SlideShare a Scribd company logo

Access Control for HTTP Operations on Linked Data

Luca Costabello
Luca Costabello

Shi3ld is an access control module for enforcing authorization on triple stores. Shi3ld protects SPARQL queries and HTTP operations on Linked Data and relies on attribute-based access policies. http://wimmics.inria.fr/projects/shi3ld-ldp/ Shi3ld comes in two flavours: Shi3ld-SPARQL, designed for SPARQL endpoints, and Shi3ld-HTTP, designed for HTTP operations on triples. SHI3LD for HTTP offers authorization for read/write HTTP operations on Linked Data. It supports the SPARQL 1.1 Graph Store Protocol, and the Linked Data Platform specifications.

TechnologyBusiness
1 of 31
Download to read offline
Access Control for HTTP Operations on Linked Data ! Luca  Costabello   Serena  Villata   Oscar  Rodriguez  Rocha   Fabien  Gandon  
Outline! ●  Introduction" ●  Shi3ld Authorization Procedure" ●  Shi3ld for HTTP: Scenarios" ●  Response Time Evaluation" ●  Future Work"
Outline! ●  Introduction! ●  Shi3ld Authorization Procedure! ●  Shi3ld for HTTP: Scenarios" ●  Response Time Evaluation" ●  Future Work"
Accessing Linked Data! ●  HTTP URIs dereferencing" ●  SPARQL queries" ●  RDFa, search engines APIs"
Accessing Linked Data! ●  HTTP URIs dereferencing! ●  SPARQL queries" ●  RDFa, search engines APIs" GET /data/resource HTTP/1.1! Host: example.org! ...!
Our Problem! 6   How to design an authorization framework for HTTP interaction with Linked Data? " GET /data/resource HTTP/1.1! Host: example.org! Authorization: ...!
Access Control for Triple Stores! 7 HTTP   Interac:on   A<ribute-­‐ Based  AC   Model   Policies  in   RDF/SPARQL   Resource-­‐level   Granularity   Context   Awareness   Shi3ld-­‐SPARQL  [2012]   WAC  [2007]   Proteus [2006]   Abel et al. [2007]   Finin et al. [2008]   Flouris et al. [2010]   PPO  [2011]  
8   SELECT … ! WHERE {…}! Our Proposal: ! Adapting Shi3ld-SPARQL to HTTP!
9   GET /data/resource HTTP/1.1! Host: example.org! Authorization: ...! Our Proposal: ! Adapting Shi3ld-SPARQL to HTTP!
Outline! ●  Background" ●  Shi3ld Authorization Procedure" ●  Adapting Shi3ld-SPARQL to HTTP! ●  Response Time Evaluation" ●  Future Work"
Shi3ld Access Policy! 11   AccessConditionSet AccessPolicy hasContext AccessPrivilege hasAccessPrivilege appliesTo UserDevice Environment Context environmentdevice user hasAccessConditionSet AccessCondition hasAccessCondition Two “Styles” for Access Conditions" ●  SPARQL-based" ●  SPARQL-less"
Sample Access Policy (SPARQL-based)! 12   :policy1 a s4ac:AccessPolicy; ! s4ac:appliesTo :resource; ! s4ac:hasAccessPrivilege s4ac:Read;! s4ac:hasAccessConditionSet :acs1.! ! :acs1 a s4ac:AccessConditionSet; ! s4ac:hasAccessCondition :ac1.! ! :ac1 a s4ac:AccessCondition;! ! s4ac:hasQueryAsk ! !"""ASK ! ! !{?ctx a prissma:Context; ! ! ! ! prissma:environment ?env;! ! ! prissma:user <http://example.org/john.rdf#me>. ! ! !?env prissma:currentPOI ?poi. ! ! !?poi prissma:based_near ?p.! ! !?p geo:lat ?lat;geo:lon ?lon.! ! !FILTER(((?lat-45.8483) > 0 && (?lat-45.8483) < 0.5! ! !|| (?lat-45.8483) < 0 && (?lat-45.8483) > -0.5)! ! !&& ((?lon-7.3263) > 0 && (?lon-7.3263) < 0.5 ! ! !|| (?lon-7.3263) < 0 && (?lon-7.3263) > -0.5 ))}""".! Protected resource Access Condition to be verified: «User must be John and request must come from a specific location»
Sample Access Policy (SPARQL-less)! 13   :policy1 a s4ac:AccessPolicy; ! s4ac:appliesTo :resource; ! s4ac:hasAccessPrivilege s4ac:Read;! s4ac:hasAccessConditionSet :acs1.! ! :acs1 a s4ac:AccessConditionSet; ! s4ac:hasAccessCondition :ac1.! ! :ac1 a s4ac:AccessCondition;! ! s4ac:hasContext :ctx1.! ! :ctx1 a prissma:Context;! !prissma:user <http://example.org/john.rdf#me>;! !prissma:environment :env1.! ! :env1 a prissma:Environment;! prissma:nearbyEntity <http://alice.org#me>.! Protected resource Access Condition to be verified: «User must be John and Alice must be nearby»
14   Authorization Procedure
 ! 1. Adding Client Attributes to HTTP operation" 2. Access Conditions Execution! 3. HTTP Response Construction!
Authorization Procedure
 ! 15   GET /data/resource HTTP/1.1! Host: example.org! Authorization: Shi3ld <...>! 1. Adding Client Attributes to HTTP operation" 2. Access Conditions Execution" 3. HTTP Response Construction" UserDevice Environment Context environmentdevice user <http://carl-johnson.org#me> :env_AC1 <http://alice.org#me> p:nearbyEntity p:user p:environment p:nearbyEntity :ctx_AC1 foaf:gender "male"
Authorization Procedure (SPARQL-based)
 ! 16   1. Adding Client Attributes to HTTP operation" 2. Access Conditions Execution! 3. HTTP Response Construction" ASK {?context ! a prissma:Context; ! prissma:user ex:john.} ! =  "false"   VALUES (?context) {(:client_attributes)}! GET /data/resource HTTP/1.1! Host: example.org! Authorization: Shi3ld <...>!
Authorization Procedure (SPARQL-less)
 ! 17   1. Adding Client Attributes to HTTP operation" 2. Access Conditions Execution! 3. HTTP Response Construction" !:context a prissma:Context; ! ! prissma:user ex:john. ! "no match"   GET /data/resource HTTP/1.1! Host: example.org! Authorization: Shi3ld <...>! <http://carl-johnson.org#me> :env_AC1 <http://alice.org#me> p:nearbyEntity p:user p:environment p:nearbyEntity :ctx_AC1 foaf:gender "male"
Authorization Procedure
 ! 18   1. Adding Client Attributes to HTTP operation" 2. Access Conditions Execution" 3. HTTP Response Construction! :resource! 401 Unauthorized!
Outline! ●  Introduction" ●  Authorization Procedure" ●  Shi3ld for HTTP: Scenarios! ●  Response Time Evaluation" ●  Future Work"
HTTP Operations on Linked Data: 
 Our Scenarios! 20   ●  SPARQL 1.1 Graph Store Protocol (GSP)" " ●  W3C Linked Data Platform (LDP) 1.0" Best practices for a read-write HTTP-based Linked Data architecture. "" GET /rdf-graph-store?graph=... HTTP/1.1! Host: example.com! Accept: text/turtle; charset=utf-8! CONSTRUCT { ?s ?p ?o } ! WHERE { GRAPH <...> ! { ?s ?p ?o } }!
HTTP Operations on Linked Data: 
 Our Scenarios! 21   ●  SPARQL 1.1 Graph Store Protocol (GSP)" !Shi3ld-GSP! " ●  W3C Linked Data Platform (LDP) 1.0" "Shi3ld-LDP! •  SPARQL-based! •  SPARQL-less!
HTTP Operations on Linked Data: 
 Our Scenarios! 22   ●  SPARQL 1.1 Graph Store Protocol (GSP)" !Shi3ld-GSP! " ●  W3C Linked Data Platform (LDP) 1.0" "Shi3ld-LDP! •  SPARQL-based! •  SPARQL-less!
Shi3ld- GSP! 23   Shi3ld-GSPClient SPARQL 1.1 GSP Triple Store GET /data/resource HTTP/1.1 Host: example.org Authorization: Shi3ld:base64(attributes) INSERT/DATA(attributes) SELECT(Access Policies) ASK (AC1) ASK (ACn) . . . GET /data/resource HTTP/1.1 Host: example.org 200 OK HTTP HTTP/SPARQL 1. Adding Client Attributes 2. AC Execution 3.  HTTP  Response  Construc:on  
HTTP Operations on Linked Data: 
 Our Scenarios! 24   ●  SPARQL 1.1 Graph Store Protocol (GSP)" !Shi3ld-GSP! " ●  W3C Linked Data Platform (LDP) 1.0" "Shi3ld-LDP! •  SPARQL-based! •  SPARQL-less!
LDP Server INSERT/DATA(attributes) SELECT(Access Policies) ASK (AC1) ASK (ACn) . . . Shi3ld-LDP Internal Triple Store Internal SPARQL Engine Shi3ld Frontend Client GET /data/resource HTTP/1.1 Host: example.org Authorization: Shi3ld:base64(attributes) 200 OK File System/ Triple Store HTTP getData() Shi3ld Internal Shi3ld-LDP (SPARQL-based)! 25   1. Adding Client Attributes 2. AC Execution 3.  HTTP  Response  Construc:on  
26   Shi3ld-LDP (SPARQL-less)! File System/ Triple Store Save attributes Get Access Policies attributes.contains(AC1) attributes.contains(ACn) . . . Shi3ld-LDP Subgraph matcher Shi3ld Frontend Client GET /data/resource HTTP/1.1 Host: example.org Authorization: Shi3ld:base64(attributes) LDP Server HTTP Shi3ld Internal 200 OK getData() 1. Adding Client Attributes 2. AC Execution 3.  HTTP  Response  Construc:on  
Outline! ●  Background" ●  Authorization Procedure" ●  Shi3ld for HTTP: Scenarios" ●  Response Time Evaluation! ●  Future Work"
Response Time Evaluation! 28   ●  Response time linear w/ AC #" ●  SPARQL-less: 25% faster" ●  Empty RDF Store: only 14% faster"
Response Time Evaluation! 29   ●  AC complexity does not affect response time" ●  Response time independent from HTTP method"
Outline! ●  Background" ●  Authorization Procedure" ●  Shi3ld for HTTP: Scenarios" ●  Response Time Evaluation" ●  Future Work!
Future Work! bit.ly/shi3ld-http Luca  Costabello   @lukostaz!   Serena  Villata   @serena_villata!   Oscar  Rodriguez-­‐Rocha   @orocha!   Fabien  Gandon   @fabien_gandon   ●  Client Attributes Trustworthiness " ●  Client Attributes Caching" ●  Admin UI"

