diff --git a/api/src/main/java/edu/cornell/mannlib/vedit/controller/BaseEditController.java b/api/src/main/java/edu/cornell/mannlib/vedit/controller/BaseEditController.java
index 23a3e6f51e..93a27e0e97 100644
--- a/api/src/main/java/edu/cornell/mannlib/vedit/controller/BaseEditController.java
+++ b/api/src/main/java/edu/cornell/mannlib/vedit/controller/BaseEditController.java
@@ -2,6 +2,9 @@
 
 package edu.cornell.mannlib.vedit.controller;
 
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.NamedKeyComponent.NOT_RELATED;
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.NamedKeyComponent.SUPPRESSION_BY_TYPE;
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.NamedKeyComponent.SUPPRESSION_BY_URI;
 import static edu.cornell.mannlib.vitro.webapp.modelaccess.ModelAccess.ReasoningOption.ASSERTIONS_ONLY;
 
 import java.text.Collator;
@@ -12,13 +15,11 @@
 import java.util.Comparator;
 import java.util.Enumeration;
 import java.util.HashMap;
-import java.util.HashSet;
 import java.util.LinkedHashMap;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;
 import java.util.Random;
-import java.util.Set;
 
 import javax.servlet.http.HttpServletRequest;
 
@@ -27,6 +28,7 @@
 import edu.cornell.mannlib.vedit.util.FormUtils;
 import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessObjectType;
 import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessOperation;
+import edu.cornell.mannlib.vitro.webapp.auth.permissions.PermissionSets;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.EntityPolicyController;
 import edu.cornell.mannlib.vitro.webapp.beans.PermissionSet;
 import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
@@ -40,7 +42,18 @@
 
 public class BaseEditController extends VitroHttpServlet {
 
+    private static final String OPERATIONS_TO_ROLES = "operationsToRoles";
+
+    public static final String URI_SUPPRESSIONS = "uriSuppressions";
+
+    public static final String TYPE_SUPPRESSIONS = "typeSuppressions";
+
+    public static final String TYPE_SUPPRESSIONS_NOT_RELATED = "typeSuppressionsNotRelated";
+
+    public static final String PROPERTY_SUPPRESSIONS_NOT_RELATED = "propertySuppressionsNotRelated";
+
     public static final String ENTITY_URI_ATTRIBUTE_NAME = "_permissionsEntityURI";
+    
     public static final String ENTITY_TYPE_ATTRIBUTE_NAME = "_permissionsEntityType";
 
     public static final boolean FORCE_NEW = true; // when you know you're starting a new edit process
@@ -215,15 +228,13 @@ public String getDefaultLandingPage(HttpServletRequest request) {
     protected static void addAccessAttributes(HttpServletRequest req, String entityURI, AccessObjectType aot) {
         // Add the permissionsEntityURI (if we are creating a new property, this will be empty)
         req.setAttribute(ENTITY_URI_ATTRIBUTE_NAME, entityURI);
-
+        String[] namedKeys = new String[0];
         // Get the available permission sets
         List<PermissionSet> permissionSets = buildListOfSelectableRoles(ModelAccess.on(req).getWebappDaoFactory());
         List<RoleInfo> roles = new ArrayList<>();
-        List<String> roleUris = new ArrayList<>();
 
         for (PermissionSet permissionSet : permissionSets) {
             roles.add(new RoleInfo(permissionSet));
-            roleUris.add(permissionSet.getUri());
         }
         List<AccessOperation> accessOperations = AccessOperation.getOperations(aot);
         // Operation, list of roles>
@@ -242,16 +253,110 @@ protected static void addAccessAttributes(HttpServletRequest req, String entityU
                     }
                 }
             }
-            if (!StringUtils.isEmpty(entityURI)) {
-                for (RoleInfo roleInfo : roleInfos) {
-                    if (roleInfo.isEnabled()) {
-                        roleInfo.setGranted(
-                                EntityPolicyController.isGranted(entityURI, aot, operation, roleInfo.getUri()));
-                    }
+            getRolePolicyInformation(entityURI, aot, namedKeys, operation, roleInfos);
+        }
+        req.setAttribute(OPERATIONS_TO_ROLES, operationsToRoles);
+    }
+
+    private static void getRolePolicyInformation(String entityURI, AccessObjectType aot, String[] namedKeys,
+            AccessOperation operation, List<RoleInfo> roleInfos) {
+        if (!StringUtils.isEmpty(entityURI)) {
+            for (RoleInfo roleInfo : roleInfos) {
+                if (roleInfo.isEnabled()) {
+                    roleInfo.setGranted(
+                            EntityPolicyController.isGranted(entityURI, aot, operation, roleInfo.getUri(), namedKeys));
                 }
             }
         }
-        req.setAttribute("operationsToRoles", operationsToRoles);
+    }
+    
+    protected static void addUriSuppressions(HttpServletRequest req, String entityURI, AccessObjectType aot) {
+        AccessOperation operation = AccessOperation.DISPLAY;
+        String[] namedKeys = new String[1];
+        namedKeys[0] = SUPPRESSION_BY_URI.toString();
+        // Get the available permission sets
+        List<PermissionSet> permissionSets = buildListOfSelectableRoles(ModelAccess.on(req).getWebappDaoFactory());
+        List<RoleInfo> roles = new ArrayList<>();
+
+        for (PermissionSet permissionSet : permissionSets) {
+            roles.add(new RoleInfo(permissionSet));
+        }
+        Map<String, List<RoleInfo>> uriSuppressionsToRoles = new LinkedHashMap<>();
+        List<RoleInfo> roleInfos = new LinkedList<>();
+        String operationName = StringUtils.capitalize(operation.toString().toLowerCase());
+        uriSuppressionsToRoles.put(operationName, roleInfos);
+        for (RoleInfo role : roles) {
+            RoleInfo roleCopy = role.clone();
+            roleInfos.add(roleCopy);
+        }
+        getRolePolicyInformation(entityURI, aot, namedKeys, operation, roleInfos);
+        req.setAttribute(URI_SUPPRESSIONS, uriSuppressionsToRoles);
+        req.setAttribute(ENTITY_URI_ATTRIBUTE_NAME, entityURI);
+    }
+
+    protected static void addTypeSuppressions(HttpServletRequest req, String entityURI, AccessObjectType aot) {
+        AccessOperation operation = AccessOperation.DISPLAY;
+        String[] namedKeys = new String[1];
+        namedKeys[0] = SUPPRESSION_BY_TYPE.toString();
+        // Get the available permission sets
+        List<PermissionSet> permissionSets = buildListOfSelectableRoles(ModelAccess.on(req).getWebappDaoFactory());
+        List<RoleInfo> roles = new ArrayList<>();
+
+        for (PermissionSet permissionSet : permissionSets) {
+            roles.add(new RoleInfo(permissionSet));
+        }
+        Map<String, List<RoleInfo>> typeSuppressionsToRoles = new LinkedHashMap<>();
+        List<RoleInfo> roleInfos = new LinkedList<>();
+        String operationName = StringUtils.capitalize(operation.toString().toLowerCase());
+        typeSuppressionsToRoles.put(operationName, roleInfos);
+        for (RoleInfo role : roles) {
+            RoleInfo roleCopy = role.clone();
+            roleInfos.add(roleCopy);
+        }
+        getRolePolicyInformation(entityURI, aot, namedKeys, operation, roleInfos);
+        req.setAttribute(TYPE_SUPPRESSIONS, typeSuppressionsToRoles);
+    }
+
+    protected static void addNotRelatedTypeSuppressions(HttpServletRequest req, String entityURI, AccessObjectType aot) {
+        AccessOperation operation = AccessOperation.DISPLAY;
+        String[] namedKeys = new String[2];
+        namedKeys[0] = SUPPRESSION_BY_TYPE.toString();
+        namedKeys[1] = NOT_RELATED.toString();
+        
+        RoleInfo role = getSelfEditorRole(req);
+        Map<String, List<RoleInfo>> typeSuppressionsToRoles = new LinkedHashMap<>();
+        List<RoleInfo> roleInfos = new LinkedList<>();
+        String operationName = StringUtils.capitalize(operation.toString().toLowerCase());
+        typeSuppressionsToRoles.put(operationName, roleInfos);
+        roleInfos.add(role);
+
+        getRolePolicyInformation(entityURI, aot, namedKeys, operation, roleInfos);
+        req.setAttribute(TYPE_SUPPRESSIONS_NOT_RELATED, typeSuppressionsToRoles);
+    }
+
+    protected static RoleInfo getSelfEditorRole(HttpServletRequest req) {
+        PermissionSet permissionSet = ModelAccess.on(req).getWebappDaoFactory().getUserAccountsDao()
+                .getPermissionSetByUri(PermissionSets.URI_SELF_EDITOR);
+        RoleInfo role = new RoleInfo(permissionSet);
+        return role;
+    }
+
+    protected static void addNotRelatedPropertySuppressions(HttpServletRequest req, String entityURI,
+            AccessObjectType aot) {
+        AccessOperation operation = AccessOperation.DISPLAY;
+        String[] namedKeys = new String[2];
+        namedKeys[0] = SUPPRESSION_BY_URI.toString();
+        namedKeys[1] = NOT_RELATED.toString();
+        
+        RoleInfo role = getSelfEditorRole(req);
+        Map<String, List<RoleInfo>> propertySuppressionsToRoles = new LinkedHashMap<>();
+        List<RoleInfo> roleInfos = new LinkedList<>();
+        String operationName = StringUtils.capitalize(operation.toString().toLowerCase());
+        propertySuppressionsToRoles.put(operationName, roleInfos);
+        roleInfos.add(role);
+
+        getRolePolicyInformation(entityURI, aot, namedKeys, operation, roleInfos);
+        req.setAttribute(PROPERTY_SUPPRESSIONS_NOT_RELATED, propertySuppressionsToRoles);
     }
 
     static boolean isPublicForbiddenOperation(AccessOperation operation) {
diff --git a/api/src/main/java/edu/cornell/mannlib/vedit/controller/OperationController.java b/api/src/main/java/edu/cornell/mannlib/vedit/controller/OperationController.java
index 6953d7e343..db98ba2a97 100644
--- a/api/src/main/java/edu/cornell/mannlib/vedit/controller/OperationController.java
+++ b/api/src/main/java/edu/cornell/mannlib/vedit/controller/OperationController.java
@@ -2,10 +2,16 @@
 
 package edu.cornell.mannlib.vedit.controller;
 
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessObjectType.CLASS;
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessObjectType.INDIVIDUAL;
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessOperation.DISPLAY;
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.NamedKeyComponent.NOT_RELATED;
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.NamedKeyComponent.SUPPRESSION_BY_TYPE;
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.NamedKeyComponent.SUPPRESSION_BY_URI;
+
 import java.io.IOException;
 import java.lang.reflect.InvocationTargetException;
 import java.lang.reflect.Method;
-import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Enumeration;
 import java.util.HashMap;
@@ -19,19 +25,7 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessObjectType;
-import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessOperation;
-import edu.cornell.mannlib.vitro.webapp.auth.attributes.OperationGroup;
-import edu.cornell.mannlib.vitro.webapp.auth.policy.EntityPolicyController;
-import edu.cornell.mannlib.vitro.webapp.beans.PermissionSet;
-import edu.cornell.mannlib.vitro.webapp.modelaccess.ModelAccess;
-import org.apache.commons.lang3.EnumUtils;
-import org.apache.commons.lang3.StringUtils;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
 import edu.cornell.mannlib.vedit.beans.EditProcessObject;
-import edu.cornell.mannlib.vedit.controller.BaseEditController.RoleInfo;
 import edu.cornell.mannlib.vedit.forwarder.PageForwarder;
 import edu.cornell.mannlib.vedit.listener.ChangeListener;
 import edu.cornell.mannlib.vedit.listener.EditPreProcessor;
@@ -40,6 +34,15 @@
 import edu.cornell.mannlib.vedit.util.OperationUtils;
 import edu.cornell.mannlib.vedit.validator.ValidationObject;
 import edu.cornell.mannlib.vedit.validator.Validator;
+import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessObjectType;
+import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessOperation;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.EntityPolicyController;
+import edu.cornell.mannlib.vitro.webapp.beans.PermissionSet;
+import edu.cornell.mannlib.vitro.webapp.modelaccess.ModelAccess;
+import org.apache.commons.lang3.EnumUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
 
