Hi, I've been using Jena APIs for some time now, and I have a query regarding Jena Models, and their possible purpose as a mechanism for providing separation in our User profiles store.
Currently, our implementation, which holds non-real date, uses mySql to persist Jena Models, which are updated via RESTful web services. There is a Joseki SPARQL endpoint linked with this mySql database. The RDF triples in the data store are about all of our users (hypothetically). The Jena model, I have called "UserProfiles". This, clearly is not satisfactory. The SPARQL endpoint does not require authentication, OAuth etc.. and even if it did, it provides access to all the data in the RDF store. No privacy concerns at all! I have been thinking about various ways we might want to implement our privacy. Firstly, related to Jena: - What would be the benefits of giving every user in our system a Jena Model. Rather than one model: "UserProfiles", we might use "JoeBloggs123" --> I might see how we'd then implement RESTful queries so that it only mutates one Jena Model, of the many that exist --> It is far less clear how we would restrict SPARQL queries to just one Jena Model. My suspicion is that this would not be possible. -------- So my other alternatives to using Jena Models, would be to have another look at how one could apply security controls and priacy mechanisms on RDF stores. And how one would make those policies applicable to both SPARQL queries and RESTful web services. - Is there de-facto way of handling privacy and security on RDF stores? - Might Jena Models help? If not, what are Jena Models actually useful for? Thanks, -- Rob Stewart