Recommended

Practical Elasticsearch - real world use cases
Practical Elasticsearch - real world use casesPractical Elasticsearch - real world use cases
Practical Elasticsearch - real world use casesItamar
 
Side by Side with Elasticsearch & Solr, Part 2
Side by Side with Elasticsearch & Solr, Part 2Side by Side with Elasticsearch & Solr, Part 2
Side by Side with Elasticsearch & Solr, Part 2Sematext Group, Inc.
 
Elasticsearch Distributed search & analytics on BigData made easy
Elasticsearch Distributed search & analytics on BigData made easyElasticsearch Distributed search & analytics on BigData made easy
Elasticsearch Distributed search & analytics on BigData made easyItamar
 
Analyse your SEO Data with R and Kibana
Analyse your SEO Data with R and KibanaAnalyse your SEO Data with R and Kibana
Analyse your SEO Data with R and KibanaVincent Terrasi
 
Sem tech 2010_integrity_constraints
Sem tech 2010_integrity_constraintsSem tech 2010_integrity_constraints
Sem tech 2010_integrity_constraintsClark & Parsia LLC
 
Stardog Linked Data Catalog
Stardog Linked Data CatalogStardog Linked Data Catalog
Stardog Linked Data Catalogkendallclark
 
OPA APIs and Use Case Survey
OPA APIs and Use Case SurveyOPA APIs and Use Case Survey
OPA APIs and Use Case SurveyTorin Sandall
 
Solr search engine with multiple table relation
Solr search engine with multiple table relationSolr search engine with multiple table relation
Solr search engine with multiple table relationJay Bharat
 

Recommended

Practical Elasticsearch - real world use cases
Practical Elasticsearch - real world use casesPractical Elasticsearch - real world use cases
Practical Elasticsearch - real world use casesItamar
 
Side by Side with Elasticsearch & Solr, Part 2
Side by Side with Elasticsearch & Solr, Part 2Side by Side with Elasticsearch & Solr, Part 2
Side by Side with Elasticsearch & Solr, Part 2Sematext Group, Inc.
 
