Data Integration Based on SPARQL, WebID and Vocabularies
The basic architecture of a local LOD2 Stack installation is depicted in Fig. 6. All components in the LOD2 Stack act upon RDF data and are able to communicate via SPARQL with the central system-wide RDF quad store (i.e. SPARQL backend). This quad store (Openlink Virtuoso) manages user graphs (knowledge bases) as well as a set of speciﬁc system graphs where the behaviour and status of the overall system is described. The following system graphs are currently used:
In addition to the standard Debian package content, each LOD2 Stack package consists of a RDF package info which contains:
• The basic package description, e.g. labels, dates, maintainer info (this is basically DOAP data and redundant to the classic Debian control ﬁle)
• Pointers to the place where the application is available (e.g. the menu entry in the LOD2 Stack workbench)
• A list of capabilities of the packed software (e.g. resource linking, RDB extraction). These capabilities are part of a controlled vocabulary. The terms are used as pointers for provenance logging, access control deﬁnition and a future capability browser of the LOD2 workbench.
Upon installation, the package info is automatically added to the package graph to allow the workbench / demonstrator to query which applications are available and what is the user able to do with them.
Fig. 7. The visualization widgets CubeViz (statistic) and SemMap (spatial data).
Access Control Graph:
This system graph is related to WebID  authentication and describes which users are able to use which capabilities and have access to which graphs. The default state of this graph contains no restrictions, but could be used to restrict certain WebIDs to speciﬁc capabilities. Currently, only OntoWiki takes this graph into account and the access control deﬁnition is based on the WebAccessControl schema .
Each software package is able to log system wide provenance information to reﬂect the evolution of a certain knowledge base. Diﬀerent ontologies are developed for that use-case. To keep the context of the LOD2 Stack, we use the controlled capability vocabulary as reference points.
In addition to the SPARQL protocol endpoint, application packages can use a set of APIs which allow queries and manipulation currently not available with SPARQL alone (e.g. fetching graph information and manipulating namespaces). Two authorized administration tools are allowed to manipulate the package and access control graphs:
• The Debian system installer application automatically adds and removes package descriptions during install / upgrade and remove operations.
• The LOD2 Workbench (Demonstrator) is able to manipulate the access control graph.
All other packages are able to use the APIs as well as to create, update and delete knowledge bases. Chapter 5 gives an comprehensive overview on the LOD2 Stack components.