Secure Manipulation of Linked Data Sabrina Kirrane 1,2 , Ahmed Abdelrahman 1 , Alessandra Mileo 1 , and Stefan Decker 1 1 Digital Enterprise Research Institute National University of Ireland, Galway {firstname.lastname}@deri.ie http://www.deri.ie 2 Storm Technology, Ireland http://www.storm.ie Abstract. When it comes to publishing data on the web, the level of access control required (if any) is highly dependent on the type of content exposed. Up until now RDF data publishers have focused on exposing and linking public data. With the advent of SPARQL 1.1, the linked data infrastructure can be used, not only as a means of publishing open data but also, as a general mechanism for managing distributed graph data. However, such a decentralised architecture brings with it a number of additional challenges with respect to both data security and integrity. In this paper, we propose a general authorisation framework that can be used to deliver dynamic query results based on user credentials and to cater for the secure manipulation of linked data. Specifically we describe how graph patterns, propagation rules, conflict resolution policies and in- tegrity constraints can together be used to specify and enforce consistent access control policies. 1 Introduction In the early days, the Web was primarily used as a medium for sharing and linking static information. However it wasn’t until challenges with respect to data confidentiality, authenticity and integrity were addressed that electronic business became common place. It is not surprising that the Semantic Web is following a similar evolution. With the advent of SPARQL 1.1, an update language for RDF graphs, it is possible for the Semantic Web to evolve from a medium for publishing and linking data to a dynamic read/write distributed data source, that can support the next generation of electronic business applications. However, in order to make the move from simply exposing to maintaining linked data we must first provide solutions for data security and integrity. To date researchers have focused primarily on the specification of access con- trol policies for RDF stores based on RDF patterns [13, 8, 4, 1, 6] or the spec- ification and enforcement of access control ontologies over linked data [3, 14]. Although some of these authors touch upon reasoning over access control poli- cies, they do not propose a general authorisation framework which can support H. Alani et al. (Eds.): ISWC 2013, Part I, LNCS 8218, pp. 248–263, 2013. c  Springer-Verlag Berlin Heidelberg 2013