Elasticsearch Distributed search & analytics on BigData made easy
Elasticsearch Distributed search & analytics on BigData made easyElasticsearch Distributed search & analytics on BigData made easy
Elasticsearch Distributed search & analytics on BigData made easyItamar
 
Analyse your SEO Data with R and Kibana
Analyse your SEO Data with R and KibanaAnalyse your SEO Data with R and Kibana
Analyse your SEO Data with R and KibanaVincent Terrasi
 
Sem tech 2010_integrity_constraints
Sem tech 2010_integrity_constraintsSem tech 2010_integrity_constraints
Sem tech 2010_integrity_constraintsClark & Parsia LLC
 
Stardog Linked Data Catalog
Stardog Linked Data CatalogStardog Linked Data Catalog
Stardog Linked Data Catalogkendallclark
 
OPA APIs and Use Case Survey
OPA APIs and Use Case SurveyOPA APIs and Use Case Survey
OPA APIs and Use Case SurveyTorin Sandall
 
Solr search engine with multiple table relation
Solr search engine with multiple table relationSolr search engine with multiple table relation
Solr search engine with multiple table relationJay Bharat
 
Dynamic Authorization & Policy Control for Docker Environments
Dynamic Authorization & Policy Control for Docker EnvironmentsDynamic Authorization & Policy Control for Docker Environments
Dynamic Authorization & Policy Control for Docker EnvironmentsTorin Sandall
 
Introduction to Elasticsearch
Introduction to ElasticsearchIntroduction to Elasticsearch
Introduction to ElasticsearchRuslan Zavacky
 
The ultimate guide for Elasticsearch plugins
The ultimate guide for Elasticsearch pluginsThe ultimate guide for Elasticsearch plugins
The ultimate guide for Elasticsearch pluginsItamar
 
Cool bonsai cool - an introduction to ElasticSearch
Cool bonsai cool - an introduction to ElasticSearchCool bonsai cool - an introduction to ElasticSearch
Cool bonsai cool - an introduction to ElasticSearchclintongormley
 
Battle of the Giants - Apache Solr vs. Elasticsearch (ApacheCon)
Battle of the Giants - Apache Solr vs. Elasticsearch (ApacheCon)Battle of the Giants - Apache Solr vs. Elasticsearch (ApacheCon)
Battle of the Giants - Apache Solr vs. Elasticsearch (ApacheCon)Sematext Group, Inc.
 
Approaching Join Index: Presented by Mikhail Khludnev, Grid Dynamics
Approaching Join Index: Presented by Mikhail Khludnev, Grid DynamicsApproaching Join Index: Presented by Mikhail Khludnev, Grid Dynamics
Approaching Join Index: Presented by Mikhail Khludnev, Grid DynamicsLucidworks
 
Analyzing Log Data With Apache Spark
Analyzing Log Data With Apache SparkAnalyzing Log Data With Apache Spark
Analyzing Log Data With Apache SparkSpark Summit
 
Battle of the Giants round 2
Battle of the Giants round 2Battle of the Giants round 2
Battle of the Giants round 2Rafał Kuć
 
BeJUG JAX-RS Event
BeJUG JAX-RS EventBeJUG JAX-RS Event
BeJUG JAX-RS EventStephan Janssen
 
Use Cases for Elastic Search Percolator
Use Cases for Elastic Search PercolatorUse Cases for Elastic Search Percolator
Use Cases for Elastic Search PercolatorMaxim Shelest
 
Riak Intro at Munich Node.js
Riak Intro at Munich Node.jsRiak Intro at Munich Node.js
Riak Intro at Munich Node.jsPhilipp Fehre
 
Introduction to Elasticsearch
Introduction to ElasticsearchIntroduction to Elasticsearch
Introduction to ElasticsearchJason Austin
 
State-of-the-Art Drupal Search with Apache Solr
State-of-the-Art Drupal Search with Apache SolrState-of-the-Art Drupal Search with Apache Solr
State-of-the-Art Drupal Search with Apache Solrguest432cd6
 
ElasticSearch AJUG 2013
ElasticSearch AJUG 2013ElasticSearch AJUG 2013
ElasticSearch AJUG 2013Roy Russo
 
2015.03 - The RDF Validator - A Tool to Validate RDF Data (KIM)
2015.03 - The RDF Validator - A Tool to Validate RDF Data (KIM)2015.03 - The RDF Validator - A Tool to Validate RDF Data (KIM)
2015.03 - The RDF Validator - A Tool to Validate RDF Data (KIM)Dr.-Ing. Thomas Hartmann
 
JeeConf 2018 - The anatomy of Spring Data
JeeConf 2018 - The anatomy of Spring DataJeeConf 2018 - The anatomy of Spring Data
JeeConf 2018 - The anatomy of Spring DataMaksym Govorischev
 
ElasticSearch - Introduction to Aggregations
ElasticSearch - Introduction to AggregationsElasticSearch - Introduction to Aggregations
ElasticSearch - Introduction to Aggregationsenterprisesearchmeetup
 
Hypermedia-driven Web Services with Spring Data REST
Hypermedia-driven Web Services with Spring Data RESTHypermedia-driven Web Services with Spring Data REST
Hypermedia-driven Web Services with Spring Data RESTSofiia Vynnytska
 
Test Driven Documentation with Spring Rest Docs
Test Driven Documentation with Spring Rest DocsTest Driven Documentation with Spring Rest Docs
Test Driven Documentation with Spring Rest DocsRoman Tsypuk
 
Your Data, Your Search, ElasticSearch (EURUKO 2011)
Your Data, Your Search, ElasticSearch (EURUKO 2011)Your Data, Your Search, ElasticSearch (EURUKO 2011)
Your Data, Your Search, ElasticSearch (EURUKO 2011)Karel Minarik
 
Session hijacking
Session hijackingSession hijacking
Session hijackingmamatnamaku
 
Igor Cernopolc - Http authentication in automated testing - presentation
Igor Cernopolc - Http authentication in automated testing - presentationIgor Cernopolc - Http authentication in automated testing - presentation
Igor Cernopolc - Http authentication in automated testing - presentationCodecamp Romania
 

More Related Content

What's hot

Dynamic Authorization & Policy Control for Docker Environments
Dynamic Authorization & Policy Control for Docker EnvironmentsDynamic Authorization & Policy Control for Docker Environments
Dynamic Authorization & Policy Control for Docker EnvironmentsTorin Sandall
 
Introduction to Elasticsearch
Introduction to ElasticsearchIntroduction to Elasticsearch
Introduction to ElasticsearchRuslan Zavacky
 
The ultimate guide for Elasticsearch plugins
The ultimate guide for Elasticsearch pluginsThe ultimate guide for Elasticsearch plugins
The ultimate guide for Elasticsearch pluginsItamar
 
Cool bonsai cool - an introduction to ElasticSearch
Cool bonsai cool - an introduction to ElasticSearchCool bonsai cool - an introduction to ElasticSearch
Cool bonsai cool - an introduction to ElasticSearchclintongormley
 
Battle of the Giants - Apache Solr vs. Elasticsearch (ApacheCon)
Battle of the Giants - Apache Solr vs. Elasticsearch (ApacheCon)Battle of the Giants - Apache Solr vs. Elasticsearch (ApacheCon)
Battle of the Giants - Apache Solr vs. Elasticsearch (ApacheCon)Sematext Group, Inc.
 