 @WebServlet(name = "OperationController", urlPatterns = {"/doEdit"} )
 public class OperationController extends BaseEditController {
@@ -138,39 +141,10 @@ public void doPost (HttpServletRequest request, HttpServletResponse response) {
 
             // If contains restrictions
             if (request.getParameter("_permissions") != null) {
-                // Get the namespace that we are editing
-                String entityUri = request.getParameter(ENTITY_URI_ATTRIBUTE_NAME);
-                if (StringUtils.isEmpty(entityUri)) {
-                    // If we don't have a namespace set, we are creating a new entity so use that namespace
-                    if (!StringUtils.isEmpty(request.getParameter("Namespace")) && !StringUtils.isEmpty(request.getParameter("LocalName"))) {
-                        entityUri = "" + request.getParameter("Namespace") + request.getParameter("LocalName");    
-                    }
-                }
-                String entityType = request.getParameter(ENTITY_TYPE_ATTRIBUTE_NAME);
-                List<PermissionSet> permissionSets = buildListOfSelectableRoles(ModelAccess.on(request).getWebappDaoFactory());
-                Set<RoleInfo> roles = new HashSet<>();
-                for (PermissionSet permissionSet : permissionSets) {
-                    roles.add(new RoleInfo(permissionSet));
-                }  
-                AccessObjectType aot = getAccessObjectType(entityUri, entityType);
-                if (aot != null) {
-                    List<AccessOperation> operations = AccessOperation.getOperations(aot);
-                    for (AccessOperation ao : operations) {
-                        String operationGroupName = ao.toString().toLowerCase().split("_")[0];
-                        Set<String> selectedRoles = getSelectedRoles(request, operationGroupName);
-                        for (RoleInfo role : roles) {
-                            if (role.isPublic() && isPublicForbiddenOperation(ao)) {
-                                continue;
-                            }
-                            if (selectedRoles.contains(role.getUri())) {
-                                EntityPolicyController.grantAccess(entityUri, aot, ao, role.getUri());    
-                            } else {
-                                EntityPolicyController.revokeAccess(entityUri, aot, ao, role.getUri());
-                            }
-                            
-                        }
-                    }
-                }
+                updatePermissions(request);
+            }
+            if (isUriSuppressionsPresent(request)) {
+                updateUriSuppressions(request);
             }
 
             /* put request parameters and attributes into epo where the listeners can see */
@@ -230,6 +204,155 @@ public void doPost (HttpServletRequest request, HttpServletResponse response) {
         }
     }
 
+    private void updateUriSuppressions(HttpServletRequest request) {
+        String entityUri = request.getParameter(ENTITY_URI_ATTRIBUTE_NAME);
+        if (entityUri == null) {
+            return;
+        }
+        String entityType = request.getParameter(ENTITY_TYPE_ATTRIBUTE_NAME);
+        AccessObjectType aot = getAccessObjectType(entityUri, entityType);
+        if (aot == null) {
+            return;
+        }
+        updateUriSuppressions(request, aot, entityUri);
+    }
+
+    private void updatePermissions(HttpServletRequest request) {
+        // Get the namespace that we are editing
+        String entityUri = request.getParameter(ENTITY_URI_ATTRIBUTE_NAME);
+        if (StringUtils.isEmpty(entityUri)) {
+            // If we don't have a namespace set, we are creating a new entity so use that namespace
+            if (!StringUtils.isEmpty(request.getParameter("Namespace")) && !StringUtils.isEmpty(request.getParameter("LocalName"))) {
+                entityUri = "" + request.getParameter("Namespace") + request.getParameter("LocalName");    
+            }
+        }
+        String entityType = request.getParameter(ENTITY_TYPE_ATTRIBUTE_NAME);
+        AccessObjectType aot = getAccessObjectType(entityUri, entityType);
+        if (aot == null) {
+            return;
+        }
+        updateEntityPermissions(request, entityUri, aot);
+        updateTypeSuppressions(request, aot, entityUri);
+        updateNotRelatedTypeSuppressions(request, aot, entityUri);
+        updateNotRelatedPropertySuppressions(request, aot, entityUri);
+    }
+
+    private void updateEntityPermissions(HttpServletRequest request, String entityUri, AccessObjectType aot) {
+        Set<RoleInfo> roles = getAllRoles(request);
+        List<AccessOperation> operations = AccessOperation.getOperations(aot);
+        for (AccessOperation ao : operations) {
+            String operationGroupName = ao.toString().toLowerCase();
+            Set<String> selectedRoles = getSelectedRoles(request, operationGroupName);
+            for (RoleInfo role : roles) {
+                if (role.isPublic() && isPublicForbiddenOperation(ao)) {
+                    continue;
+                }
+                if (selectedRoles.contains(role.getUri())) {
+                    EntityPolicyController.grantAccess(entityUri, aot, ao, role.getUri());    
+                } else {
+                    EntityPolicyController.revokeAccess(entityUri, aot, ao, role.getUri());
+                }
+            }
+        }
+    }
+
+    private Set<RoleInfo> getAllRoles(HttpServletRequest request) {
+        List<PermissionSet> permissionSets = buildListOfSelectableRoles(ModelAccess.on(request).getWebappDaoFactory());
+        Set<RoleInfo> roles = new HashSet<>();
+        for (PermissionSet permissionSet : permissionSets) {
+            roles.add(new RoleInfo(permissionSet));
+        }
+        return roles;
+    }
+    
+    private void updateUriSuppressions(HttpServletRequest request, AccessObjectType aot, String entityUri) {
+        if (!AccessObjectType.INDIVIDUAL.equals(aot)) {
+            return;
+        }
+        String[] namedKeys = new String[1];
+        namedKeys[0] = SUPPRESSION_BY_URI.toString();
+        Set<RoleInfo> roles = getAllRoles(request);
+        String operationGroupName = "uriSuppression" + DISPLAY.toString().toLowerCase();
+        Set<String> selectedRoles = getSelectedRoles(request, operationGroupName);
+        for (RoleInfo role : roles) {
+            if (selectedRoles.contains(role.getUri())) {
+                EntityPolicyController.grantAccess(entityUri, aot, DISPLAY, role.getUri(), namedKeys);
+            } else {
+                EntityPolicyController.revokeAccess(entityUri, aot, DISPLAY, role.getUri(), namedKeys);
+            }
+        }
+    }
+    
+    private void updateTypeSuppressions(HttpServletRequest request, AccessObjectType aot, String entityUri) {
+        if (!isTypeSuppressionsPresent(request) || !AccessObjectType.CLASS.equals(aot)) {
+            return;
+        }
+        String[] namedKeys = new String[1];
+        namedKeys[0] = SUPPRESSION_BY_TYPE.toString();
+        Set<RoleInfo> roles = getAllRoles(request);
+        String operationGroupName = "typeSuppression" + DISPLAY.toString().toLowerCase();
+        Set<String> selectedRoles = getSelectedRoles(request, operationGroupName);
+        for (RoleInfo role : roles) {
+            if (selectedRoles.contains(role.getUri())) {
+                EntityPolicyController.grantAccess(entityUri, INDIVIDUAL, DISPLAY, role.getUri(), namedKeys);
+            } else {
+                EntityPolicyController.revokeAccess(entityUri, INDIVIDUAL, DISPLAY, role.getUri(), namedKeys);
+            }
+        }
+    }
+
+    private void updateNotRelatedTypeSuppressions(HttpServletRequest request, AccessObjectType aot, String entityUri) {
+        if (!isNotRelatedTypeSuppressionsPresent(request) || !CLASS.equals(aot)) {
+            return;
+        }
+        String[] namedKeys = new String[2];
+        namedKeys[0] = SUPPRESSION_BY_TYPE.toString();
+        namedKeys[1] = NOT_RELATED.toString();
+        RoleInfo role = getSelfEditorRole(request);
+        String operationGroupName = "typeSuppressionNotRelated" + DISPLAY.toString().toLowerCase();
+        Set<String> selectedRoles = getSelectedRoles(request, operationGroupName);
+        if (selectedRoles.contains(role.getUri())) {
+            EntityPolicyController.grantAccess(entityUri, INDIVIDUAL, DISPLAY, role.getUri(), namedKeys);
+        } else {
+            EntityPolicyController.revokeAccess(entityUri, INDIVIDUAL, DISPLAY, role.getUri(), namedKeys);
+        }
+    }
+
+    private void updateNotRelatedPropertySuppressions(HttpServletRequest request, AccessObjectType aot,
+            String entityUri) {
+        if (!isNotRelatedPropertySuppressionsPresent(request)) {
+            return;
+        }
+        String[] namedKeys = new String[2];
+        namedKeys[0] = SUPPRESSION_BY_URI.toString();
+        namedKeys[1] = NOT_RELATED.toString();
+        RoleInfo role = getSelfEditorRole(request);
+        String operationGroupName = "propertySuppressionNotRelated" + DISPLAY.toString().toLowerCase();
+        Set<String> selectedRoles = getSelectedRoles(request, operationGroupName);
+        if (selectedRoles.contains(role.getUri())) {
+            EntityPolicyController.grantAccess(entityUri, aot, DISPLAY, role.getUri(), namedKeys);
+        } else {
+            EntityPolicyController.revokeAccess(entityUri, aot, DISPLAY, role.getUri(), namedKeys);
+        }
+    }
+    
+    
+    private boolean isUriSuppressionsPresent(HttpServletRequest request) {
+        return request.getParameter(URI_SUPPRESSIONS) != null;
+    }
+
+    private boolean isNotRelatedPropertySuppressionsPresent(HttpServletRequest request) {
+        return request.getParameter(PROPERTY_SUPPRESSIONS_NOT_RELATED) != null;
+    }
+
+    private boolean isTypeSuppressionsPresent(HttpServletRequest request) {
+        return request.getParameter(TYPE_SUPPRESSIONS) != null;
+    }
+
+    private boolean isNotRelatedTypeSuppressionsPresent(HttpServletRequest request) {
+        return request.getParameter(TYPE_SUPPRESSIONS_NOT_RELATED) != null;
+    }
+
     private Set<String> getSelectedRoles(HttpServletRequest request, String operationGroupName) {
         String[] selectedRoles = request.getParameterValues(operationGroupName + "Roles");
         if (selectedRoles == null) {
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/attributes/AccessObjectType.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/attributes/AccessObjectType.java
index 48ca429fb7..1358c827a4 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/attributes/AccessObjectType.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/attributes/AccessObjectType.java
@@ -15,4 +15,5 @@ public enum AccessObjectType {
     FAUX_DATA_PROPERTY,
     FAUX_DATA_PROPERTY_STATEMENT,
     FAUX_OBJECT_PROPERTY_STATEMENT,
+    INDIVIDUAL,
 }
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/attributes/AttributeValueKey.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/attributes/AttributeValueKey.java
index 8dfec3aa30..ec65c5f1e0 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/attributes/AttributeValueKey.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/attributes/AttributeValueKey.java
@@ -1,39 +1,59 @@
 package edu.cornell.mannlib.vitro.webapp.auth.attributes;
 
