing ones. In the presence of access control, once a user has legitimately received the answer of a query, she/he can derive new data entailed from the answer that should have been forbidden if carried out inside of the RDF store. In this paper, we define a fine-grained authorization model for which it is possible to check in advance whether such a problem will arise. To this end, we provide a static analysis algorithm which can be used at the time of writing the authorization policy and does not require access to the data. We illustrate the expressiveness of the access control model with several conflict resolution strategies including most specific takes precedence as well as the applicability of the algorithm for diagnosis purposes.
Document type :
Conference papers
Complete list of metadatas

Cited literature [15 references]  Display  Hide  Download

https://hal.inria.fr/hal-01745813
Contributor : Hal Ifip <>
Submitted on : Wednesday, March 28, 2018 - 3:57:10 PM
Last modification on : Thursday, February 7, 2019 - 3:05:45 PM
Long-term archiving on : Thursday, September 13, 2018 - 11:27:06 AM

File

340025_1_En_24_Chapter.pdf
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Tarek Sayah, Emmanuel Coquery, Romuald Thion, Mohand-Said Hacid. Inference Leakage Detection for Authorization Policies over RDF Data. 29th IFIP Annual Conference on Data and Applications Security and Privacy (DBSEC), Jul 2015, Fairfax, VA, United States. pp.346-361, ⟨10.1007/978-3-319-20810-7_24⟩. ⟨hal-01745813⟩

Share

Metrics

Record views

359

Files downloads

108