Approaching Join Index: Presented by Mikhail Khludnev, Grid Dynamics
Approaching Join Index: Presented by Mikhail Khludnev, Grid DynamicsApproaching Join Index: Presented by Mikhail Khludnev, Grid Dynamics
Approaching Join Index: Presented by Mikhail Khludnev, Grid DynamicsLucidworks
 
Analyzing Log Data With Apache Spark
Analyzing Log Data With Apache SparkAnalyzing Log Data With Apache Spark
Analyzing Log Data With Apache SparkSpark Summit
 
Battle of the Giants round 2
Battle of the Giants round 2Battle of the Giants round 2
Battle of the Giants round 2Rafał Kuć
 
Use Cases for Elastic Search Percolator
Use Cases for Elastic Search PercolatorUse Cases for Elastic Search Percolator
Use Cases for Elastic Search PercolatorMaxim Shelest
 
Riak Intro at Munich Node.js
Riak Intro at Munich Node.jsRiak Intro at Munich Node.js
Riak Intro at Munich Node.jsPhilipp Fehre
 
Introduction to Elasticsearch
Introduction to ElasticsearchIntroduction to Elasticsearch
Introduction to ElasticsearchJason Austin
 
State-of-the-Art Drupal Search with Apache Solr
State-of-the-Art Drupal Search with Apache SolrState-of-the-Art Drupal Search with Apache Solr
State-of-the-Art Drupal Search with Apache Solrguest432cd6
 
ElasticSearch AJUG 2013
ElasticSearch AJUG 2013ElasticSearch AJUG 2013
ElasticSearch AJUG 2013Roy Russo
 
2015.03 - The RDF Validator - A Tool to Validate RDF Data (KIM)
2015.03 - The RDF Validator - A Tool to Validate RDF Data (KIM)2015.03 - The RDF Validator - A Tool to Validate RDF Data (KIM)
2015.03 - The RDF Validator - A Tool to Validate RDF Data (KIM)Dr.-Ing. Thomas Hartmann
 
JeeConf 2018 - The anatomy of Spring Data
JeeConf 2018 - The anatomy of Spring DataJeeConf 2018 - The anatomy of Spring Data
JeeConf 2018 - The anatomy of Spring DataMaksym Govorischev
 
ElasticSearch - Introduction to Aggregations
ElasticSearch - Introduction to AggregationsElasticSearch - Introduction to Aggregations
ElasticSearch - Introduction to Aggregationsenterprisesearchmeetup
 
Hypermedia-driven Web Services with Spring Data REST
Hypermedia-driven Web Services with Spring Data RESTHypermedia-driven Web Services with Spring Data REST
Hypermedia-driven Web Services with Spring Data RESTSofiia Vynnytska
 
Test Driven Documentation with Spring Rest Docs
Test Driven Documentation with Spring Rest DocsTest Driven Documentation with Spring Rest Docs
Test Driven Documentation with Spring Rest DocsRoman Tsypuk
 
Your Data, Your Search, ElasticSearch (EURUKO 2011)
Your Data, Your Search, ElasticSearch (EURUKO 2011)Your Data, Your Search, ElasticSearch (EURUKO 2011)
Your Data, Your Search, ElasticSearch (EURUKO 2011)Karel Minarik
 

What's hot (20)

Dynamic Authorization & Policy Control for Docker Environments
Dynamic Authorization & Policy Control for Docker EnvironmentsDynamic Authorization & Policy Control for Docker Environments
Dynamic Authorization & Policy Control for Docker Environments
 
Introduction to Elasticsearch
Introduction to ElasticsearchIntroduction to Elasticsearch
Introduction to Elasticsearch
 
The ultimate guide for Elasticsearch plugins
The ultimate guide for Elasticsearch pluginsThe ultimate guide for Elasticsearch plugins
The ultimate guide for Elasticsearch plugins
 
Cool bonsai cool - an introduction to ElasticSearch
Cool bonsai cool - an introduction to ElasticSearchCool bonsai cool - an introduction to ElasticSearch
Cool bonsai cool - an introduction to ElasticSearch
 
Battle of the Giants - Apache Solr vs. Elasticsearch (ApacheCon)
Battle of the Giants - Apache Solr vs. Elasticsearch (ApacheCon)Battle of the Giants - Apache Solr vs. Elasticsearch (ApacheCon)
Battle of the Giants - Apache Solr vs. Elasticsearch (ApacheCon)
 
Approaching Join Index: Presented by Mikhail Khludnev, Grid Dynamics
Approaching Join Index: Presented by Mikhail Khludnev, Grid DynamicsApproaching Join Index: Presented by Mikhail Khludnev, Grid Dynamics
Approaching Join Index: Presented by Mikhail Khludnev, Grid Dynamics
 
Analyzing Log Data With Apache Spark
Analyzing Log Data With Apache SparkAnalyzing Log Data With Apache Spark
Analyzing Log Data With Apache Spark
 
Battle of the Giants round 2
Battle of the Giants round 2Battle of the Giants round 2
Battle of the Giants round 2
 
BeJUG JAX-RS Event
BeJUG JAX-RS EventBeJUG JAX-RS Event
BeJUG JAX-RS Event
 
Use Cases for Elastic Search Percolator
Use Cases for Elastic Search PercolatorUse Cases for Elastic Search Percolator
Use Cases for Elastic Search Percolator
 
Riak Intro at Munich Node.js
Riak Intro at Munich Node.jsRiak Intro at Munich Node.js
Riak Intro at Munich Node.js
 
Introduction to Elasticsearch
Introduction to ElasticsearchIntroduction to Elasticsearch
Introduction to Elasticsearch
 
State-of-the-Art Drupal Search with Apache Solr
State-of-the-Art Drupal Search with Apache SolrState-of-the-Art Drupal Search with Apache Solr
State-of-the-Art Drupal Search with Apache Solr
 
ElasticSearch AJUG 2013
ElasticSearch AJUG 2013ElasticSearch AJUG 2013
ElasticSearch AJUG 2013
 
2015.03 - The RDF Validator - A Tool to Validate RDF Data (KIM)
2015.03 - The RDF Validator - A Tool to Validate RDF Data (KIM)2015.03 - The RDF Validator - A Tool to Validate RDF Data (KIM)
2015.03 - The RDF Validator - A Tool to Validate RDF Data (KIM)
 
JeeConf 2018 - The anatomy of Spring Data
JeeConf 2018 - The anatomy of Spring DataJeeConf 2018 - The anatomy of Spring Data
JeeConf 2018 - The anatomy of Spring Data
 
ElasticSearch - Introduction to Aggregations
ElasticSearch - Introduction to AggregationsElasticSearch - Introduction to Aggregations
ElasticSearch - Introduction to Aggregations
 
Hypermedia-driven Web Services with Spring Data REST
Hypermedia-driven Web Services with Spring Data RESTHypermedia-driven Web Services with Spring Data REST
Hypermedia-driven Web Services with Spring Data REST
 
Test Driven Documentation with Spring Rest Docs
Test Driven Documentation with Spring Rest DocsTest Driven Documentation with Spring Rest Docs
Test Driven Documentation with Spring Rest Docs
 
Your Data, Your Search, ElasticSearch (EURUKO 2011)
Your Data, Your Search, ElasticSearch (EURUKO 2011)Your Data, Your Search, ElasticSearch (EURUKO 2011)
Your Data, Your Search, ElasticSearch (EURUKO 2011)
 

