Hi, is there a way how to give RDF subject/property/object read/write permissions with VPD policy? I only can give SELECT/UPDATE/DELETE permission to whole application table, but can I give read/write permissions to RDF subject, property or object?
Edited by: user1000476 on 29.4.2011 10:22
The recommended way to achieve fine-grained security for RDF Data is using triple-level Oracle Label Security (OLS).
VPD for RDF does not currently support updates.
I have to decide between VPD and OLS. OLS is for me better, but it must be installed. I read manual and what about my tables and data - I lose it all? (Question 1)
I have a problem with installation process. There are two places where I can run Universal Installer:
a) the place where I downloaded und unpacked database data
b) path $ORACLE_HOME/oui/bin/runInstaller
In place a) I can't install OLS into existing database. I got a warning and I have to choose different path where isn't any database yet.
In place b) I can choose an existing database, select Advanced installation and check Oracle Label Security option. But when I click Install I get an error ( I do not remember error description, but I didn't find it using Google - no results). How should I install OLS into existing DB? (Question 2)
(Release 22.214.171.124.0, OS: Ubuntu 10.10 x86_64, 2.6.35-28-generic)
Thanks for your answers.
You can NOT add OLS to an existing ORACLE_HOME
If you have a Production installation, then you better leave that one alone and do an new Test installation. Once you install the Test installation you can move data from the Production to do your tests in RDF+OLS
As you may already know when installing when you get to this screen:
"Select Database Edition"
Enterprise Edition -> in this screen click "Select Options" button and check "Oracle Label Security"
Once you have installed this Oracle Home and a new database, connect as / as sysdba and install the OLS dictionary.
sqlplus / as sysdba
Note: OLS installation comprises two parts.
1. The binaries in the ORACLE_HOME outside the database (installed with the Oracle Installer)
2. The OLS dictionary (Tables, View, Packages) (installed with the script catols.sql)
It is not supported to use the export/import for RDF data.
In order to load the model into the Test Database, it is necessary to have the data in a file in N-Triple format.
if you do not have the original data in N-Triple format or RDF/XML, then you need to extract it from the Prod database.
Once you have the file in N-Triple format you can use the Bulk Loading method using Sql*Loader.
From the Production database where the model is, you can extract the model out to an N-Triple file using the Jena Adaptor.
In order to dump an existing model to N-Triple format to load it in another databasae do the following:
create file dump_model.java:
public class dump_model
public static void main(String args) throws Exception
String szJdbcURL = args;
String szUser = args;
String szPasswd = args;
String szModelName = args;
Oracle oracle = new Oracle(szJdbcURL, szUser, szPasswd);
Model model = ModelOracleSem.createOracleSemModel(oracle, szModelName);
OutputStream os = new FileOutputStream("./output.nt");
Change the commands according to the versions of Jena and Arq, this example is from past versions.
javac -classpath ./:./jena-2.6.2.jar:./sdordfclient.jar:./ojdbc5.jar:slf4j-api-1.5.6.jar:log4j-1.2.13.jar:slf4j-log4j12-1.5.6.jar:arq-2.8.1.jar:xercesImpl-2.7.1.jar dump_model.java
rdfusr rdfusr family to <user> <password> <model_name>
@machine.domain:1521:orcl with your connection info: @machine.domain:port:SID
-- To run:
java -classpath ./:./jena-2.6.2.jar:./sdordfclient.jar:./ojdbc5.jar:slf4j-api-1.5.6.jar:log4j-1.2.13.jar:slf4j-log4j12-1.5.6.jar:arq-2.8.1.jar:xercesImpl-2.7.1.jar:iri-0.7.jar:icu4j-3.4.4.jar dump_model jdbc:oracle:thin:@machine.domain:1521:orcl rdfusr rdfusr family
The N-Triple file output.nt should be created in <JENA_DIR>/lib
The NTriple file can be used to load the model into another database.
To donwload the Jena Adaptor go to:
click on "Download the Jena Adaptor for Oracle Database 11g Release 2 (ZIP - 772KB)"
This version of Jena Adaptor needs:
Jena 2.6.3, ARQ 2.8.5, Java JDK 1.6