Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.
Context-Aware Access Control   for RDF Graph Stores!                                      SELECT … !                      ...
SPARQL	         T	  Berners-­‐Lee,	  et	  al.	  On	  Integra8on	  Issues	  of	  Site-­‐Specific	  APIs	  into	  the	  Web	 ...
Background and SHI3LD Key Features!     WAC [Berners-Lee], [Toninelli et al, ISWC-2006], !     [Abel et al, ISWC-2007], [F...
How it Works – Initial Setup!●  Named Graph Partitioning!●  Access Policy Definition!  !S4AC & PRISSMA Vocabularies!       ...
SHI3LD Vocabularies!                       5	  
Example of Access Conditions!ASK {?resource dcterms:creator ?provider .! ARE	  YOU	  A	  FRIEND	  OF	  	  ?provider rel:ha...
Example of Access Conditions!ASK {?resource dcterms:creator ?provider .!              ARE	  YOU	  A	  MEMBER	  OF	  	     ...
Example of Access Conditions!ASK {?context a prissma:Context;!              prissma:environment ?env.!     ?env tl:start "...
Sample Access Policy!                        Protected named graph                            Conditions                  ...
How it Works!1.  Query Contextualization ! !!    INSERT DATA { !                SELECT … !    GRAPH :ctx1{!    [!    ,!   ...
Example of User Context!:sampleCtx a prissma:Context;!   !prissma:user :sampleUsr; !   !prissma:device :sampleDev;!    pri...
How it Works!2.  Access Policy Evaluation!  ASK {?context !            a prissma:Context; !            prissma:environment...
How it Works!3.  Query Execution on !   accessible Named Graphs!                               :ng1 !   :ng2 !            ...
Response Time Evaluation!RDF	  store	  and	  SPARQL	  1.1.	  engine:	  Corese-­‐KGRAM	  with	  Berlin	  SPARQL	  Benchmark...
Future Work!                                             Privacy!           Context data                                  ...
Nächste SlideShare
Wird geladen in …5
×

Context-Aware Access Control for RDF Graph Stores

ECAI 2012 presentation

  • Loggen Sie sich ein, um Kommentare anzuzeigen.