Viewers also liked

Session hijacking
Session hijackingSession hijacking
Session hijackingmamatnamaku
 
Igor Cernopolc - Http authentication in automated testing - presentation
Igor Cernopolc - Http authentication in automated testing - presentationIgor Cernopolc - Http authentication in automated testing - presentation
Igor Cernopolc - Http authentication in automated testing - presentationCodecamp Romania
 
Introduction to HTTP
Introduction to HTTPIntroduction to HTTP
Introduction to HTTPYihua Huang
 
Hack session for NYTimes Dialect Map Visualization( developed by R Shiny)
Hack session for NYTimes Dialect Map Visualization( developed by R Shiny) Hack session for NYTimes Dialect Map Visualization( developed by R Shiny)
Hack session for NYTimes Dialect Map Visualization( developed by R Shiny)Vivian S. Zhang
 
HTTP Session Replication with Oracle Coherence, GlassFish, WebLogic
HTTP Session Replication with Oracle Coherence, GlassFish, WebLogicHTTP Session Replication with Oracle Coherence, GlassFish, WebLogic
HTTP Session Replication with Oracle Coherence, GlassFish, WebLogicOracle
 
Working with Cookies in NodeJS
Working with Cookies in NodeJSWorking with Cookies in NodeJS
Working with Cookies in NodeJSJay Dihenkar
 
Internet access via cable tv network ppt
Internet access via cable tv network pptInternet access via cable tv network ppt
Internet access via cable tv network pptUpender Upr
 
Introduction to HTTP protocol
Introduction to HTTP protocolIntroduction to HTTP protocol
Introduction to HTTP protocolAviran Mordo
 
Sample Cloud Application Security and Operations Policy [release]
Sample Cloud Application Security and Operations Policy [release]Sample Cloud Application Security and Operations Policy [release]
Sample Cloud Application Security and Operations Policy [release]LinkedIn
 

Viewers also liked (10)

Session hijacking
Session hijackingSession hijacking
Session hijacking
 
Igor Cernopolc - Http authentication in automated testing - presentation
Igor Cernopolc - Http authentication in automated testing - presentationIgor Cernopolc - Http authentication in automated testing - presentation
Igor Cernopolc - Http authentication in automated testing - presentation
 
Introduction to HTTP
Introduction to HTTPIntroduction to HTTP
Introduction to HTTP
 
Hack session for NYTimes Dialect Map Visualization( developed by R Shiny)
Hack session for NYTimes Dialect Map Visualization( developed by R Shiny) Hack session for NYTimes Dialect Map Visualization( developed by R Shiny)
Hack session for NYTimes Dialect Map Visualization( developed by R Shiny)
 
HTTP Session Replication with Oracle Coherence, GlassFish, WebLogic
HTTP Session Replication with Oracle Coherence, GlassFish, WebLogicHTTP Session Replication with Oracle Coherence, GlassFish, WebLogic
HTTP Session Replication with Oracle Coherence, GlassFish, WebLogic
 
Working with Cookies in NodeJS
Working with Cookies in NodeJSWorking with Cookies in NodeJS
Working with Cookies in NodeJS
 
Internet access via cable tv network ppt
Internet access via cable tv network pptInternet access via cable tv network ppt
Internet access via cable tv network ppt
 
Introduction to HTTP protocol
Introduction to HTTP protocolIntroduction to HTTP protocol
Introduction to HTTP protocol
 
Network security
Network securityNetwork security
Network security
 
Sample Cloud Application Security and Operations Policy [release]
Sample Cloud Application Security and Operations Policy [release]Sample Cloud Application Security and Operations Policy [release]
Sample Cloud Application Security and Operations Policy [release]
 

Similar to Access Control for HTTP Operations on Linked Data

Grails And The Semantic Web
Grails And The Semantic WebGrails And The Semantic Web
Grails And The Semantic Webwilliam_greenly
 
Take a Groovy REST
Take a Groovy RESTTake a Groovy REST
Take a Groovy RESTRestlet
 
SPARQL 1.1 Update (2013-03-05)
SPARQL 1.1 Update (2013-03-05)SPARQL 1.1 Update (2013-03-05)
SPARQL 1.1 Update (2013-03-05)andyseaborne
 
Tutorial "An Introduction to SPARQL and Queries over Linked Data" Chapter 3 (...
Tutorial "An Introduction to SPARQL and Queries over Linked Data" Chapter 3 (...Tutorial "An Introduction to SPARQL and Queries over Linked Data" Chapter 3 (...
Tutorial "An Introduction to SPARQL and Queries over Linked Data" Chapter 3 (...Olaf Hartig
 
Context-Aware Access Control for RDF Graph Stores
Context-Aware Access Control for RDF Graph StoresContext-Aware Access Control for RDF Graph Stores
Context-Aware Access Control for RDF Graph StoresSerena Villata
 
Web Scale Reasoning and the LarKC Project
Web Scale Reasoning and the LarKC ProjectWeb Scale Reasoning and the LarKC Project
Web Scale Reasoning and the LarKC ProjectSaltlux Inc.
 
GraphConnect 2014 SF: From Zero to Graph in 120: Scale
GraphConnect 2014 SF: From Zero to Graph in 120: ScaleGraphConnect 2014 SF: From Zero to Graph in 120: Scale
GraphConnect 2014 SF: From Zero to Graph in 120: ScaleNeo4j
 
FlutterでGraphQLを扱う
FlutterでGraphQLを扱うFlutterでGraphQLを扱う
FlutterでGraphQLを扱うIgaHironobu
 
Slug: A Semantic Web Crawler
Slug: A Semantic Web CrawlerSlug: A Semantic Web Crawler
Slug: A Semantic Web CrawlerLeigh Dodds
 
Spark Streaming @ Scale (Clicktale)
Spark Streaming @ Scale (Clicktale)Spark Streaming @ Scale (Clicktale)
Spark Streaming @ Scale (Clicktale)Yuval Itzchakov
 
MongoDB.local Dallas 2019: MongoDB and Spark
MongoDB.local Dallas 2019: MongoDB and SparkMongoDB.local Dallas 2019: MongoDB and Spark
MongoDB.local Dallas 2019: MongoDB and SparkMongoDB
 
Introduction to real time big data with Apache Spark
Introduction to real time big data with Apache SparkIntroduction to real time big data with Apache Spark
Introduction to real time big data with Apache SparkTaras Matyashovsky
 
Arabidopsis Information Portal, Developer Workshop 2014, Introduction
Arabidopsis Information Portal, Developer Workshop 2014, IntroductionArabidopsis Information Portal, Developer Workshop 2014, Introduction
Arabidopsis Information Portal, Developer Workshop 2014, IntroductionJasonRafeMiller
 