+import java.util.Arrays;
+import java.util.HashSet;
+import java.util.Set;
+
 import org.apache.commons.lang3.builder.EqualsBuilder;
 import org.apache.commons.lang3.builder.HashCodeBuilder;
 
 public class AttributeValueKey {
 
-    private AccessOperation ao;
-    private AccessObjectType aot;
+    private AccessOperation accessOperation;
+    private AccessObjectType accessObjectType;
     private String role;
     private String type;
+    private Set<String> namedKeyComponents = new HashSet<>();
+
+    public Set<String> getNamedKeyComponents() {
+        return namedKeyComponents;
+    }
 
     public AttributeValueKey() {
     }
 
-    public AttributeValueKey(AccessOperation ao, AccessObjectType aot, String role, String type) {
-        this.ao = ao;
-        this.aot = aot;
+    public AttributeValueKey(AccessOperation ao, AccessObjectType aot, String role, String type,
+            String... namedKeyComponents) {
+        this.accessOperation = ao;
+        this.accessObjectType = aot;
         this.role = role;
         this.type = type;
+        this.namedKeyComponents = new HashSet<>(Arrays.asList(namedKeyComponents));
+    }
+
+    public AttributeValueKey(AccessOperation ao, AccessObjectType aot, String role, String type,
+            Set<String> namedKeyComponents) {
+        this.accessOperation = ao;
+        this.accessObjectType = aot;
+        this.role = role;
+        this.type = type;
+        this.namedKeyComponents = namedKeyComponents;
     }
 
     public AccessOperation getAccessOperation() {
-        return ao;
+        return accessOperation;
     }
 
     public void setOperation(AccessOperation ao) {
-        this.ao = ao;
+        this.accessOperation = ao;
     }
 
     public AccessObjectType getObjectType() {
-        return aot;
+        return accessObjectType;
     }
 
     public void setObjectType(AccessObjectType aot) {
-        this.aot = aot;
+        this.accessObjectType = aot;
     }
 
     public String getRole() {
@@ -52,12 +72,16 @@ public void setType(String type) {
         this.type = type;
     }
 
+    public void addNamedKey(String key) {
+        namedKeyComponents.add(key);
+    }
+
     public AttributeValueKey clone() {
-        return new AttributeValueKey(ao, aot, role, type);
+        return new AttributeValueKey(accessOperation, accessObjectType, role, type, namedKeyComponents);
     }
 
     public boolean isEmpty() {
-        return ao == null && aot == null && role == null && type == null;
+        return accessOperation == null && accessObjectType == null && role == null && type == null;
     }
 
     @Override
@@ -75,6 +99,7 @@ public boolean equals(Object object) {
                 .append(getObjectType(), compared.getObjectType())
                 .append(getRole(), compared.getRole())
                 .append(getType(), compared.getType())
+                .append(getNamedKeyComponents(), compared.getNamedKeyComponents())
                 .isEquals();
     }
 
@@ -85,6 +110,7 @@ public int hashCode() {
                 .append(getObjectType())
                 .append(getRole())
                 .append(getType())
+                .append(getNamedKeyComponents())
                 .toHashCode();
     }
 }
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/attributes/AttributeValueSet.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/attributes/AttributeValueSet.java
index d8902b2509..902175b094 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/attributes/AttributeValueSet.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/attributes/AttributeValueSet.java
@@ -1,5 +1,7 @@
 package edu.cornell.mannlib.vitro.webapp.auth.attributes;
 
+import java.util.Set;
+
 public interface AttributeValueSet {
 
     void add(String value);
@@ -26,4 +28,6 @@ public interface AttributeValueSet {
 
     void setKey(AttributeValueKey key);
 
+    Set<String> getValues();
+
 }
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/attributes/MutableAttributeValueSet.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/attributes/MutableAttributeValueSet.java
index e00b670632..413ded0957 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/attributes/MutableAttributeValueSet.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/attributes/MutableAttributeValueSet.java
@@ -55,6 +55,10 @@ public String getSingleValue() {
         return "";
     }
 
+    public Set<String> getValues() {
+        return values;
+    }
+
     @Override
     public boolean isEmpty() {
         return values.isEmpty();
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/attributes/NamedKeyComponent.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/attributes/NamedKeyComponent.java
new file mode 100644
index 0000000000..09a7bc4894
--- /dev/null
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/attributes/NamedKeyComponent.java
@@ -0,0 +1,7 @@
+package edu.cornell.mannlib.vitro.webapp.auth.attributes;
+
+public enum NamedKeyComponent {
+    SUPPRESSION_BY_URI,
+    SUPPRESSION_BY_TYPE,
+    NOT_RELATED,
+}
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/attributes/ValueSetFactory.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/attributes/ValueSetFactory.java
index dc05586edd..e85d999520 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/attributes/ValueSetFactory.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/attributes/ValueSetFactory.java
@@ -16,8 +16,12 @@ public static AttributeValueSet create(String value, QuerySolution qs, Attribute
             if (avc == null) {
                 return createNew(value, qs, dataSetKey, avcKey);
             } else {
-                return returnFromRegistry(value, avc);
+                Optional<String> setUri = getSetUri(qs);
+                if (!setUri.isPresent() || !setUri.get().equals(avc.getValueSetUri())) {
+                    return createNew(value, qs, dataSetKey, avcKey);
+                }
             }
+            return returnFromRegistry(value, avc);
         }
     }
 
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/AbstractCheck.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/AbstractCheck.java
index 2409e02809..ccdf73b98e 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/AbstractCheck.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/AbstractCheck.java
@@ -11,6 +11,7 @@ public abstract class AbstractCheck implements Check {
     private AttributeValueSet values;
     private String uri;
     private long computationalCost;
+    private String configuration;
 
     private CheckType testType = CheckType.EQUALS;
 
@@ -36,12 +37,18 @@ public void setType(CheckType testType) {
         adjustComputationCost(testType);
     }
 
-    @Override
+    public String getConfiguration() {
+        return configuration;
+    }
+
+    public void setConfiguration(String configuration) {
+        this.configuration = configuration;
+    }
+
     public void addValue(String value) {
         values.add(value);
     }
 
-    @Override
     public AttributeValueSet getValues() {
         return values;
     }
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/AttributeValueChecker.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/AttributeValueChecker.java
index dd5cb7a081..3ad814622b 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/AttributeValueChecker.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/AttributeValueChecker.java
@@ -2,19 +2,10 @@
 
 package edu.cornell.mannlib.vitro.webapp.auth.checks;
 
-import java.util.Arrays;
-import java.util.List;
-
 import edu.cornell.mannlib.vitro.webapp.auth.attributes.AttributeValueSet;
-import edu.cornell.mannlib.vitro.webapp.auth.objects.AccessObject;
 import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
-import org.apache.commons.lang3.StringUtils;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.apache.jena.rdf.model.Model;
 
 public class AttributeValueChecker {
-    private static final Log log = LogFactory.getLog(AttributeValueChecker.class);
 
     static boolean test(Check attr, AuthorizationRequest ar, String... values) {
         CheckType testType = attr.getType();
@@ -30,44 +21,14 @@ static boolean test(Check attr, AuthorizationRequest ar, String... values) {
             case STARTS_WITH:
                 return startsWith(attr, values);
             case SPARQL_SELECT_QUERY_RESULTS_CONTAIN:
-                return sparqlQueryContains(attr, ar, values);
+                return SparqlSelectQueryResultsChecker.sparqlSelectQueryResultsContain(attr, ar, values);
             case SPARQL_SELECT_QUERY_RESULTS_NOT_CONTAIN:
-                return !sparqlQueryContains(attr, ar, values);
+                return !SparqlSelectQueryResultsChecker.sparqlSelectQueryResultsContain(attr, ar, values);
             default:
                 return false;
         }
     }
 
-    private static boolean sparqlQueryContains(Check attr, AuthorizationRequest ar, String[] inputValues) {
-        AttributeValueSet values = attr.getValues();
-        if (!values.containsSingleValue()) {
-            log.error("SparqlQueryContains more than  one value");
-            return false;
-        }
-        String queryTemplate = values.getSingleValue();
-        if (StringUtils.isBlank(queryTemplate)) {
-            log.error("SparqlQueryContains template is empty");
-            return false;
-        }
-        AccessObject ao = ar.getAccessObject();
-        Model m = ao.getStatementOntModel();
-        if (m == null) {
-            log.debug("SparqlQueryContains model is not provided");
-            return false;
-        }
-        List<String> personUris = ar.getEditorUris();
-        if (personUris.isEmpty()) {
-            if (queryTemplate.contains("?personUri")) {
-                log.debug("Subject has no person URIs");
-                return false;
-            } else {
-                personUris.add("");
-            }
-        }
-        List<String> resourceUris = Arrays.asList(ao.getResourceUris());
-        return ProximityChecker.isAnyRelated(m, resourceUris, personUris, queryTemplate);
-    }
-
     private static boolean contains(Check attr, String... inputValues) {
         AttributeValueSet values = attr.getValues();
         for (String inputValue : inputValues) {
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/Check.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/Check.java
index 99a06bc020..7f6ee08d7b 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/Check.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/Check.java
@@ -26,4 +26,8 @@ public interface Check {
 
     long getComputationalCost();
 
+    void setConfiguration(String configuration);
+
+    String getConfiguration();
+
 }
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/CheckFactory.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/CheckFactory.java
index 1a18355be8..444ca2d8b0 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/CheckFactory.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/CheckFactory.java
@@ -8,6 +8,7 @@
 import edu.cornell.mannlib.vitro.webapp.auth.attributes.ValueSetFactory;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyLoader;
 import org.apache.jena.query.QuerySolution;
+import org.apache.jena.rdf.model.RDFNode;
 
 public class CheckFactory {
 
@@ -48,9 +49,18 @@ public static Check createCheck(QuerySolution qs, AttributeValueKey dataSetKey)
                 check = null;
         }
         check.setType(CheckType.valueOf(testId));
+        setConfiguration(qs, check);
         return check;
     }
 
