한국정보과학회논문지:데이타베이스 (Journal of KIISE:Databases)

한국정보과학회 (Korean Institute of Information Scientists and Engineers)
권호 표지

포함관계 추론에서 접근 권한에 대한 효율적 RDF 질의 유효성 검증

An Efficient RDF Query Validation for Access Authorization in Subsumption Inference

  • 김재훈 (서일대학 정보통신과) ;
  • 박석 (서강대학교 컴퓨터공학과)
  • 발행 : 2009.12.15
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

시맨틱 웹을 위한 하나의 보안연구로, 본 논문에서는, 온톨로지 계층 구조와 RDF 트리플 패턴에 기반한 RDF 접근 권한 명세 모델을 소개한다. 또한 권한 명세 모델을 승인된 접근 권한들에 대한 RDF 질의 유효성 검증 과정에 적용한다. RDF 트리플 패턴을 가지는 대표적 RDF 질의 언어인 SPARQL 또는 RQL 질의는 RDF 트리플 패턴 형식으로 명세된 접근 권한에 따라 실행 거부되거나 인가될 수 있다. 이러한 질의 유효성 검증 과정을 효율적으로 수행하기 위하여 RDF 포함 관계 추론에서의 주요한 권한 충돌 조건들을 분석한다. 다음으로 분석된 충돌조건과 Dewey 그래프 레이블링 기술을 활용하는 효율적 질의 유효성 검증 알고리즘을 제시한다. 실험을 통하여 제시된 검증 알고리즘이 합리적인 유효성 검증 시간과, 데이터와 접근권한들이 증가할 때 확장성을 가짐을 보인다.

As an effort to secure Semantic Web, in this paper, we introduce an RDF access authorization model based on an ontology hierarchy and an RDF triple pattern. In addition, we apply the authorization model to RDF query validation for approved access authorizations. A subscribed SPARQL or RQL query, which has RDF triple patterns, can be denied or granted according to the corresponding access authorizations which have an RDF triple pattern. In order to efficiently perform the query validation process, we first analyze some primary authorization conflict conditions under RDF subsumption inference, and then we introduce an efficient query validation algorithm using the conflict conditions and Dewey graph labeling technique. Through experiments, we also show that the proposed validation algorithm provides a reasonable validation time and when data and authorizations increase it has scalability.

키워드

참고문헌

  1. W3C Semantic Web Activity, http://www.w3.org/2001/sw/
  2. J. Kim, S. Park, 'Analysis of Access Authorization Conflict for Partial Information Hiding of RDF Web Document,' Journal of KIISC, vol.18, no.2, pp.49-63, April 2008. (in Korean)
  3. J. Kim, S. Park, 'Efficient Authorization Conflict Detection Using Prime Number Graph Labeling in RDF Access Control,' Journal of KIISE : Databases, vol.35, no.2, pp.112-124, April 2003. (in Korean)
  4. A. Jain, C, Farkas, 'Secure resource description framework: an access control model,' Proc. of 11th ACM Symposium on Access Control Models and Technologies, 2006, pp.121-129 https://doi.org/10.1145/1133058.1133076
  5. L. Qin, V. Atluri, 'Concept-level Access Control for the Semantic Web,' Proc. of ACM Workshop on XML Security, 2003, pp.94-103 https://doi.org/10.1145/968559.968575
  6. D. Jeong, Y. jing, D, Baik, 'A Three-Layered Ontology View Security Model for Access Control of RDF Ontology,' Journal of KIISE : Databases, vol.35, no.1, pp.29-43, Feb. 2008. (in Korean)
  7. T. Finin, A. Joshi, L. Kagal, J. Niu, R. Sandhu, W. Sinsborough, B. Thuraisingham, 'ROWLBAC - representing role based access control in OWL,' Proc. of SACMAT 2008, pp.73-82 https://doi.org/10.1145/1377836.1377849
  8. J. Lee, K. Whang, W. Han, I. Song, 'The Dynamic Predicate: Integrating Access Control with Query Processing in XML Databases,' VLDB Journal, vol.16, no.3, pp,371-387, July 2007 https://doi.org/10.1007/s00778-006-0037-7
  9. V. Gaede, O. Gunther, 'Multidimensional access methods,' ACM Comput. Surv., vol.30, pp.170-231, 1998 https://doi.org/10.1145/280277.280279
  10. J. Kim, S. Park, 'A Circle Labeling Scheme without Re-labeling for Dynamically Updatable XML Data,' Journal of KIISE : Databases, vol.36, no.2, pp.29-43, April 2009. (in Korean)
  11. C, Byun, S. Park, 'An Efficient Query-based XIVIL Access Control Enforcement Mechanism,' Journal of KIISE : Databases, vol.34, no.I, pp.I-17, Feb, 2007. (in Korean)
  12. RDF Semantics, W3C Recommendation, http://www.w3.org/TR/rdf-mt/
  13. G, Karvounarakis, S. Alexaki, M, Scholl, V. Christophides, D. Plexousakis, 'RQL: a declarative query language for RDF,' Proc. of WWW 2002, pp.592-603 https://doi.org/10.1145/511446.511524
  14. SPARQL Query Language for RDF, W3C Recommendation, http://www.w3,org/TR/rdf-sparql-query/
  15. T. Furche, B. Linse, F. Bry, D. Plexousakis, G, Gottlob, 'RDF querying: language constructs and evaluation methods compared,' Proc. of Reasoning Web 2006, pp.1-52
  16. V, Christophides, G. Karvounarakis, D. Plexousakis, M. Scholl, S. Tourtounis, 'Optimizing taxonomic semantic web queries using labeling schemes,' Journal of Web Semantics, 11(1) (2003) 207-228 https://doi.org/10.1016/j.websem.2003.11.001