Spy hard, challenges of 100G deep packet inspection on x86 platform
Spy hard, challenges of 100G deep packet inspection on x86 platformSpy hard, challenges of 100G deep packet inspection on x86 platform
Spy hard, challenges of 100G deep packet inspection on x86 platformRedge Technologies
 
Scaling Spark Workloads on YARN - Boulder/Denver July 2015
Scaling Spark Workloads on YARN - Boulder/Denver July 2015Scaling Spark Workloads on YARN - Boulder/Denver July 2015
Scaling Spark Workloads on YARN - Boulder/Denver July 2015Mac Moore
 
Open Security Operations Center - OpenSOC
Open Security Operations Center - OpenSOCOpen Security Operations Center - OpenSOC
Open Security Operations Center - OpenSOCSheetal Dolas
 
Sustainable queryable access to Linked Data
Sustainable queryable access to Linked DataSustainable queryable access to Linked Data
Sustainable queryable access to Linked DataRuben Verborgh
 
Emerging technologies /frameworks in Big Data
Emerging technologies /frameworks in Big DataEmerging technologies /frameworks in Big Data
Emerging technologies /frameworks in Big DataRahul Jain
 
Berlin Buzz Words - Apache Drill by Ted Dunning & Michael Hausenblas
Berlin Buzz Words - Apache Drill by Ted Dunning & Michael HausenblasBerlin Buzz Words - Apache Drill by Ted Dunning & Michael Hausenblas
Berlin Buzz Words - Apache Drill by Ted Dunning & Michael HausenblasMapR Technologies
 

Similar to Access Control for HTTP Operations on Linked Data (20)

Grails And The Semantic Web
Grails And The Semantic WebGrails And The Semantic Web
Grails And The Semantic Web
 
Take a Groovy REST
Take a Groovy RESTTake a Groovy REST
Take a Groovy REST
 
SPARQL 1.1 Update (2013-03-05)
SPARQL 1.1 Update (2013-03-05)SPARQL 1.1 Update (2013-03-05)
SPARQL 1.1 Update (2013-03-05)
 
Tutorial "An Introduction to SPARQL and Queries over Linked Data" Chapter 3 (...
Tutorial "An Introduction to SPARQL and Queries over Linked Data" Chapter 3 (...Tutorial "An Introduction to SPARQL and Queries over Linked Data" Chapter 3 (...
Tutorial "An Introduction to SPARQL and Queries over Linked Data" Chapter 3 (...
 
Context-Aware Access Control for RDF Graph Stores
Context-Aware Access Control for RDF Graph StoresContext-Aware Access Control for RDF Graph Stores
Context-Aware Access Control for RDF Graph Stores
 
Web Scale Reasoning and the LarKC Project
Web Scale Reasoning and the LarKC ProjectWeb Scale Reasoning and the LarKC Project
Web Scale Reasoning and the LarKC Project
 
GraphConnect 2014 SF: From Zero to Graph in 120: Scale
GraphConnect 2014 SF: From Zero to Graph in 120: ScaleGraphConnect 2014 SF: From Zero to Graph in 120: Scale
GraphConnect 2014 SF: From Zero to Graph in 120: Scale
 
FlutterでGraphQLを扱う
FlutterでGraphQLを扱うFlutterでGraphQLを扱う
FlutterでGraphQLを扱う
 
Slug: A Semantic Web Crawler
Slug: A Semantic Web CrawlerSlug: A Semantic Web Crawler
Slug: A Semantic Web Crawler
 
Spark Streaming @ Scale (Clicktale)
Spark Streaming @ Scale (Clicktale)Spark Streaming @ Scale (Clicktale)
Spark Streaming @ Scale (Clicktale)
 
MongoDB and Spark
MongoDB and SparkMongoDB and Spark
MongoDB and Spark
 
MongoDB.local Dallas 2019: MongoDB and Spark
MongoDB.local Dallas 2019: MongoDB and SparkMongoDB.local Dallas 2019: MongoDB and Spark
MongoDB.local Dallas 2019: MongoDB and Spark
 
Introduction to real time big data with Apache Spark
Introduction to real time big data with Apache SparkIntroduction to real time big data with Apache Spark
Introduction to real time big data with Apache Spark
 
Arabidopsis Information Portal, Developer Workshop 2014, Introduction
Arabidopsis Information Portal, Developer Workshop 2014, IntroductionArabidopsis Information Portal, Developer Workshop 2014, Introduction
Arabidopsis Information Portal, Developer Workshop 2014, Introduction
 
Spy hard, challenges of 100G deep packet inspection on x86 platform
Spy hard, challenges of 100G deep packet inspection on x86 platformSpy hard, challenges of 100G deep packet inspection on x86 platform
Spy hard, challenges of 100G deep packet inspection on x86 platform
 
Scaling Spark Workloads on YARN - Boulder/Denver July 2015
Scaling Spark Workloads on YARN - Boulder/Denver July 2015Scaling Spark Workloads on YARN - Boulder/Denver July 2015
Scaling Spark Workloads on YARN - Boulder/Denver July 2015
 
Open Security Operations Center - OpenSOC
Open Security Operations Center - OpenSOCOpen Security Operations Center - OpenSOC
Open Security Operations Center - OpenSOC
 
Sustainable queryable access to Linked Data
Sustainable queryable access to Linked DataSustainable queryable access to Linked Data
Sustainable queryable access to Linked Data
 
Emerging technologies /frameworks in Big Data
Emerging technologies /frameworks in Big DataEmerging technologies /frameworks in Big Data
Emerging technologies /frameworks in Big Data
 
Berlin Buzz Words - Apache Drill by Ted Dunning & Michael Hausenblas
Berlin Buzz Words - Apache Drill by Ted Dunning & Michael HausenblasBerlin Buzz Words - Apache Drill by Ted Dunning & Michael Hausenblas
Berlin Buzz Words - Apache Drill by Ted Dunning & Michael Hausenblas
 

More from Luca Costabello

Machine Learning on Knowledge Graphs: a Quick Tour of Knowledge Graph Embeddings
Machine Learning on Knowledge Graphs: a Quick Tour of Knowledge Graph EmbeddingsMachine Learning on Knowledge Graphs: a Quick Tour of Knowledge Graph Embeddings
Machine Learning on Knowledge Graphs: a Quick Tour of Knowledge Graph EmbeddingsLuca Costabello
 
Traffic Analytics for Linked Data Publishers
Traffic Analytics for Linked Data PublishersTraffic Analytics for Linked Data Publishers
Traffic Analytics for Linked Data PublishersLuca Costabello
 
Error-Tolerant RDF Subgraph Matching for Adaptive Presentation of Linked Data...
Error-Tolerant RDF Subgraph Matching for Adaptive Presentation of Linked Data...Error-Tolerant RDF Subgraph Matching for Adaptive Presentation of Linked Data...
Error-Tolerant RDF Subgraph Matching for Adaptive Presentation of Linked Data...Luca Costabello
 
