Hello Leyla, Virtuoso supports graph-level security, as described in http://docs.openlinksw.com/virtuoso/rdfgraphsecurity.html but not subject-level or predicate-level, so if the application should keep some properties private it should keep their triples in an isolated private graph.
If a user has read access to some data it has full read access. Virtuoso does not have a "filter-only" access permission. What can be used in search criteria can also be returned. The possible workaround for paper could be exposing only abstracts, but it would be better to make a query builder that would not be able to return "hidden" data. Best Regards, Ivan Mikhailov OpenLink Software http://virtuoso.openlinksw.com On Sun, 2011-02-06 at 18:14 +0000, Leyla Jael García Castro wrote: > Hello All, > > We have some RDF files modeling medical information including desease, > treatment, patient name, gender, age, etc. Information related to > deseases and treatments are public while names and so other are > private and should be visible only to authorized users. > Both public and private information could be used in SPARQL queries, > but actually retrieving the private fields should be restricted. How > can this security issue taken into account in Virtuoso? > > Another example is related to publications. Only subscribers should be > able to actually retrieve the text of a publication; however everyone > should be able to use those fields for querying and filter. For > instance, retrieving authors for all those papers with "term X" in the > "introduction" section should be possible for everyone whilst > retrieving the corresponding text for the "introduction" section > should be only available to subscribers. How can I achieve that with > Virtuoso? or SPARQL? > > I appreciate any help in this regard, > > LJ
