W3C home > Mailing lists > Public > semantic-web@w3.org > September 2008

Re: SPARQL Security - Best Practices?

From: Richard Newman <rnewman@twinql.com>
Date: Tue, 2 Sep 2008 16:06:41 -0700
Cc: Semantic Web at W3C <semantic-web@w3.org>
Message-Id: <B443CA9A-55C9-46D5-A3E7-83B1883851E3@twinql.com>
To: Damian Steer <pldms@mac.com>

>> A couple of years ago I was working on a system that very heavily  
>> used very complex access control. My ultimate conclusion was that  
>> standard SPARQL was not very well suited to this kind of thing.  
>> That's an interesting conclusion for a SPARQL implementor to draw,  
>> but there you are :)
>
> Are any query languages suited to this?

Probably not! I expect that any language sufficiently powerful would  
either be a full-fledged programming language (cf. Prolog, which is  
one of the query interfaces AllegroGraph supports, and which could  
implement this sort of thing), or be too closely tied to an  
implementation to be standardized.

SPARQL is interesting here because features like datasets, GRAPH, etc.  
conspire to *appear* like the components one would need to build a  
graph-based in-query access control system, when in fact they are  
insufficient. I've had a number of people ask about it, and discussion  
of the pros and cons can become involved, particularly for people who  
are "just users".

Access control might be one of those things that is best left up to  
the implementation.
Received on Tuesday, 2 September 2008 23:07:16 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 21:45:25 GMT