Context-Aware Access Control and Presentation of Linked Data
Context-Aware Access Control and Presentation of Linked DataContext-Aware Access Control and Presentation of Linked Data
Context-Aware Access Control and Presentation of Linked DataLuca Costabello
 
Linked Data Access Goes Mobile: Context Aware Authorization for Graph Stores
Linked Data Access Goes Mobile: Context Aware Authorization for Graph StoresLinked Data Access Goes Mobile: Context Aware Authorization for Graph Stores
Linked Data Access Goes Mobile: Context Aware Authorization for Graph StoresLuca Costabello
 
PRISSMA, Towards Mobile Adaptive Presentation of the Web of Data
PRISSMA, Towards Mobile Adaptive Presentation of the Web of DataPRISSMA, Towards Mobile Adaptive Presentation of the Web of Data
PRISSMA, Towards Mobile Adaptive Presentation of the Web of DataLuca Costabello
 
Time Based Cluster Analysis for Automatic Blog Generation
Time Based Cluster Analysis for Automatic Blog GenerationTime Based Cluster Analysis for Automatic Blog Generation
Time Based Cluster Analysis for Automatic Blog GenerationLuca Costabello
 

More from Luca Costabello (7)

Machine Learning on Knowledge Graphs: a Quick Tour of Knowledge Graph Embeddings
Machine Learning on Knowledge Graphs: a Quick Tour of Knowledge Graph EmbeddingsMachine Learning on Knowledge Graphs: a Quick Tour of Knowledge Graph Embeddings
Machine Learning on Knowledge Graphs: a Quick Tour of Knowledge Graph Embeddings
 
Traffic Analytics for Linked Data Publishers
Traffic Analytics for Linked Data PublishersTraffic Analytics for Linked Data Publishers
Traffic Analytics for Linked Data Publishers
 
Error-Tolerant RDF Subgraph Matching for Adaptive Presentation of Linked Data...
Error-Tolerant RDF Subgraph Matching for Adaptive Presentation of Linked Data...Error-Tolerant RDF Subgraph Matching for Adaptive Presentation of Linked Data...
Error-Tolerant RDF Subgraph Matching for Adaptive Presentation of Linked Data...
 
Context-Aware Access Control and Presentation of Linked Data
Context-Aware Access Control and Presentation of Linked DataContext-Aware Access Control and Presentation of Linked Data
Context-Aware Access Control and Presentation of Linked Data
 
Linked Data Access Goes Mobile: Context Aware Authorization for Graph Stores
Linked Data Access Goes Mobile: Context Aware Authorization for Graph StoresLinked Data Access Goes Mobile: Context Aware Authorization for Graph Stores
Linked Data Access Goes Mobile: Context Aware Authorization for Graph Stores
 
PRISSMA, Towards Mobile Adaptive Presentation of the Web of Data
PRISSMA, Towards Mobile Adaptive Presentation of the Web of DataPRISSMA, Towards Mobile Adaptive Presentation of the Web of Data
PRISSMA, Towards Mobile Adaptive Presentation of the Web of Data
 
Time Based Cluster Analysis for Automatic Blog Generation
Time Based Cluster Analysis for Automatic Blog GenerationTime Based Cluster Analysis for Automatic Blog Generation
Time Based Cluster Analysis for Automatic Blog Generation
 

Recently uploaded

Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 

Recently uploaded (20)

Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 

Access Control for HTTP Operations on Linked Data

  • 1. Access Control for HTTP Operations on Linked Data ! Luca  Costabello   Serena  Villata   Oscar  Rodriguez  Rocha   Fabien  Gandon  
  • 2. Outline! ●  Introduction" ●  Shi3ld Authorization Procedure" ●  Shi3ld for HTTP: Scenarios" ●  Response Time Evaluation" ●  Future Work"
  • 3. Outline! ●  Introduction! ●  Shi3ld Authorization Procedure! ●  Shi3ld for HTTP: Scenarios" ●  Response Time Evaluation" ●  Future Work"
  • 4. Accessing Linked Data! ●  HTTP URIs dereferencing" ●  SPARQL queries" ●  RDFa, search engines APIs"
  • 5. Accessing Linked Data! ●  HTTP URIs dereferencing! ●  SPARQL queries" ●  RDFa, search engines APIs" GET /data/resource HTTP/1.1! Host: example.org! ...!
  • 6. Our Problem! 6   How to design an authorization framework for HTTP interaction with Linked Data? " GET /data/resource HTTP/1.1! Host: example.org! Authorization: ...!
  • 7. Access Control for Triple Stores! 7 HTTP   Interac:on   A<ribute-­‐ Based  AC   Model   Policies  in   RDF/SPARQL   Resource-­‐level   Granularity   Context   Awareness   Shi3ld-­‐SPARQL  [2012]   WAC  [2007]   Proteus [2006]   Abel et al. [2007]   Finin et al. [2008]   Flouris et al. [2010]   PPO  [2011]  
  • 8. 8   SELECT … ! WHERE {…}! Our Proposal: ! Adapting Shi3ld-SPARQL to HTTP!
  • 9. 9   GET /data/resource HTTP/1.1! Host: example.org! Authorization: ...! Our Proposal: ! Adapting Shi3ld-SPARQL to HTTP!
  • 10. Outline! ●  Background" ●  Shi3ld Authorization Procedure" ●  Adapting Shi3ld-SPARQL to HTTP! ●  Response Time Evaluation" ●  Future Work"
  • 11. Shi3ld Access Policy! 11   AccessConditionSet AccessPolicy hasContext AccessPrivilege hasAccessPrivilege appliesTo UserDevice Environment Context environmentdevice user hasAccessConditionSet AccessCondition hasAccessCondition Two “Styles” for Access Conditions" ●  SPARQL-based" ●  SPARQL-less"
  • 12. Sample Access Policy (SPARQL-based)! 12   :policy1 a s4ac:AccessPolicy; ! s4ac:appliesTo :resource; ! s4ac:hasAccessPrivilege s4ac:Read;! s4ac:hasAccessConditionSet :acs1.! ! :acs1 a s4ac:AccessConditionSet; ! s4ac:hasAccessCondition :ac1.! ! :ac1 a s4ac:AccessCondition;! ! s4ac:hasQueryAsk ! !"""ASK ! ! !{?ctx a prissma:Context; ! ! ! ! prissma:environment ?env;! ! ! prissma:user <http://example.org/john.rdf#me>. ! ! !?env prissma:currentPOI ?poi. ! ! !?poi prissma:based_near ?p.! ! !?p geo:lat ?lat;geo:lon ?lon.! ! !FILTER(((?lat-45.8483) > 0 && (?lat-45.8483) < 0.5! ! !|| (?lat-45.8483) < 0 && (?lat-45.8483) > -0.5)! ! !&& ((?lon-7.3263) > 0 && (?lon-7.3263) < 0.5 ! ! !|| (?lon-7.3263) < 0 && (?lon-7.3263) > -0.5 ))}""".! Protected resource Access Condition to be verified: «User must be John and request must come from a specific location»
  • 13. Sample Access Policy (SPARQL-less)! 13   :policy1 a s4ac:AccessPolicy; ! s4ac:appliesTo :resource; ! s4ac:hasAccessPrivilege s4ac:Read;! s4ac:hasAccessConditionSet :acs1.! ! :acs1 a s4ac:AccessConditionSet; ! s4ac:hasAccessCondition :ac1.! ! :ac1 a s4ac:AccessCondition;! ! s4ac:hasContext :ctx1.! ! :ctx1 a prissma:Context;! !prissma:user <http://example.org/john.rdf#me>;! !prissma:environment :env1.! ! :env1 a prissma:Environment;! prissma:nearbyEntity <http://alice.org#me>.! Protected resource Access Condition to be verified: «User must be John and Alice must be nearby»
  • 14. 14   Authorization Procedure
 ! 1. Adding Client Attributes to HTTP operation" 2. Access Conditions Execution! 3. HTTP Response Construction!
  • 15. Authorization Procedure
 ! 15   GET /data/resource HTTP/1.1! Host: example.org! Authorization: Shi3ld <...>! 1. Adding Client Attributes to HTTP operation" 2. Access Conditions Execution" 3. HTTP Response Construction" UserDevice Environment Context environmentdevice user <http://carl-johnson.org#me> :env_AC1 <http://alice.org#me> p:nearbyEntity p:user p:environment p:nearbyEntity :ctx_AC1 foaf:gender "male"
  • 16. Authorization Procedure (SPARQL-based)
 ! 16   1. Adding Client Attributes to HTTP operation" 2. Access Conditions Execution! 3. HTTP Response Construction" ASK {?context ! a prissma:Context; ! prissma:user ex:john.} ! =  "false"   VALUES (?context) {(:client_attributes)}! GET /data/resource HTTP/1.1! Host: example.org! Authorization: Shi3ld <...>!
  • 17. Authorization Procedure (SPARQL-less)
 ! 17   1. Adding Client Attributes to HTTP operation" 2. Access Conditions Execution! 3. HTTP Response Construction" !:context a prissma:Context; ! ! prissma:user ex:john. ! "no match"   GET /data/resource HTTP/1.1! Host: example.org! Authorization: Shi3ld <...>! <http://carl-johnson.org#me> :env_AC1 <http://alice.org#me> p:nearbyEntity p:user p:environment p:nearbyEntity :ctx_AC1 foaf:gender "male"
  • 18. Authorization Procedure
 ! 18   1. Adding Client Attributes to HTTP operation" 2. Access Conditions Execution" 3. HTTP Response Construction! :resource! 401 Unauthorized!
  • 19. Outline! ●  Introduction" ●  Authorization Procedure" ●  Shi3ld for HTTP: Scenarios! ●  Response Time Evaluation" ●  Future Work"
  • 20. HTTP Operations on Linked Data: 
 Our Scenarios! 20   ●  SPARQL 1.1 Graph Store Protocol (GSP)" " ●  W3C Linked Data Platform (LDP) 1.0" Best practices for a read-write HTTP-based Linked Data architecture. "" GET /rdf-graph-store?graph=... HTTP/1.1! Host: example.com! Accept: text/turtle; charset=utf-8! CONSTRUCT { ?s ?p ?o } ! WHERE { GRAPH <...> ! { ?s ?p ?o } }!
  • 21. HTTP Operations on Linked Data: 
 Our Scenarios! 21   ●  SPARQL 1.1 Graph Store Protocol (GSP)" !Shi3ld-GSP! " ●  W3C Linked Data Platform (LDP) 1.0" "Shi3ld-LDP! •  SPARQL-based! •  SPARQL-less!
  • 22. HTTP Operations on Linked Data: 
 Our Scenarios! 22   ●  SPARQL 1.1 Graph Store Protocol (GSP)" !Shi3ld-GSP! " ●  W3C Linked Data Platform (LDP) 1.0" "Shi3ld-LDP! •  SPARQL-based! •  SPARQL-less!
  • 23. Shi3ld- GSP! 23   Shi3ld-GSPClient SPARQL 1.1 GSP Triple Store GET /data/resource HTTP/1.1 Host: example.org Authorization: Shi3ld:base64(attributes) INSERT/DATA(attributes) SELECT(Access Policies) ASK (AC1) ASK (ACn) . . . GET /data/resource HTTP/1.1 Host: example.org 200 OK HTTP HTTP/SPARQL 1. Adding Client Attributes 2. AC Execution 3.  HTTP  Response  Construc:on  
  • 24. HTTP Operations on Linked Data: 
 Our Scenarios! 24   ●  SPARQL 1.1 Graph Store Protocol (GSP)" !Shi3ld-GSP! " ●  W3C Linked Data Platform (LDP) 1.0" "Shi3ld-LDP! •  SPARQL-based! •  SPARQL-less!
  • 25. LDP Server INSERT/DATA(attributes) SELECT(Access Policies) ASK (AC1) ASK (ACn) . . . Shi3ld-LDP Internal Triple Store Internal SPARQL Engine Shi3ld Frontend Client GET /data/resource HTTP/1.1 Host: example.org Authorization: Shi3ld:base64(attributes) 200 OK File System/ Triple Store HTTP getData() Shi3ld Internal Shi3ld-LDP (SPARQL-based)! 25   1. Adding Client Attributes 2. AC Execution 3.  HTTP  Response  Construc:on  
  • 26. 26   Shi3ld-LDP (SPARQL-less)! File System/ Triple Store Save attributes Get Access Policies attributes.contains(AC1) attributes.contains(ACn) . . . Shi3ld-LDP Subgraph matcher Shi3ld Frontend Client GET /data/resource HTTP/1.1 Host: example.org Authorization: Shi3ld:base64(attributes) LDP Server HTTP Shi3ld Internal 200 OK getData() 1. Adding Client Attributes 2. AC Execution 3.  HTTP  Response  Construc:on  
  • 27. Outline! ●  Background" ●  Authorization Procedure" ●  Shi3ld for HTTP: Scenarios" ●  Response Time Evaluation! ●  Future Work"
  • 28. Response Time Evaluation! 28   ●  Response time linear w/ AC #" ●  SPARQL-less: 25% faster" ●  Empty RDF Store: only 14% faster"
  • 29. Response Time Evaluation! 29   ●  AC complexity does not affect response time" ●  Response time independent from HTTP method"
  • 30. Outline! ●  Background" ●  Authorization Procedure" ●  Shi3ld for HTTP: Scenarios" ●  Response Time Evaluation" ●  Future Work!
  • 31. Future Work! bit.ly/shi3ld-http Luca  Costabello   @lukostaz!   Serena  Villata   @serena_villata!   Oscar  Rodriguez-­‐Rocha   @orocha!   Fabien  Gandon   @fabien_gandon   ●  Client Attributes Trustworthiness " ●  Client Attributes Caching" ●  Admin UI"