Awesome

Shi3ld for HTTP operations

Shi3ld for HTTP is an access control module for enforcing authorization on triple stores. Shi3ld for HTTP protects HTTP operations on Linked Data and relies on attribute-based access policies.

Features

• Authorization for r/w HTTP Methods on RDF resources
• RDF Resource-oriented
• Policy Language in RDF/SPARQL or RDF only
• Attribute-based
• "Context-aware" Policies

The policy vocabularies namespace documents are available at:

• S4AC - for modelling Access Policies.
• PRISSMA - for modelling context client attributes.

Scenarios

Shi3ld for HTTP supports three different scenarios and are available in this repository branches:

• Shi3ld for SPARQL Graph Store Protocol
• Shi3ld for Linked Data Platform (SPARQL-based)
• Shi3ld for Linked Data Platform (SPARQL-less)

Scenarios are detailed in our paper Access Control for HTTP Operations on Linked Data

Installation

All Shi3ld scenarios are Java server side modules that run in a java application server (e.g. Tomcat)

The config.properties property file needs to be customized with the policy storage path and the triple storage path.

The Shi3ld-GSP scenario is compatible with the GSP-compliant Fuseki SPARQL engine needs the Fuseki server URL and the Fuseki dataset name.

The Shi3ld-LDP scenarios embed the Corese/KGRAM RDF store and SPARQL processor.

Testing

Shi3ld-HTTP can be tested with a standalone client shipped with sample client attributes.

Sample Access Policies can be found here.