Journal of KIISE:Databases (한국정보과학회논문지:데이타베이스)

Korean Institute of Information Scientists and Engineers (한국정보과학회)
권호 표지

A Three-Layered Ontology View Security Model for Access Control of RDF Ontology

RDF 온톨로지 접근 제어를 위한 3 계층 온톨로지 뷰 보안 모델

  • Published : 2008.02.15
Download PDF
⟨ Previous Next ⟩

Abstract

Although RDF ontologies might be expressed in XML tree model, existing methods for protection of XML documents are not suitable for securing RDF ontologies. The graph style and inference feature of RDF demands a new security model development. Driven by this goal, this paper proposes a new query-oriented model for the RDF ontology access control. The proposed model rewrites a user query using a three-layered ontology view. The proposal resolves the problem that the existing approaches should generate inference models depending on inference rules. Accessible ontology concepts and instances which a user can visit are defined as ontology views, and the inference view defined for controling an inference query enables a controlled inference capability for the user. This paper defines the three-layered view and describes algorithms for query rewriting according to the views. An implemented prototype with its system architecture is shown. Finally, the experiment and comparative evaluation result of the proposal and the previous approach is described.

RDF 온톨로지는 XML 트리 모델을 이용하여 표현할 수 있다. 그러나 XML 문서를 보호하기 위해 개발된 XML 보안 모델을 RDF 온톨로지에 적용하는 방법은 부적합하다. RDF는 그래프 모델로서 추론 기능을 제공하므로 새로운 보안 모델의 개발이 요구된다. 이 논문에서는 RDF 온톨로지 접근 제어를 위한 새로운 질의 지향 모델을 제안한다. 제안 모델은 3 계층 온톨로지 뷰를 이용하여 사용자 질의를 재작성한다. 이를 통해 제안 모델은 추론 규칙에 따라 추론 모델을 생성하는 기존 접근 방법의 문제점을 해결한다. 사용자가 방문할 수 있는 접근 가능한 온톨로지 개념들과 인스턴스들을 각각 온톨로지 뷰로서 정의하며, 또한 추론 질의에 대한 제어를 위해 정의한 추론 뷰를 통해 사용자의 추론 기능을 제어할 수 있다. 이 논문에서는 3 계층 뷰를 정의하고 이에 따라 질의를 재작성하는 알고리즘에 대하여 기술한다. 시스템 구조와 구현된 프로토타입에 대하여 기술한다. 마지막으로. 제안 모델과 기존 접근 방법에 대한 실험 및 평가 결과에 대하여 기술한다.

Keywords

References

  1. Beckett, D., McBride, B., RDF/XML Syntax Specification, W3C Recommendation, 10 February 2004
  2. Hada, S. and Kudo, M., XML access control language: Provisional authorization for XML documents, http://www.trl.ibm.com/projects/xml/xacl/xacl- spec.html
  3. Oasis, eXtensible Access Control Markup Language (XACML), http://www.oasis-open.org/committees/xacml
  4. Bertino, E., Castano, S., Ferrari, E., "On Specifying Security Policies for Web Documents with an XML based Language," ACM SACMAT'01, 2001
  5. Bertino, E., Castano, S., Ferrari, E., "Securing XML documents with Author-X," IEEE Internet Computing, Vol.5, No.3, pp. 21-31, May/June 2001 https://doi.org/10.1109/4236.935172
  6. Fan, W., Chan, C.-Y., Garofalakis, M., "Secure XML Querying with Security Views," SIGMOD 2004, Paris, France, June 2004
  7. Geuer-Pollmann, C., "XML Pool Encryption," ACM Workshop on XML Security, Fairfax VA, USA, November 2002
  8. Volz, R., Oberle, D., and Studer, R., "Implementing Views for light-weight Web Ontologies," IDEAS'03, pp. 160-170, Hong Kong, July 16-18, 2003
  9. Magkanaraki, A., Tannen, V., Christophides, V., and Plexousakis, D., "Viewing the semantic web through RVL lenses," Springer-Verlag, ISWC'03, Vol. LNCS 2870, pp. 96-112, 2003
  10. Noy, N. F. and Musen, M. A., "Specifying ontology views by traversal," ISWC'04, Vol. 3298, pp. 713-725, November 2004
  11. Qin, L., Atluri, V., "Concept-level access control for the Semantic Web," XMLSEC'03, pp. 94-103, Fairfax, Virginia, USA, October 2003
  12. Reddivari, P., Finin, T., and Joshi. A., "Policy based access control for a rdf store," WWW2005, pp. 78-83, Chiba, Japan, May 2005
  13. Kaushik, S., Wijesekera, D., and Ammann., P., "Policy-based dissemination of partial web-ontologies," ACM Press, SWS'05, pp. 43-52, New York, NY, USA, 2005
  14. Jain, A. and Farkas, C., "Secure Resource Description Framework: an Access Control Model," SACMAT'06, Lake Taoe, California, USA, June 7-9, 2006
  15. Jena - A Semantic Web Framework for Java, http://jena.sourceforge.net/.
  16. Broekstra, J., Kampman, A., and van Harmelen, F., "Sesame: A Generic Architecture for Storing and Querying RDF and RDF Schema," Springer Verlag, ISWC 2002, Vol. LNCS 2342, pp. 54-68, 2002.
  17. Karvounarakis, G., Alexaki, S., Christophides, V., Plexousakis D., and Scholl, M., "RQL: A Declarative Query Language for RDF," WWW02, Honolulu, Hawaii, USA, May 2002
  18. Alexaki, S., Christophides, V., Karvounarakis, G., Plexousakis, D., Tolle, K., Amann, B., Fundulaki, I., Scholl, M., and Vercoustre, A.-M., "Managing RDF metadata for community webs," WCM'00, Salt Lake City, Utah, USA, pp. 140-151, October 2000
  19. W3C, W3C Candidate Recommendation, SPARQL Query Language for RDF, April 2006, http://www. w3.org/TR/rdf-sparql-query/
  20. Horrocks, I. and Tessaris, S., "A conjunctive query language for description logic aboxes," AAAI-00, 2000, Austin, Texas, USA, July 30-August 3, 2000
  21. Hewlett-Packard Development Company, ARQ - A SPARQL Processor for Jena, http://jena.sourceforge.net/ARQ/
  22. Guo, Y., Pan, Z., and Heflin. J., "An Evaluation of Knowledge Base Systems for Large OWL Datasets," Springer Verlag, Third International Semantic Web Conference, Vol. LNCS 3298, pp. 274-288, 2004
  23. Patel-Schneider, P.F., Hayes, P., and Horrocks, I., "OWL Web Ontology Language Semantics and Abstract Syntax," W3C Recommendation, February 2004