Abstract

In this paper we propose an access control model for the Resource Description Framework (RDF). We argue that existing access control models, like the ones developed for securing eXtensible Markup Language (XML) documents, do not provide sufficient protection for RDF data. Our security model incorporates RDF and RDF Schema (RDFS) entailments. RDF protection objects are represented as RDF-patterns that are mapped to RDF and RDFS statements to determine their security requirements. We develop methods to assign security classification to entailed statements and to detect unauthorized inferences. We propose a two-level conflict resolution strategy. Simple conflict resolution addresses the problem when more than one pattern can be mapped to the same RDF statement, resulting in conflicting classification. Inference conflict resolution addresses inconsistencies that occur due to entailment.