PUBLICATION
SBAC: A Shape-based Access Control Model for Knowledge Graphs
Type
Conference Paper
Year
2026
Authors
Christoph Göpfert M.Sc.
Jan Haas M.Sc.
Prof. Dr.-Ing. Martin Gaedke
Research Area
Event
26th International Conference of Web Engineering
Published in
26th International Conference on Web Engineering, Lyon, France
ISBN/ISSN
tba
Download
TBA
Abstract
Access control for knowledge graphs is commonly implemented at dataset, graph, or triple granularity, or via query-time filtering and rewriting. The number of required access control rules increases with the granularity of the access control model, thereby increasing the administrative burden. Current approaches suffer from a linear increase in the number of rules with increasing granularity, as well as from the inability to express policies at intermediate granularity levels. This paper introduces a novel access control model, the Shape-Based Access Control (SBAC) model, targeting an intermediate granularity level. In this model, access is granted over declarative shapes that define the parts of the graph that can be accessed. SBAC derives the corresponding subgraph for each shape that a user has access to. By merging these subgraphs, we obtain the graph of accessible shapes, against which queries are executed. Before executing a query, an authorization policy checks whether the query can be answered safely using this graph. If it cannot, the query is rejected. We evaluate the effectiveness of SBAC and its impact on query performance in a university setting using the LUBM benchmark.
Reference
TBA