+    private static void setConfiguration(QuerySolution qs, Check check) {
+        RDFNode rdfNode = qs.get("config");
+        if (rdfNode == null || !rdfNode.isLiteral()) {
+            return;
+        }
+        check.setConfiguration(rdfNode.asLiteral().toString());
+    }
+
     private static String getValue(QuerySolution qs) {
         if (!qs.contains(PolicyLoader.LITERAL_VALUE) || !qs.get(PolicyLoader.LITERAL_VALUE).isLiteral()) {
             String value = qs.getResource(PolicyLoader.ATTR_VALUE).getURI();
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/ProximityChecker.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/ProximityChecker.java
deleted file mode 100644
index e1f4931008..0000000000
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/ProximityChecker.java
+++ /dev/null
@@ -1,89 +0,0 @@
-/* $This file is distributed under the terms of the license in LICENSE$ */
-
-package edu.cornell.mannlib.vitro.webapp.auth.checks;
-
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.List;
-
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.apache.jena.query.ParameterizedSparqlString;
-import org.apache.jena.query.Query;
-import org.apache.jena.query.QueryExecution;
-import org.apache.jena.query.QueryExecutionFactory;
-import org.apache.jena.query.QueryFactory;
-import org.apache.jena.query.QuerySolution;
-import org.apache.jena.query.ResultSet;
-import org.apache.jena.rdf.model.Model;
-import org.apache.jena.rdf.model.RDFNode;
-
-public class ProximityChecker {
-    private static final Log log = LogFactory.getLog(ProximityChecker.class);
-
-    public static boolean isAnyRelated(Model ontModel, List<String> resourceUris, List<String> personUris,
-            String query) {
-        for (String personUri : personUris) {
-            List<String> connectedResourceUris = getRelatedUris(ontModel, personUri, query);
-            for (String connectedResourceUri : connectedResourceUris) {
-                if (resourceUris.contains(connectedResourceUri)) {
-                    return true;
-                }
-            }
-        }
-        return false;
-    }
-
-    private static List<String> getRelatedUris(Model model, String personUri, String queryTemplate) {
-        HashMap<String, List<String>> queryMap = QueryResultsMapCache.get();
-        String queryMapKey = createQueryMapKey(personUri, queryTemplate);
-        if (queryMap.containsKey(queryMapKey)) {
-            return queryMap.get(queryMapKey);
-        }
-        List<String> results = new ArrayList<>();
-        ParameterizedSparqlString pss = new ParameterizedSparqlString();
-        pss.setCommandText(queryTemplate);
-        pss.setIri("personUri", personUri);
-        String queryText = pss.toString();
-        debug("queryText: " + queryText);
-        Query query = QueryFactory.create(queryText);
-        QueryExecution queryExecution = QueryExecutionFactory.create(query, model);
-        try {
-            ResultSet resultSet = queryExecution.execSelect();
-            while (resultSet.hasNext()) {
-                QuerySolution qs = resultSet.nextSolution();
-                addSolutionValues(results, qs);
-            }
-        } finally {
-            queryExecution.close();
-        }
-        debug("query results: " + results);
-        queryMap.put(queryMapKey, results);
-        QueryResultsMapCache.update(queryMap);
-        return results;
-    }
-
-    private static void addSolutionValues(List<String> results, QuerySolution qs) {
-        Iterator<String> names = qs.varNames();
-        while (names.hasNext()) {
-            String name = names.next();
-            RDFNode node = qs.get(name);
-            if (node.isURIResource()) {
-                results.add(node.asResource().getURI());
-            } else if (node.isLiteral()) {
-                results.add(node.asLiteral().toString());
-            }
-        }
-    }
-
-    private static void debug(String queryText) {
-        if (log.isDebugEnabled()) {
-            log.debug(queryText);
-        }
-    }
-
-    private static String createQueryMapKey(String personUri, String queryTemplate) {
-        return queryTemplate + "." + personUri;
-    }
-}
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/QueryResultsMapCache.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/QueryResultsMapCache.java
index 761131cdbd..7d6fd99691 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/QueryResultsMapCache.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/QueryResultsMapCache.java
@@ -4,7 +4,7 @@
 
 import java.io.IOException;
 import java.util.HashMap;
-import java.util.List;
+import java.util.Set;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
@@ -12,11 +12,11 @@
 public class QueryResultsMapCache implements AutoCloseable {
     private static final Log log = LogFactory.getLog(QueryResultsMapCache.class);
 
-    private static ThreadLocal<HashMap<String, List<String>>> threadLocal =
-            new ThreadLocal<HashMap<String, List<String>>>();
+    private static ThreadLocal<HashMap<String, Set<String>>> threadLocal =
+            new ThreadLocal<HashMap<String, Set<String>>>();
 
     public QueryResultsMapCache() {
-        threadLocal.set(new HashMap<String, List<String>>());
+        threadLocal.set(new HashMap<String, Set<String>>());
         log.debug("Query results map cache initialized");
     }
 
@@ -26,10 +26,10 @@ public void close() throws IOException {
         log.debug("QueryResultsMapCache is closed");
     }
 
-    public static HashMap<String, List<String>> get() {
-        HashMap<String, List<String>> queryResultsMap = threadLocal.get();
+    public static HashMap<String, Set<String>> get() {
+        HashMap<String, Set<String>> queryResultsMap = threadLocal.get();
         if (queryResultsMap == null) {
-            queryResultsMap = new HashMap<String, List<String>>();
+            queryResultsMap = new HashMap<String, Set<String>>();
             log.debug("Use a non-cached query results map");
         } else {
             log.debug("Use cached query results map");
@@ -37,7 +37,7 @@ public static HashMap<String, List<String>> get() {
         return queryResultsMap;
     }
 
-    public static void update(HashMap<String, List<String>> queryResultsMap) {
+    public static void update(HashMap<String, Set<String>> queryResultsMap) {
         if (threadLocal.get() != null) {
             threadLocal.set(queryResultsMap);
             log.debug("Query results map cache has been updated");
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/SparqlSelectQueryResultsChecker.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/SparqlSelectQueryResultsChecker.java
new file mode 100644
index 0000000000..75b62cfeae
--- /dev/null
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/checks/SparqlSelectQueryResultsChecker.java
@@ -0,0 +1,157 @@
+/* $This file is distributed under the terms of the license in LICENSE$ */
+
+package edu.cornell.mannlib.vitro.webapp.auth.checks;
+
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.Optional;
+import java.util.Set;
+
+import edu.cornell.mannlib.vitro.webapp.auth.attributes.AttributeValueSet;
+import edu.cornell.mannlib.vitro.webapp.auth.objects.AccessObject;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.jena.query.ParameterizedSparqlString;
+import org.apache.jena.query.Query;
+import org.apache.jena.query.QueryExecution;
+import org.apache.jena.query.QueryExecutionFactory;
+import org.apache.jena.query.QueryFactory;
+import org.apache.jena.query.QuerySolution;
+import org.apache.jena.query.ResultSet;
+import org.apache.jena.rdf.model.Model;
+import org.apache.jena.rdf.model.RDFNode;
+
+public class SparqlSelectQueryResultsChecker {
+    private static final Log log = LogFactory.getLog(SparqlSelectQueryResultsChecker.class);
+
+    public static boolean sparqlSelectQueryResultsContain(Check check, AuthorizationRequest ar, String[] inputValues) {
+        String queryTemplate = check.getConfiguration();
+        if (StringUtils.isBlank(queryTemplate)) {
+            queryTemplate = check.getValues().getSingleValue();
+        }
+        if (StringUtils.isBlank(queryTemplate)) {
+            log.error("SparqlQueryContains template is empty");
+            return false;
+        }
+        AccessObject ao = ar.getAccessObject();
+        Model m = ao.getModel();
+        if (m == null) {
+            log.debug("SparqlQueryContains model is not provided");
+            return false;
+        }
+        Set<String> profileUris = new HashSet<String>(ar.getEditorUris());
+        if (profileUris.isEmpty()) {
+            if (queryTemplate.contains("?profileUri")) {
+                log.debug("Subject has no person URIs");
+                return false;
+            } else {
+                profileUris.add("");
+            }
+        }
+        Set<String> comparedValues = new HashSet<>();
+        if (isQueryNotProvidedInConfiguration(check)) {
+            addRelatedUrisToComparedValues(ao, comparedValues);
+        } else {
+            addValuesToComparedValues(check.getValues(), comparedValues);
+        }
+        for (String profileUri : profileUris) {
+            Set<String> sparqlSelectResults = getSparqlSelectResults(m, profileUri, queryTemplate, ar);
+            // Return true if intersection is not empty
+            comparedValues.retainAll(sparqlSelectResults);
+            if (!comparedValues.isEmpty()) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    private static void addValuesToComparedValues(AttributeValueSet values, Set<String> comparedValues) {
+        comparedValues.addAll(values.getValues());
+    }
+
+    private static void addRelatedUrisToComparedValues(AccessObject ao, Set<String> comparedValues) {
+        comparedValues.addAll(Arrays.asList(ao.getResourceUris()));
+    }
+
+    private static boolean isQueryNotProvidedInConfiguration(Check check) {
+        return StringUtils.isBlank(check.getConfiguration());
+    }
+
+    private static Set<String> getSparqlSelectResults(Model model, String profileUri, String queryTemplate,
+            AuthorizationRequest ar) {
+        HashMap<String, Set<String>> queryMap = QueryResultsMapCache.get();
+        String queryMapKey = createQueryMapKey(profileUri, queryTemplate, ar);
+        if (queryMap.containsKey(queryMapKey)) {
+            return queryMap.get(queryMapKey);
+        }
+        Set<String> results = new HashSet<>();
+        ParameterizedSparqlString pss = new ParameterizedSparqlString();
+        pss.setCommandText(queryTemplate);
+        setVariables(profileUri, ar, pss);
+
+        String queryText = pss.toString();
+        debug("queryText: " + queryText);
+        Query query = QueryFactory.create(queryText);
+        QueryExecution queryExecution = QueryExecutionFactory.create(query, model);
+        try {
+            ResultSet resultSet = queryExecution.execSelect();
+            while (resultSet.hasNext()) {
+                QuerySolution qs = resultSet.nextSolution();
+                addSolutionValues(results, qs);
+            }
+        } catch (Exception e) {
+            log.error(e, e);
+        } finally {
+            queryExecution.close();
+        }
+        debug("query results: " + results);
+        queryMap.put(queryMapKey, results);
+        QueryResultsMapCache.update(queryMap);
+        return results;
+    }
+
+    private static void setVariables(String profileUri, AuthorizationRequest ar, ParameterizedSparqlString pss) {
+        pss.setIri("profileUri", profileUri);
+        AccessObject object = ar.getAccessObject();
+        Optional<String> uri = object.getUri();
+        if (uri.isPresent()) {
+            pss.setIri("objectUri", uri.get());
+        }
+    }
+
+    private static void addSolutionValues(Set<String> results, QuerySolution qs) {
+        Iterator<String> names = qs.varNames();
+        while (names.hasNext()) {
+            String name = names.next();
+            RDFNode node = qs.get(name);
+            if (node.isURIResource()) {
+                results.add(node.asResource().getURI());
+            } else if (node.isLiteral()) {
+                results.add(node.asLiteral().toString());
+            }
+        }
+    }
+
+    private static void debug(String queryText) {
+        if (log.isDebugEnabled()) {
+            log.debug(queryText);
+        }
+    }
+
+    private static String createQueryMapKey(String profileUri, String queryTemplate, AuthorizationRequest ar) {
+        String mapKey = queryTemplate + "." + profileUri;
+        if (queryTemplate.contains("?objectUri")) {
+            AccessObject object = ar.getAccessObject();
+            Optional<String> uri = object.getUri();
+            if (uri.isPresent()) {
+                mapKey += "." + uri.get();
+            }
+        }
+        return mapKey;
+    }
+
+}
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/AccessObject.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/AccessObject.java
index 32e003cd5e..ffd0884537 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/AccessObject.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/AccessObject.java
@@ -15,6 +15,7 @@ public abstract class AccessObject {
     public static String SOME_URI = "?SOME_URI";
     public static Property SOME_PREDICATE = new Property(SOME_URI);
     public static String SOME_LITERAL = "?SOME_LITERAL";
+    private Model model = null;
 
     protected AccessObjectStatement statement;
     private DataProperty dataProperty;
@@ -50,16 +51,12 @@ protected void initializeStatement() {
         }
     }
 
-    public void setStatementOntModel(Model ontModel) {
-        initializeStatement();
-        statement.setModel(ontModel);
+    public void setModel(Model ontModel) {
+        model = ontModel;
     }
 
-    public Model getStatementOntModel() {
-        if (statement != null) {
-            return statement.getModel();
-        }
-        return null;
+    public Model getModel() {
+        return model;
     }
 
     public void setStatementSubject(String subject) {
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/AccessObjectStatement.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/AccessObjectStatement.java
index 91872cd146..db65bfa47a 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/AccessObjectStatement.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/AccessObjectStatement.java
@@ -4,23 +4,13 @@
 
 import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessObjectType;
 import edu.cornell.mannlib.vitro.webapp.beans.Property;
-import org.apache.jena.rdf.model.Model;
 
 public class AccessObjectStatement {
 
-    private Model model = null;
     private String subject = null;
     private Property predicate = null;
     private String object = null;
 
