Secured dynamic graphs #2095

uahic · 2023-11-16T14:32:26Z

uahic
Nov 16, 2023

Hi there,

I'd like to ask if Jena supports applying a custom "graph evaluator" onto dynamically generated graphs (or datasets if you want to use that term)? From what I've seen by crawling examples and code you somehow need to define configuration ttl files which are then parsed and have that only available for static settings

Thank you in advance for your help :)

Answered by rvesse

Nov 17, 2023

There's a couple of things that may meet your requirements (though you've been very vague in your question).

Firstly in core Jena there's the Jena Permissions framework which provides wrappers around the normal Jena APIs e.g. Model, Graph, Dataset etc that can be used to apply custom security evaluators to access to the underlying graphs. These can be specified via Jena's Assembler configuration methodology (the TTL files you mention) but could equally be done programmatically. This methodology can be as dynamic as your SecurityEvaluator implementation.

Secondly, and not in Jena itself, but rather built using it, is rdf-abac where access to triples/quads is controlled by separately stored…

View full answer

rvesse · 2023-11-17T10:00:15Z

rvesse
Nov 17, 2023
Collaborator

There's a couple of things that may meet your requirements (though you've been very vague in your question).

Firstly in core Jena there's the Jena Permissions framework which provides wrappers around the normal Jena APIs e.g. Model, Graph, Dataset etc that can be used to apply custom security evaluators to access to the underlying graphs. These can be specified via Jena's Assembler configuration methodology (the TTL files you mention) but could equally be done programmatically. This methodology can be as dynamic as your SecurityEvaluator implementation.

Secondly, and not in Jena itself, but rather built using it, is rdf-abac where access to triples/quads is controlled by separately stored label expressions that are evaluated at data access time to decide what a given user can/can't see. Again the easiest way to configure this is to use Jena Assembler (again TTL files) but you can programmatically configure it as well. This method would be dynamic in the sense that the labels applied to triples/quads can be updated independently of the data, and the users attributes can be updated over time so as those two things change the view of the data a given user sees changes.

Disclaimer: That repository is a point in time code drop of functionality @afs has developed for the $dayjob where he and I both work that was released to meet contractual obligations. That codebase continues to involve internally (and has changed a lot from that code drop), this may/may not become actual open source at some point in the future but I can't give you any indication as to whether that will happen, nor when, as that's ultimately a business decisions for our employer.

1 reply

uahic Nov 20, 2023
Author

thank you, that helps a lot :)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Secured dynamic graphs #2095

{{title}}

Replies: 1 comment 1 reply

{{title}}

{{title}}

Select a reply

Secured dynamic graphs #2095

uahic Nov 16, 2023

Replies: 1 comment · 1 reply

rvesse Nov 17, 2023 Collaborator

uahic Nov 20, 2023 Author

uahic
Nov 16, 2023

Replies: 1 comment 1 reply

rvesse
Nov 17, 2023
Collaborator

uahic Nov 20, 2023
Author