RDF Access Control Language


Semantic Web research aims to support intelligent data integration from heterogeneous sources and improve collaboration among web applications and services. The basic building blocks of the envisioned Semantic Web are the Extensible Markup Language (XML), Resource Description Framework (RDF), and OWL. Where XML provides a mechanism for syntactic data storage and interchange, RDF provides semantic meaning to this data. However, the security impact of the Semantic Web has not been studied sufficiently. Some of the research topics currently addressed include Web trust, XML access control models, and distributed authentications.

This research work proposes an Access Control Framework for the RDF data. Although there are several proposed access control models for data stored in XML, these models are based on XML syntax only and incapable of incorporating data semantics. Due to syntactic variances of the XML representations corresponding to the same data, access control policies developed for one representation are not applicable to a different representation. Further, RDF does have entailment, which can lead to unwanted data inferences and cause data leaks. We develop an Access Control Language that is based on the meaning (semantics) of the data rather than its syntactic representation. Our model secures RDF data by assigning Multi Level security classifications to it and also preserves the flexibility provided in RDF model. It also provides means to secure the data from illegal inferences.

* Work in progress