Context-Aware Access Control for RDF Graph Stores

  1. 1. Context-Aware Access Control for RDF Graph Stores! SELECT … ! WHERE {…}!Luca  Costabello,  Serena  Villata,  Fabien  Gandon  
  2. 2. SPARQL   T  Berners-­‐Lee,  et  al.  On  Integra8on  Issues  of  Site-­‐Specific  APIs  into  the  Web  of  Data,  DERI  Tech.Rep.  2009  2007 2009 2011
  3. 3. Background and SHI3LD Key Features! WAC [Berners-Lee], [Toninelli et al, ISWC-2006], ! [Abel et al, ISWC-2007], [Finin et al.,SACMAT-2008], ! [Flouris et al., FIS-2010], [Sacco and Passant, LDOW-2011]
 Semantic Web Pluggable to languages only! any RDF store! > No new Policy languages! > SPARQL 1.1! Granularity from Mobile context in triples to whole graphs! the loop! > Named Graphs! > Context Awareness! [Carroll  et  al,  WWW2005]   [Schilit  and  Theimer,  94]     RDF  1.1   [Dey,  01]   3  
  4. 4. How it Works – Initial Setup!●  Named Graph Partitioning!●  Access Policy Definition! !S4AC & PRISSMA Vocabularies! 4  
  5. 5. SHI3LD Vocabularies! 5  
  6. 6. Example of Access Conditions!ASK {?resource dcterms:creator ?provider .! ARE  YOU  A  FRIEND  OF    ?provider rel:hasFriend ?consumer . }! THE  DATA  PROVIDER  ?  ASK {?resource dcterms:creator ?provider . ! ARE  YOU  A  COLLABORATOR    ?provider rel:collaboratesWith ?consumer . }! THE  DATA  PROVIDER  ?   OF  ASK {?resource dcterms:creator ?provider .! ARE  YOU  A  PARENT  OF    ?provider rel:hasParent ?consumer . }! THE  DATA  PROVIDER  ?   ASK{?resource dcterms:creator ?provider .! ARE  YOU  A  COLLEAGUE  OF     ?provider rel:hasColleague ?consumer . }! THE  DATA  PROVIDER  ?   6  
  7. 7. Example of Access Conditions!ASK {?resource dcterms:creator ?provider .! ARE  YOU  A  MEMBER  OF     ?provider sioc:member_of ?group . ! THE  SAME  GROUP  OF     ?consumer sioc:member_of ?group . }! THE  DATA  PROVIDER  ?  ASK {?consumer a foaf:Person .! ARE  YOU  JOHN  ?   ! FILTER(?consumer = <http://example#John>) }! IF  SO  ASK {?consumer a foaf:Person .! ARE  YOU  JOHN  ?   ! FILTER(!(?consumer = <http://example#John>)) }! IF  SO   DO  YOU  GET  A  NUMBER    ASK { FILTER(rand()>0.5) }! BIGGER  THAN  0.5  ?   7  
  8. 8. Example of Access Conditions!ASK {?context a prissma:Context;! prissma:environment ?env.! ?env tl:start "2012-10-26T12:00:00Z"^^xsd:dateTime;! ! tl:duration "PT5H"^^xsd:duration.! ! ?env prissma:currentPOI ?poi.! ! ?poi prissma:poiLabel http://dbpedia.org/resource/Musee_du_Louvre. !}! ARE  YOU  LOCATED  IN  THE  LOUVRE  MUSEUM    ASK {?context a prissma:Context; ! AND  IS  IT  OCTOBER  26 ,  2012  AFTER  12  a.m.?   TH ! prissma:device ?dev;! ! prissma:user ?consumer;! prissma:environment ?env.! ?consumer a foaf:Person;! rel:employedBy <http://example#Bob>.! ?env prissma:currentPOI ?poi.! ! ?poi prissma:poiLabel <http://dbpedia.org/resource/Musee_du_Louvre>.! ?dev a prissma:Device;! ARE  YOU  LOCATED  IN  THE  LOUVRE  MUSEUM,     soft:deviceSoftware ?devsw.! ARE  YOU  EMPLOYED  BY  BOB,  AND  ARE  YOU     ?devsw a soft:DeviceSoftware;! USING  ANDROID?   soft:operatingSystem ?opsys.! ?opsys a soft:Operatingsystem;! common:name "Android".! 8  }!
  9. 9. Sample Access Policy! Protected named graph Conditions to verify 9  
  10. 10. How it Works!1.  Query Contextualization ! !! INSERT DATA { ! SELECT … ! GRAPH :ctx1{! [! ,! ,! ]! ,! , …! +   WHERE {…}! :ctx1! }}! 10  
  11. 11. Example of User Context!:sampleCtx a prissma:Context;! !prissma:user :sampleUsr; ! !prissma:device :sampleDev;! prissma:environment :sampleEnv.!:sampleUsr a prissma:User;! foaf:name "John Doe »;! !foaf:knows <http://example.org/people/alice/>.!:sampleDev a prissma:device;! !soft:deviceSoftware [soft:operatingSystem[common:name "Android"]].!:sampleEnv a prissma:Environment;! prissma:currentPOI [geo:lat "45.43463";! ! ! ! geo:lon "7.843435";! ! ! ! prissma:radius "500"];! tl:start "2012-10-26T12:00:00Z"^^xsd:dateTime;! 11  
  12. 12. How it Works!2.  Access Policy Evaluation! ASK {?context ! a prissma:Context; ! prissma:environment ?env.! ?env prissma:currentPOI ?poi. ! ?poi prissma:radius "500";! foaf:based_near ?p. ! =   "false"   ?p geo:lat "43.615811";! geo:long "7.068532".} ! BINDINGS ?context {(:ctx1)}! 12  
  13. 13. How it Works!3.  Query Execution on ! accessible Named Graphs! :ng1 ! :ng2 ! SELECT … ! :ng3 ! WHERE {…}! SELECT …! FROM :ng2,:ng3! WHERE {…}! 13  
  14. 14. Response Time Evaluation!RDF  store  and  SPARQL  1.1.  engine:  Corese-­‐KGRAM  with  Berlin  SPARQL  Benchmark  Dataset  3.1  • Dataset size still predominant!• Small fraction granted!  Faster!• More context updates, ! More consumers!  Slower! 14  
  15. 15. Future Work! Privacy! Context data User-centered trustworthiness! evaluation!Luca  Costabello  |  Serena  Villata    |  Fabien  Gandon  @lukostaz ! ! @serena_villata @fabien_gandon!tinyurl.com/shi3ld

×