Thanks Ivan, I will check to link you sent me, that would work for the medical information case. As for the papers scenario, we would have to build a query build on top of Virtuoso.
Cheers, Leyla On Mon, Feb 7, 2011 at 4:16 PM, Ivan Mikhailov <imikhai...@openlinksw.com>wrote: > Hello Leyla, > > Virtuoso supports graph-level security, as described in > http://docs.openlinksw.com/virtuoso/rdfgraphsecurity.html > but not subject-level or predicate-level, so if the application should > keep some properties private it should keep their triples in an isolated > private graph. > > If a user has read access to some data it has full read access. Virtuoso > does not have a "filter-only" access permission. What can be used in > search criteria can also be returned. The possible workaround for paper > could be exposing only abstracts, but it would be better to make a query > builder that would not be able to return "hidden" data. > > Best Regards, > > Ivan Mikhailov > OpenLink Software > http://virtuoso.openlinksw.com > > On Sun, 2011-02-06 at 18:14 +0000, Leyla Jael García Castro wrote: > > Hello All, > > > > We have some RDF files modeling medical information including desease, > > treatment, patient name, gender, age, etc. Information related to > > deseases and treatments are public while names and so other are > > private and should be visible only to authorized users. > > Both public and private information could be used in SPARQL queries, > > but actually retrieving the private fields should be restricted. How > > can this security issue taken into account in Virtuoso? > > > > Another example is related to publications. Only subscribers should be > > able to actually retrieve the text of a publication; however everyone > > should be able to use those fields for querying and filter. For > > instance, retrieving authors for all those papers with "term X" in the > > "introduction" section should be possible for everyone whilst > > retrieving the corresponding text for the "introduction" section > > should be only available to subscribers. How can I achieve that with > > Virtuoso? or SPARQL? > > > > I appreciate any help in this regard, > > > > LJ > > >
