Access Control for the Linked Data

This work contributes to the emerging trend of building the Future Internet, with particular interest in advantages of transition from the Web of Documents to the Web of Data. Linked Data concept deals with general principles on how to connect data that is distributed and publicly available across the Web. As data is exposed to public consumption, the question of access control and privacy protection founds important place. We deem that privacy of data is protected if a creator of data is always granted permission to access his own data and, moreover, he can control access to his data. We introduce a calculus for modeling networks of linked data with encoded privacy preferences. A network is a parallel composition of users, where each user is named and consists of data and a process. Data is a parallel composition of name triples. Privacy protection policies are represented as queries, and each name and each triple of names are associated with their privacy protection policies. A user is granted permission to access a data triple if the user's data satisfies the query assigned to that triple. This type system ensures that static type-checking prevents privacy violations. We prove that any well-typed network is well behaved, where a network is well behaved if - access to a triple is more restrictive than access to its components and less restrictive than access to the user name it is enclosed with, - each user can completely access his own data, - a user can update or partly delete data that he owns (i.e. he can access each triple), and - a user can update privacy preference policy of data of another profile that he owns or write data to another profile only if the newly obtained profile stays fully accessible to its owner. What distinguishes this work from others analysing variety of security properties is the fact that it does not feature any additional mean for privacy control beside those that are already present in the syntax of the calculus, i.e. privacy policies are expressed as queries and policy satisfaction comes to query satisfaction with users profiles in RDF format.