-    public Model getModel() {
-        return model;
-    }
-
-    public void setModel(Model model) {
-        this.model = model;
-    }
-
     public String getSubject() {
         return subject;
     }
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/DataPropertyStatementAccessObject.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/DataPropertyStatementAccessObject.java
index 644b71e116..f69731b63e 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/DataPropertyStatementAccessObject.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/DataPropertyStatementAccessObject.java
@@ -15,7 +15,7 @@ public class DataPropertyStatementAccessObject extends AccessObject {
 
     public DataPropertyStatementAccessObject(OntModel ontModel, String subjectUri, String predicateUri,
             String dataValue) {
-        setStatementOntModel(ontModel);
+        setModel(ontModel);
         setStatementSubject(subjectUri);
         setStatementPredicate(new Property(predicateUri));
         setStatementObject(dataValue);
@@ -24,7 +24,7 @@ public DataPropertyStatementAccessObject(OntModel ontModel, String subjectUri, S
 
     public DataPropertyStatementAccessObject(OntModel ontModel, String subjectUri, Property predicate,
             String dataValue) {
-        setStatementOntModel(ontModel);
+        setModel(ontModel);
         setStatementSubject(subjectUri);
         setStatementPredicate(predicate);
         setStatementObject(dataValue);
@@ -32,7 +32,7 @@ public DataPropertyStatementAccessObject(OntModel ontModel, String subjectUri, P
     }
 
     public DataPropertyStatementAccessObject(OntModel ontModel, DataPropertyStatement dps) {
-        setStatementOntModel(ontModel);
+        setModel(ontModel);
         setStatementSubject((dps.getIndividual() == null) ? dps.getIndividualURI() : dps.getIndividual().getURI());
         setStatementPredicate(new Property(dps.getDatapropURI()));
         setStatementObject(dps.getData());
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/FauxDataPropertyStatementAccessObject.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/FauxDataPropertyStatementAccessObject.java
index 61dbfcfd1e..383f47dcc9 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/FauxDataPropertyStatementAccessObject.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/FauxDataPropertyStatementAccessObject.java
@@ -12,7 +12,7 @@ public class FauxDataPropertyStatementAccessObject extends AccessObject {
 
     public FauxDataPropertyStatementAccessObject(OntModel ontModel, String subjectUri, FauxProperty predicate,
             String dataValue) {
-        setStatementOntModel(ontModel);
+        setModel(ontModel);
         setStatementSubject(subjectUri);
         this.predicate = predicate;
         setStatementObject(dataValue);
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/FauxObjectPropertyStatementAccessObject.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/FauxObjectPropertyStatementAccessObject.java
index 186a00505f..b710ae1722 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/FauxObjectPropertyStatementAccessObject.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/FauxObjectPropertyStatementAccessObject.java
@@ -12,7 +12,7 @@ public class FauxObjectPropertyStatementAccessObject extends AccessObject {
 
     public FauxObjectPropertyStatementAccessObject(Model ontModel, String subjectUri, FauxProperty fauxProperty,
             String objectUri) {
-        setStatementOntModel(ontModel);
+        setModel(ontModel);
         setStatementSubject(subjectUri);
         predicate = fauxProperty;
         setStatementObject(objectUri);
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/IndividualAccessObject.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/IndividualAccessObject.java
new file mode 100644
index 0000000000..0df44ff030
--- /dev/null
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/IndividualAccessObject.java
@@ -0,0 +1,26 @@
+package edu.cornell.mannlib.vitro.webapp.auth.objects;
+
+import java.util.Optional;
+
+import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessObjectType;
+
+public class IndividualAccessObject extends NamedAccessObject {
+
+    public IndividualAccessObject(String uri) {
+        super(uri);
+    }
+
+    @Override
+    public AccessObjectType getType() {
+        return AccessObjectType.INDIVIDUAL;
+    }
+
+    public String[] getResourceUris() {
+        Optional<String> optionalUri = getUri();
+        if (optionalUri.isPresent()) {
+            return new String[] { optionalUri.get() };
+        } else {
+            return new String[0];
+        }
+    }
+}
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/NamedAccessObject.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/NamedAccessObject.java
index 8b9f025ac9..f3a3eecfde 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/NamedAccessObject.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/NamedAccessObject.java
@@ -11,21 +11,13 @@
  */
 public class NamedAccessObject extends AccessObject {
     private final String uri;
-    private AccessObjectType type;
 
     public NamedAccessObject() {
         this.uri = "";
-        this.type = AccessObjectType.NAMED_OBJECT;
-    }
-
-    public NamedAccessObject(String uri, AccessObjectType type) {
-        this.uri = uri;
-        this.type = type;
     }
 
     public NamedAccessObject(String uri) {
         this.uri = uri;
-        this.type = AccessObjectType.NAMED_OBJECT;
     }
 
     @Override
@@ -61,7 +53,7 @@ public String toString() {
 
     @Override
     public AccessObjectType getType() {
-        return type;
+        return AccessObjectType.NAMED_OBJECT;
     }
 
     private static String getShortName(String entityUri) {
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/ObjectPropertyStatementAccessObject.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/ObjectPropertyStatementAccessObject.java
index 87db9869a2..33de4b03ba 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/ObjectPropertyStatementAccessObject.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/objects/ObjectPropertyStatementAccessObject.java
@@ -14,7 +14,7 @@ public class ObjectPropertyStatementAccessObject extends AccessObject {
 
     public ObjectPropertyStatementAccessObject(Model ontModel, String subjectUri, Property predicate,
             String objectUri) {
-        setStatementOntModel(ontModel);
+        setModel(ontModel);
         setStatementSubject(subjectUri);
         setStatementPredicate(predicate);
         setStatementObject(objectUri);
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/permissions/SimplePermission.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/permissions/SimplePermission.java
index 3cfbc4a3e1..a86036dd1e 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/permissions/SimplePermission.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/permissions/SimplePermission.java
@@ -75,7 +75,7 @@ public String getUri() {
 
     private SimplePermission(String uri) {
         this.uri = SimplePermission.NS + uri;
-        NamedAccessObject ao = new NamedAccessObject(this.uri, AccessObjectType.NAMED_OBJECT);
+        NamedAccessObject ao = new NamedAccessObject(this.uri);
         this.ACTION = new SimpleAuthorizationRequest(ao, AccessOperation.EXECUTE);
     }
 }
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/policy/EntityPolicyController.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/policy/EntityPolicyController.java
index 98145a6f38..4bf7212e03 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/policy/EntityPolicyController.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/policy/EntityPolicyController.java
@@ -4,6 +4,8 @@
 
 import static edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary.AUTH_VOCABULARY_PREFIX;
 
+import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.HashSet;
@@ -52,8 +54,9 @@ private static AttributeValueSetRegistry getRegistry() {
         return AttributeValueSetRegistry.getInstance();
     }
 
-    public static void revokeAccess(String entityUri, AccessObjectType aot, AccessOperation ao, String role) {
-        AttributeValueKey key = new AttributeValueKey(ao, aot, role, aot.toString());
+    public static void revokeAccess(String entityUri, AccessObjectType aot, AccessOperation ao, String role,
+            String... namedKeyComponents) {
+        AttributeValueKey key = new AttributeValueKey(ao, aot, role, aot.toString(), namedKeyComponents);
         AttributeValueSet set = getRegistry().get(key);
         if (set != null) {
             if (set.contains(entityUri)) {
@@ -77,8 +80,9 @@ private static void reduceInactiveValueSet(String entityUri, AccessObjectType ao
         getLoader().updateAccessControlModel(removals.toString(), false);
     }
 
-    public static void grantAccess(String entityUri, AccessObjectType aot, AccessOperation ao, String role) {
-        AttributeValueKey key = new AttributeValueKey(ao, aot, role, aot.toString());
+    public static void grantAccess(String entityUri, AccessObjectType aot, AccessOperation ao, String role,
+            String... namedKeyComponents) {
+        AttributeValueKey key = new AttributeValueKey(ao, aot, role, aot.toString(), namedKeyComponents);
         AttributeValueSet set = getRegistry().get(key);
         if (set != null) {
             if (!set.contains(entityUri)) {
@@ -87,14 +91,18 @@ public static void grantAccess(String entityUri, AccessObjectType aot, AccessOpe
                 getLoader().updateAccessControlModel(toAdd, true);
             }
         } else {
-            extendInactiveValueSet(entityUri, aot, ao, role);
-            loadPolicy(aot, ao, role);
+            extendInactiveValueSet(entityUri, aot, ao, role, namedKeyComponents);
+            loadPolicy(aot, ao, role, namedKeyComponents);
         }
     }
 
-    private static void loadPolicy(AccessObjectType aot, AccessOperation ao, String role) {
-        String dataSetUri =
-                getLoader().getDataSetUriByKey(new String[] { }, new String[] { ao.toString(), aot.toString(), role });
+    private static void loadPolicy(AccessObjectType aot, AccessOperation ao, String role,
+            String... namedKeyComponents) {
+        String[] ids = Arrays.copyOf(namedKeyComponents, namedKeyComponents.length + 3);
+        ids[ids.length - 1] = ao.toString();
+        ids[ids.length - 2] = aot.toString();
+        ids[ids.length - 3] = role;
+        String dataSetUri = getLoader().getDataSetUriByKey(ids);
         if (dataSetUri != null) {
             DynamicPolicy policy = getLoader().loadPolicyFromTemplateDataSet(dataSetUri);
             if (policy != null) {
@@ -104,18 +112,19 @@ private static void loadPolicy(AccessObjectType aot, AccessOperation ao, String
     }
 
     private static void extendInactiveValueSet(String entityUri, AccessObjectType aot, AccessOperation ao,
-            String role) {
+            String role, String... namedKeyComponents) {
         StringBuilder additions = new StringBuilder();
-        getDataValueStatements(entityUri, aot, ao, Collections.singleton(role), additions);
+        getDataValueStatements(entityUri, aot, ao, Collections.singleton(role), additions, namedKeyComponents);
         getLoader().updateAccessControlModel(additions.toString(), true);
     }
 
-    public static boolean isGranted(String entityUri, AccessObjectType aot, AccessOperation ao, String role) {
+    public static boolean isGranted(String entityUri, AccessObjectType aot, AccessOperation ao, String role,
+            String... namedKeyComponents) {
         if (StringUtils.isBlank(entityUri)) {
             return false;
         }
         AttributeValueSetRegistry registry = getRegistry();
-        AttributeValueKey key = new AttributeValueKey(ao, aot, role, aot.toString());
+        AttributeValueKey key = new AttributeValueKey(ao, aot, role, aot.toString(), namedKeyComponents);
         AttributeValueSet set = registry.get(key);
         if (set == null) {
             return false;
@@ -138,12 +147,12 @@ public static List<String> getGrantedRoles(String entityUri, AccessOperation ao,
     }
 
     public static void getDataValueStatements(String entityUri, AccessObjectType aot, AccessOperation ao,
-            Set<String> selectedRoles, StringBuilder sb) {
+            Set<String> selectedRoles, StringBuilder sb, String... namedKeyComponents) {
         if (StringUtils.isBlank(entityUri)) {
             return;
         }
         for (String role : selectedRoles) {
-            String valueSetUri = getValueSetUri(aot, ao, role);
+            String valueSetUri = getValueSetUri(aot, ao, role, namedKeyComponents);
             if (valueSetUri == null) {
                 log.debug(String.format("Policy value set wasn't found by key:\n%s\n%s\n%s", ao, aot, role));
                 continue;
@@ -175,13 +184,25 @@ private static boolean isUriInTestDataset(String entityUri, AccessOperation ao,
         return values.contains(entityUri);
     }
 
