This document describes a threat model for RDF.
As you can probably tell, it is very much work-in-progress.
Different actors using RDF (enlarge)
A producer is producing RDF data that is shared via a channel, and stored in a SPARQL store.
A copy of that RDF data is received via the same channel, and inspected by a consumer.
Another consumer is using an application that is processing that copy of the RDF data.
A third consumer is querying an endpoint exposed by the RDF store.
A data architect is producing a schema, which describes both the initial RDF data and its copy.