-    private static String getValueSetUri(AccessObjectType aot, AccessOperation ao, String role) {
-        String key = aot.toString() + "." + ao.toString() + "." + role;
+    private static String getValueSetUri(AccessObjectType aot, AccessOperation ao, String role,
+            String... namedKeyComponents) {
+        String key = generateKey(aot, ao, role, namedKeyComponents);
         if (policyKeyToDataValueMap.containsKey(key)) {
             return policyKeyToDataValueMap.get(key);
         }
-        String uri = getLoader().getEntityValueSetUri(ao, aot, role);
+        String uri = getLoader().getEntityValueSetUri(ao, aot, role, namedKeyComponents);
         policyKeyToDataValueMap.put(key, uri);
         return uri;
     }
+
+    private static String generateKey(AccessObjectType aot, AccessOperation ao, String role,
+            String[] namedKeyComponents) {
+        String key = aot.toString() + "." + ao.toString() + "." + role;
+        if (namedKeyComponents.length > 0) {
+            List<String> namedKeys = new ArrayList<>(Arrays.asList(namedKeyComponents));
+            Collections.sort(namedKeys);
+            key = key + String.join(".", namedKeys);
+        }
+        return key;
+    }
 }
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/policy/InvalidSolutionException.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/policy/InvalidSolutionException.java
new file mode 100644
index 0000000000..0cb3bbecff
--- /dev/null
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/policy/InvalidSolutionException.java
@@ -0,0 +1,9 @@
+package edu.cornell.mannlib.vitro.webapp.auth.policy;
+
+public class InvalidSolutionException extends RuntimeException {
+
+    public InvalidSolutionException(String string) {
+        super(string);
+    }
+
+}
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyDecisionPoint.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyDecisionPoint.java
index 1e317a7a4a..a90dec6b7c 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyDecisionPoint.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyDecisionPoint.java
@@ -40,8 +40,8 @@ public static PolicyDecision decide(AuthorizationRequest ar) {
             }
         }
 
-        pd = new BasicPolicyDecision(DecisionResult.INCONCLUSIVE,
-                "No policy returned a conclusive decision on " + ar.getAccessObject());
+        pd = new BasicPolicyDecision(DecisionResult.INCONCLUSIVE, String.format(
+                "No policy returned a conclusive decision on %s of %s", ar.getAccessOperation(), ar.getAccessObject()));
         logger.logNoDecision(pd);
         return pd;
     }
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyLoader.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyLoader.java
index bc70622e17..90a4fa62ce 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyLoader.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyLoader.java
@@ -7,6 +7,7 @@
 import java.io.InputStream;
 import java.io.StringWriter;
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.LinkedList;
@@ -95,38 +96,51 @@ public class PolicyLoader {
     private static final String NO_DATASET_RULES_QUERY = ""
             + "prefix auth: <http://vitro.mannlib.cornell.edu/ns/vitro/authorization#>\n"
             + "prefix access: <https://vivoweb.org/ontology/vitro-application/auth/vocabulary/>\n"
-            + "SELECT DISTINCT ?policyUri ?rule ?check ?testId ?typeId ?value ?lit_value ?decision_id \n"
+            + "SELECT DISTINCT ?policyUri ?rule ?check ?config ?attributeValue "
+            + "?testId ?typeId ?value ?lit_value ?decision_id \n"
             + "WHERE {\n"
             + "  GRAPH <http://vitro.mannlib.cornell.edu/default/access-control> {\n"
-            + "?policy a access:Policy .\n"
-            + "?policy access:hasRule ?rule . \n"
-            + "?rule access:requiresCheck ?check .\n"
-            + "OPTIONAL {\n"
-            + "  ?check access:useOperator ?checkTest .\n"
-            + "  OPTIONAL {\n"
-            + "    ?checkTest access:id ?testId . \n"
-            + "  }\n"
-            + "}"
-            + "OPTIONAL {\n"
-            + "  ?check access:hasTypeToCheck ?checkType . \n"
-            + "  OPTIONAL {\n"
-            + "    ?checkType access:id ?typeId . \n"
-            + "  }\n"
-            + "}\n"
-            + "OPTIONAL {\n"
-            + "   ?rule access:hasDecision ?decision . \n"
-            + "   ?decision access:id ?decision_id . \n"
-            + "}\n"
-            + "?check access:value ?value . \n"
-            + "OPTIONAL {?value access:id ?lit_value . }\n"
+            + "    ?policy a access:Policy .\n"
+            + "    ?policy access:hasRule ?rule . \n"
+            + "    ?rule access:requiresCheck ?check .\n"
+            + "    OPTIONAL {\n"
+            + "      ?check access:useOperator ?checkTest .\n"
+            + "      OPTIONAL {\n"
+            + "        ?checkTest access:id ?testId . \n"
+            + "      }\n"
+            + "    }\n"
+            + "    OPTIONAL {\n"
+            + "      ?check access:hasTypeToCheck ?checkType . \n"
+            + "      OPTIONAL {\n"
+            + "        ?checkType access:id ?typeId . \n"
+            + "      }\n"
+            + "    }\n"
+            + "    OPTIONAL {\n"
+            + "      ?check access:useConfiguration ?configUri . \n"
+            + "      ?configUri access:id ?config . \n"
+            + "    }\n"
+            + "    OPTIONAL {\n"
+            + "      ?rule access:hasDecision ?decision . \n"
+            + "      ?decision access:id ?decision_id . \n"
+            + "    }\n"
+            + "    {\n"
+            + "      ?check access:values ?attributeValue .\n"
+            + "      ?attributeValue access:value ?value .\n"
+            + "      OPTIONAL { ?value access:id ?lit_value . }\n"
+            + "    }\n"
+            + "      UNION \n"
+            + "    {\n"
+            + "      ?check access:value ?value .\n"
+            + "      OPTIONAL {?value access:id ?lit_value . }\n"
+            + "    }\n"
+            + "    BIND(?policy as ?policyUri)\n"
             + "  }\n"
-            + "BIND(?policy as ?policyUri)\n"
             + "} ORDER BY ?rule ?check";
 
     private static final String DATASET_RULES_QUERY = ""
             + "prefix auth: <http://vitro.mannlib.cornell.edu/ns/vitro/authorization#>\n"
             + "prefix access: <https://vivoweb.org/ontology/vitro-application/auth/vocabulary/>\n"
-            + "SELECT DISTINCT ?policyUri ?rule ?check ?testId ?typeId ?value ?lit_value ?decision_id "
+            + "SELECT DISTINCT ?policyUri ?rule ?check ?config ?testId ?typeId ?value ?lit_value ?decision_id "
             + " ?dataSetUri ?attributeValue ?setElementsType \n"
             + "WHERE {\n"
             + "  GRAPH <http://vitro.mannlib.cornell.edu/default/access-control> {\n"
@@ -148,6 +162,10 @@ public class PolicyLoader {
             + "      }\n"
             + "    }\n"
             + "    OPTIONAL {\n"
+            + "      ?check access:useConfiguration ?configUri . \n"
+            + "      ?configUri access:id ?config . \n"
+            + "    }\n"
+            + "    OPTIONAL {\n"
             + "      ?rule access:hasDecision ?decision .\n"
             + "      ?decision access:id ?decision_id .\n"
             + "    }\n"
@@ -262,6 +280,10 @@ public class PolicyLoader {
             + "      ?keyComponent a access:SubjectRoleUri .\n"
             + "      BIND('SUBJECT_ROLE_URI' as ?type)\n"
             + "    }\n"
+            + "    OPTIONAL {\n"
+            + "      ?keyComponent a access:NamedKeyComponent .\n"
+            + "      BIND('NAMED_KEY_COMPONENT' as ?type)\n"
+            + "    }\n"
             + "  }\n"
             + "}\n";
 
@@ -443,8 +465,7 @@ protected void processQuerySolution(QuerySolution qs) {
     public Set<String> getDataSetValues(AccessOperation ao, AccessObjectType aot, String role) {
         Set<String> values = new HashSet<>();
         long expectedSize = 3;
-        String queryText = getDataSetByKeyQuery(new String[] {},
-                new String[] { ao.toString(), aot.toString(), role });
+        String queryText = getDataSetByKeyQuery(ao.toString(), aot.toString(), role);
         ParameterizedSparqlString pss = new ParameterizedSparqlString(queryText);
         pss.setLiteral("setElementsId", aot.toString());
         queryText = pss.toString();
@@ -478,9 +499,14 @@ protected void processQuerySolution(QuerySolution qs) {
         return values;
     }
 
-    public String getEntityValueSetUri(AccessOperation ao, AccessObjectType aot, String role) {
-        long expectedSize = 3;
-        String queryText = getDataSetByKeyQuery(new String[] { }, new String[] { ao.toString(), aot.toString(), role });
+    public String getEntityValueSetUri(AccessOperation ao, AccessObjectType aot, String role,
+            String... namedKeyComponents) {
+        int expectedSize = 3 + namedKeyComponents.length;
+        String[] ids = Arrays.copyOf(namedKeyComponents, expectedSize);
+        ids[ids.length - 1] = ao.toString();
+        ids[ids.length - 2] = aot.toString();
+        ids[ids.length - 3] = role;
+        String queryText = getDataSetByKeyQuery(ids);
         ParameterizedSparqlString pss = new ParameterizedSparqlString(queryText);
         pss.setLiteral("setElementsId", aot.toString());
         queryText = pss.toString();
@@ -496,7 +522,7 @@ protected void processQuerySolution(QuerySolution qs) {
                     }
                     long keySize = qs.getLiteral("keySize").getLong();
                     if (expectedSize != keySize) {
-                        log.error("wrong key size. Expected " + expectedSize + ". Actual " + keySize );
+                        debug("wrong key size. Expected " + expectedSize + ". Actual " + keySize );
                         return;
                     }
                     uri[0] = qs.getResource("valueSet").getURI();
@@ -579,11 +605,8 @@ private static String getPolicyDataSetValueStatementByKeyQuery(String entityUri,
         return query.toString();
     }
 
-    private static String getDataSetByKeyQuery(String[] uris, String[] ids) {
+    private static String getDataSetByKeyQuery(String... ids) {
         StringBuilder query = new StringBuilder(policyKeyTemplatePrefix);
-        for (String uri : uris) {
-            query.append(String.format("  ?dataSetKeyUri access:hasKeyComponent <%s> . \n", uri));
-        }
         int i = 0;
         for (String id : ids) {
             query.append(String.format(
@@ -626,9 +649,7 @@ private void loadRulesWithoutDataSet(String policyUri, Map<String, AccessRule> r
                 @Override
                 protected void processQuerySolution(QuerySolution qs) {
                     try {
-                        if (isInvalidPolicySolution(qs)) {
-                            throw new Exception();
-                        }
+                        isInvalidPolicySolution(qs);
                         if (isRuleContinues(rules, qs)) {
                             String ruleUri = qs.getResource("rule").getURI();
                             populateRule(rules.get(ruleUri), qs, null);
@@ -666,9 +687,7 @@ private void loadRulesForDataSet(Map<String, AccessRule> rules, String dataSetUr
                 @Override
                 protected void processQuerySolution(QuerySolution qs) {
                     try {
-                        if (isInvalidPolicySolution(qs)) {
-                            throw new Exception();
-                        }
+                        isInvalidPolicySolution(qs);
                         if (isRuleContinues(rules, qs)) {
                             String ruleUri = qs.getResource("rule").getURI();
                             populateRule(rules.get(ruleUri), qs, dataSetKey);
@@ -748,36 +767,33 @@ private static void populateRule(AccessRule ar, QuerySolution qs, AttributeValue
         }
     }
 
-    private static boolean isInvalidPolicySolution(QuerySolution qs) {
+    private static void isInvalidPolicySolution(QuerySolution qs) {
         if (!qs.contains("policyUri") || !qs.get("policyUri").isResource()) {
-            log.debug("Query solution doesn't contain policy uri");
-            return true;
+            throw new InvalidSolutionException("Query solution doesn't contain policy uri");
         }
         String policy = qs.get("policyUri").asResource().getURI();
         if (!qs.contains("rule") || !qs.get("rule").isResource()) {
-            log.debug(String.format("Query solution for policy <%s> doesn't contain rule uri", policy));
-            return true;
+            throw new InvalidSolutionException(
+                    String.format("Query solution for policy <%s> doesn't contain rule uri", policy));
         }
         String rule = qs.get("rule").asResource().getLocalName();
         if (!qs.contains("check") || !qs.get("check").isResource()) {
-            log.debug(String.format("Query solution for policy <%s> doesn't contain check uri", policy));
-            return true;
+            throw new InvalidSolutionException(
+                    String.format("Query solution for policy <%s> doesn't contain check uri", policy));
         }
         String check = qs.get("check").asResource().getLocalName();
         if (!qs.contains("value")) {
-            log.debug(String.format("Query solution for policy <%s> rule %s check %s doesn't contain value", policy,
-                    rule, check));
-            return true;
+            throw new InvalidSolutionException(String.format(
+                    "Query solution for policy <%s> rule %s check %s doesn't contain value", policy, rule, check));
         }
         if (!qs.contains("typeId") || !qs.get("typeId").isLiteral()) {
-            log.debug(String.format("Query solution for policy <%s> doesn't contain check type id", policy));
-            return true;
+            throw new InvalidSolutionException(
+                    String.format("Query solution for policy <%s> doesn't contain check type id", policy));
         }
         if (!qs.contains("testId") || !qs.get("testId").isLiteral()) {
-            log.debug(String.format("Query solution for policy <%s> doesn't contain check test id", policy));
-            return true;
+            throw new InvalidSolutionException(
+                    String.format("Query solution for policy <%s> doesn't contain check test id", policy));
         }
-        return false;
     }
 
     private static void debug(String template, Object... objects) {
@@ -801,9 +817,9 @@ private ChangeSet makeChangeSet() {
         return cs;
     }
 
-    public String getDataSetUriByKey(String[] uris, String[] ids) {
-        long expectedSize = uris.length + ids.length;
-        final String queryText = getDataSetByKeyQuery(uris, ids);
+    public String getDataSetUriByKey(String... ids) {
+        long expectedSize = ids.length;
+        final String queryText = getDataSetByKeyQuery(ids);
         debug("SPARQL Query to get policy data set values:\n %s", queryText);
         String[] uri = new String[1];
         try {
@@ -851,6 +867,9 @@ protected void processQuerySolution(QuerySolution qs) {
                             if (Attribute.SUBJECT_ROLE_URI.toString().equals(type)) {
                                 compositeKey.setRole(id);
                             }
+                            if ("NAMED_KEY_COMPONENT".equals(type)) {
+                                compositeKey.addNamedKey(id);
+                            }
                         }
                     } else {
                         //assume keyComponent is a role
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/edit/DatapropRetryController.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/edit/DatapropRetryController.java
index 7153ddaf9f..ef8bd4c53b 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/edit/DatapropRetryController.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/edit/DatapropRetryController.java
@@ -35,6 +35,7 @@
 import edu.cornell.mannlib.vitro.webapp.dao.DatatypeDao;
 import edu.cornell.mannlib.vitro.webapp.dao.OntologyDao;
 import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
+import edu.cornell.mannlib.vitro.webapp.i18n.I18n;
 import edu.cornell.mannlib.vitro.webapp.modelaccess.ModelAccess;
 
 
@@ -182,8 +183,9 @@ public void doPost (HttpServletRequest request, HttpServletResponse response) {
         request.setAttribute("title","Data Property Editing Form");
         request.setAttribute("_action",action);
         request.setAttribute("unqualifiedClassName","DatatypeProperty");
-
+        request.setAttribute("i18n", I18n.bundle(vreq));
         addAccessAttributes(request, objectForEditing.getURI(), AccessObjectType.DATA_PROPERTY);
+        addNotRelatedPropertySuppressions(request, objectForEditing.getURI(), AccessObjectType.DATA_PROPERTY);
         setRequestAttributes(request,epo);
 
         try {
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/edit/EntityRetryController.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/edit/EntityRetryController.java
index 926545550d..9bbcf58e92 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/edit/EntityRetryController.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/edit/EntityRetryController.java
@@ -37,6 +37,7 @@
 import edu.cornell.mannlib.vedit.forwarder.impl.UrlForwarder;
 import edu.cornell.mannlib.vedit.util.FormUtils;
 import edu.cornell.mannlib.vedit.validator.impl.RequiredFieldValidator;
+import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessObjectType;
 import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
 import edu.cornell.mannlib.vitro.webapp.beans.ApplicationBean;
 import edu.cornell.mannlib.vitro.webapp.beans.DataProperty;
@@ -53,6 +54,7 @@
 import edu.cornell.mannlib.vitro.webapp.dao.VClassGroupDao;
 import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
 import edu.cornell.mannlib.vitro.webapp.edit.listener.impl.IndividualDataPropertyStatementProcessor;
+import edu.cornell.mannlib.vitro.webapp.i18n.I18n;
 
 @WebServlet(name = "EntityRetryController", urlPatterns = {"/entity_retry"} )
 public class EntityRetryController extends BaseEditController {
@@ -297,6 +299,9 @@ public void doPost (HttpServletRequest request, HttpServletResponse response) {
         // request.setAttribute("bodyAttr"," onLoad=\"monikerInit()\"");
         request.setAttribute("_action",action);
         request.setAttribute("unqualifiedClassName","Individual");
+        addUriSuppressions(request, individualForEditing.getURI(), AccessObjectType.INDIVIDUAL);
+        request.setAttribute("i18n", I18n.bundle(vreq));
+
         setRequestAttributes(request,epo);
         try {
             JSPPageHandler.renderBasicPage(request, response, "/templates/edit/formBasic.jsp");
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/edit/FauxPropertyRetryController.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/edit/FauxPropertyRetryController.java
index 00dd403109..4035ff210a 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/edit/FauxPropertyRetryController.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/edit/FauxPropertyRetryController.java
@@ -43,6 +43,7 @@
 import edu.cornell.mannlib.vitro.webapp.dao.FauxPropertyDao;
 import edu.cornell.mannlib.vitro.webapp.dao.ObjectPropertyDao;
 import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
+import edu.cornell.mannlib.vitro.webapp.i18n.I18n;
 import edu.cornell.mannlib.vitro.webapp.modelaccess.ModelAccess;
 
 /**
@@ -81,6 +82,8 @@ public void doPost(HttpServletRequest req, HttpServletResponse response) {
 		req.setAttribute("_faux_property_type", aot);
 
 		addAccessAttributes(req, populator.beanForEditing.getConfigUri(), aot);
+		addNotRelatedPropertySuppressions(req, populator.beanForEditing.getConfigUri(), aot);
+		req.setAttribute("i18n", I18n.bundle(req));
 
 		setRequestAttributes(req, epo);
 
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/edit/PropertyRetryController.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/edit/PropertyRetryController.java
index a269a9c5f9..e09f06da60 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/edit/PropertyRetryController.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/edit/PropertyRetryController.java
@@ -34,6 +34,7 @@
 import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
 import edu.cornell.mannlib.vitro.webapp.dao.ObjectPropertyDao;
 import edu.cornell.mannlib.vitro.webapp.dao.OntologyDao;
+import edu.cornell.mannlib.vitro.webapp.i18n.I18n;
 import edu.cornell.mannlib.vitro.webapp.modelaccess.ModelAccess;
 
 public class PropertyRetryController extends BaseEditController {
@@ -182,8 +183,11 @@ public void doPost (HttpServletRequest req, HttpServletResponse response) {
         request.setAttribute("scripts","/templates/edit/formBasic.js");
         request.setAttribute("title","Property Editing Form");
         request.setAttribute("_action",action);
+        request.setAttribute("i18n", I18n.bundle(request));
 
         addAccessAttributes(request, propertyForEditing.getURI(), AccessObjectType.OBJECT_PROPERTY);
+        addNotRelatedPropertySuppressions(request, propertyForEditing.getURI(), AccessObjectType.OBJECT_PROPERTY);
+
         setRequestAttributes(request,epo);
 
         try {
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/edit/VclassRetryController.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/edit/VclassRetryController.java
index 0ba8117966..0952bda7a7 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/edit/VclassRetryController.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/edit/VclassRetryController.java
@@ -35,6 +35,7 @@
 import edu.cornell.mannlib.vitro.webapp.dao.VClassDao;
 import edu.cornell.mannlib.vitro.webapp.dao.VClassGroupDao;
 import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
+import edu.cornell.mannlib.vitro.webapp.i18n.I18n;
 import edu.cornell.mannlib.vitro.webapp.modelaccess.ModelAccess;
 
 @WebServlet(name = "VclassRetryController", urlPatterns = {"/vclass_retry"} )
@@ -161,8 +162,12 @@ public void doPost (HttpServletRequest req, HttpServletResponse response) {
         request.setAttribute("title","Class Editing Form");
         request.setAttribute("_action",action);
         request.setAttribute("unqualifiedClassName","VClass");
+        request.setAttribute("i18n", I18n.bundle(request));
 
         addAccessAttributes(request, vclassForEditing.getURI(), AccessObjectType.CLASS);
+        addTypeSuppressions(request, vclassForEditing.getURI(), AccessObjectType.INDIVIDUAL);
+        addNotRelatedTypeSuppressions(request, vclassForEditing.getURI(), AccessObjectType.INDIVIDUAL);
+
         setRequestAttributes(request,epo);
 
         try {
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/freemarker/FreemarkerHttpServlet.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/freemarker/FreemarkerHttpServlet.java
index cd19d42232..13b3c56758 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/freemarker/FreemarkerHttpServlet.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/freemarker/FreemarkerHttpServlet.java
@@ -20,9 +20,7 @@
 import org.apache.commons.lang3.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-import edu.cornell.mannlib.vitro.webapp.auth.checks.ProximityChecker;
 import edu.cornell.mannlib.vitro.webapp.auth.checks.QueryResultsMapCache;
-import edu.cornell.mannlib.vitro.webapp.auth.objects.AccessObject;
 import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
 import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
@@ -101,7 +99,7 @@ public void doGet( HttpServletRequest request, HttpServletResponse response )
         VitroRequest vreq = new VitroRequest(request);
         ResponseValues responseValues = null;
 
-    	try(QueryResultsMapCache personResourceCache = new QueryResultsMapCache()) {
+    	try(QueryResultsMapCache sparqlQueryCache = new QueryResultsMapCache()) {
 
             // This method does a redirect if the required authorizations are not met, so just return.
             if (!isAuthorizedToDisplayPage(request, response, requiredActions(vreq))) {
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/freemarker/PageController.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/freemarker/PageController.java
index a5e2a99829..f27c07aa90 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/freemarker/PageController.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/freemarker/PageController.java
@@ -73,7 +73,7 @@ private AuthorizationRequest getActionsForPage( VitroRequest vreq ) throws Excep
             if (StringUtils.isBlank(uri)) {
                 continue;
             }
-            NamedAccessObject ao = new NamedAccessObject(uri, AccessObjectType.NAMED_OBJECT);
+            NamedAccessObject ao = new NamedAccessObject(uri);
             auth = auth.and( new SimpleAuthorizationRequest(ao, AccessOperation.EXECUTE));
         }
         return auth;
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/individual/IndividualController.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/individual/IndividualController.java
index b8d9745b93..00cd6837c6 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/individual/IndividualController.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/controller/individual/IndividualController.java
@@ -14,7 +14,11 @@
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-
+import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessOperation;
+import edu.cornell.mannlib.vitro.webapp.auth.objects.AccessObject;
+import edu.cornell.mannlib.vitro.webapp.auth.objects.IndividualAccessObject;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.SimpleAuthorizationRequest;
 import edu.cornell.mannlib.vitro.webapp.config.ConfigurationProperties;
 import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
 import edu.cornell.mannlib.vitro.webapp.controller.freemarker.FreemarkerHttpServlet;
@@ -22,6 +26,7 @@
 import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.RedirectResponseValues;
 import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.ResponseValues;
 import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.TemplateResponseValues;
+import edu.cornell.mannlib.vitro.webapp.controller.individual.IndividualRequestInfo.Type;
 import edu.cornell.mannlib.vitro.webapp.i18n.I18n;
 
 /**
@@ -113,6 +118,26 @@ protected ResponseValues processRequest(VitroRequest vreq) {
 			return new ExceptionResponseValues(e);
 		}
 	}
+	
+    @Override
+    public AuthorizationRequest requiredActions(VitroRequest vreq) {
+        try {
+            IndividualRequestInfo requestInfo = analyzeTheRequest(vreq);
+            switch (requestInfo.getType()) {
+                case RDF_REDIRECT:
+                case NO_INDIVIDUAL:
+                case BYTESTREAM_REDIRECT:
+                    return AuthorizationRequest.AUTHORIZED;
+                default:
+                    AccessObject ao = new IndividualAccessObject(requestInfo.getIndividual().getURI());
+                    ao.setModel(vreq.getJenaOntModel());
+                    AuthorizationRequest request = new SimpleAuthorizationRequest(ao, AccessOperation.DISPLAY);
+                    return request;
+            }
+        } catch (Throwable e) {
+            return AuthorizationRequest.UNAUTHORIZED;
+        }
+    }
 
 	private IndividualRequestInfo analyzeTheRequest(VitroRequest vreq) {
 		return new IndividualRequestAnalyzer(vreq,
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/dao/DisplayVocabulary.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/dao/DisplayVocabulary.java
index 964726abcb..925d76364f 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/dao/DisplayVocabulary.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/dao/DisplayVocabulary.java
@@ -126,6 +126,14 @@ public class DisplayVocabulary {
     public static final String SAVE_TO_VAR = DISPLAY_NS + "saveToVar" ;
     public static final String QUERY_MODEL = DISPLAY_NS + "queryModel";
     public static final String QUERY = DISPLAY_NS + "query";
+    public static final String DISPLAY_URI_PARAM = DISPLAY_NS + "uri";
+    public static final String DISPLAY_STRING_PARAM = DISPLAY_NS + "string";
+    public static final String DISPLAY_INT_PARAM = DISPLAY_NS + "int";
+    public static final String DISPLAY_LONG_PARAM = DISPLAY_NS + "long";
+    public static final String DISPLAY_FLOAT_PARAM = DISPLAY_NS + "float";
+    public static final String DISPLAY_DOUBLE_PARAM = DISPLAY_NS + "double";
+    public static final String DISPLAY_BOOLEAN_PARAM = DISPLAY_NS + "boolean";
+
 
     /* URI of property for Fixed HTML Generator */
     public static final String FIXED_HTML_VALUE = DISPLAY_NS + "htmlValue";
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/dao/filtering/filters/HideFromDisplayByPolicyFilter.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/dao/filtering/filters/HideFromDisplayByPolicyFilter.java
index 449919a48e..d0ffe6ca31 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/dao/filtering/filters/HideFromDisplayByPolicyFilter.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/dao/filtering/filters/HideFromDisplayByPolicyFilter.java
@@ -21,6 +21,7 @@
 import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
 import edu.cornell.mannlib.vitro.webapp.beans.ObjectProperty;
 import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement;
+import edu.cornell.mannlib.vitro.webapp.modelaccess.ModelAccess;
 
 /**
  * Ask the current policies whether we can show these things to the user.
@@ -80,7 +81,7 @@ public Boolean fn(ObjectPropertyStatement ops) {
 			ObjectProperty predicate = getOrCreateProperty(ops);
 			String objectUri = ops.getObjectURI();
 			return checkAuthorization(new ObjectPropertyStatementAccessObject(
-					null, subjectUri, predicate, objectUri));
+					ModelAccess.getInstance().getOntModel(), subjectUri, predicate, objectUri));
 		}
 
 		/**
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/freemarker/config/FreemarkerConfiguration.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/freemarker/config/FreemarkerConfiguration.java
index 719b041ab9..f32b349154 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/freemarker/config/FreemarkerConfiguration.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/freemarker/config/FreemarkerConfiguration.java
@@ -28,6 +28,7 @@
 import edu.cornell.mannlib.vitro.webapp.startup.StartupStatus;
 import edu.cornell.mannlib.vitro.webapp.utils.developer.DeveloperSettings;
 import edu.cornell.mannlib.vitro.webapp.utils.developer.Key;
+import edu.cornell.mannlib.vitro.webapp.web.directives.DataGetterDirective;
 import edu.cornell.mannlib.vitro.webapp.web.directives.IndividualShortViewDirective;
 import edu.cornell.mannlib.vitro.webapp.web.directives.UrlDirective;
 import edu.cornell.mannlib.vitro.webapp.web.directives.WidgetDirective;
@@ -263,6 +264,7 @@ private void addDirectives(FreemarkerConfigurationImpl c) {
 			c.setSharedVariable("shortView", new IndividualShortViewDirective());
 			c.setSharedVariable("url", new UrlDirective());
 			c.setSharedVariable("widget", new WidgetDirective());
+			c.setSharedVariable("dataGetter", new DataGetterDirective());
 		}
 
 		private void addMethods(FreemarkerConfigurationImpl c) {
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/search/controller/PagedSearchController.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/search/controller/PagedSearchController.java
index 310adef055..fb60822009 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/search/controller/PagedSearchController.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/search/controller/PagedSearchController.java
@@ -462,11 +462,28 @@ private void addDefaultVitroFacets(VitroRequest vreq, SearchQuery query) {
 
     private void addSortRules(VitroRequest vreq, SearchQuery query, Map<String, SortConfiguration> sortOptions) {
         String sortType = getSortType(vreq);
+        if (sortOptions.isEmpty()) {
+            return;
+        }
         if (!StringUtils.isBlank(sortType) && sortOptions.containsKey(sortType)) {
             SortConfiguration conf = sortOptions.get(sortType);
-            query.addSortField(conf.getField(vreq.getLocale()), conf.getSortOrder());
+            String field = conf.getField(vreq.getLocale());
+            if (!StringUtils.isBlank(field)) {
+                query.addSortField(field, conf.getSortOrder());
+            }
             conf.setSelected(true);
+            return;
+        }
+        boolean textQueryIsEmpty = StringUtils.isBlank(getQueryText(vreq));
+        // If text field is empty, apply the first sort option
+        if (textQueryIsEmpty) {
+            SortConfiguration conf = sortOptions.entrySet().iterator().next().getValue();
+            String field = conf.getField(vreq.getLocale());
+            if (!StringUtils.isBlank(field)) {
+                query.addSortField(field, conf.getSortOrder());
+            }
         }
+        // If text field is not empty, sort by relevance (no need to add sort field)
     }
 
     private String getSortType(VitroRequest vreq) {
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/search/controller/SearchFiltering.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/search/controller/SearchFiltering.java
index 6d4352aaa2..f3894c9203 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/search/controller/SearchFiltering.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/search/controller/SearchFiltering.java
@@ -127,12 +127,16 @@ public class SearchFiltering {
             + "WHERE {\n"
             + "    ?sort rdf:type search:Sort . \n"
             + "    ?sort rdfs:label ?sort_label .\n"
-            + "    ?sort search:sortField ?field .\n"
-            + "    ?sort search:id ?id .\n"
-            + "    ?field search:indexField ?searchField  .\n"
             + "    OPTIONAL {\n"
-            + "        ?field search:isLanguageSpecific ?f_multilingual  .\n"
-            + "        BIND(?f_multilingual as ?bind_multilingual) .\n"
+            + "        ?sort search:sortField ?field .\n"
+            + "        ?field search:indexField ?searchField  .\n"
+            + "        OPTIONAL {\n"
+            + "            ?field search:isLanguageSpecific ?f_multilingual  .\n"
+            + "            BIND(?f_multilingual as ?bind_multilingual) .\n"
+            + "        }\n"
+            + "    }\n"
+            + "    OPTIONAL {\n"
+            + "        ?sort search:id ?id .\n"
             + "    }\n"
             + "    OPTIONAL {\n"
             + "        ?sort search:isAscending ?f_ord  .\n"
@@ -348,12 +352,13 @@ public static Map<String, SortConfiguration> getSortConfigurations(VitroRequest
             ResultSet results = qexec.execSelect();
             while (results.hasNext()) {
                 QuerySolution solution = results.nextSolution();
-                if (solution.get("label") == null || solution.get("id") == null
-                        || solution.get("searchField") == null) {
+                RDFNode searchFieldNode = solution.get("searchField");
+                RDFNode idNode = solution.get("id");
+                if (solution.get("label") == null) {
                     continue;
                 }
-                String field = solution.get("searchField").toString();
-                String id = solution.get("id").toString();
+                String field = searchFieldNode == null ? "" : searchFieldNode.toString();
+                String id = idNode == null ? "" : idNode.toString();
                 String label = solution.get("label").toString();
 
                 SortConfiguration config = null;
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/utils/dataGetter/DataGetterBase.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/utils/dataGetter/DataGetterBase.java
index e8bb0b876c..dd5a884355 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/utils/dataGetter/DataGetterBase.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/utils/dataGetter/DataGetterBase.java
@@ -3,8 +3,6 @@
 
 import static edu.cornell.mannlib.vitro.webapp.modelaccess.ModelNames.DISPLAY;
 
-import javax.servlet.ServletContext;
-
 import org.apache.commons.lang3.StringUtils;
 
 import org.apache.jena.rdf.model.Model;
@@ -18,7 +16,7 @@ public abstract class DataGetterBase implements DataGetter {
     /**
      * Get the model to use based on a model URI.
      */
-    protected Model getModel(ServletContext context, VitroRequest vreq , String modelName) {
+    protected Model getModel(VitroRequest vreq , String modelName) {
         //if not set use jenaOntModel from the request
         if( StringUtils.isEmpty(modelName) ){
             return vreq.getJenaOntModel();
@@ -27,16 +25,13 @@ protected Model getModel(ServletContext context, VitroRequest vreq , String mode
         }else if( REQUEST_JENA_ONT_MODEL.equals(modelName)){
             return vreq.getJenaOntModel();
         }else if( CONTEXT_DISPLAY_MODEL.equals(modelName)){
-        	return ModelAccess.on(context).getOntModel(DISPLAY);
-        }else if( ! StringUtils.isEmpty( modelName)){
+        	return ModelAccess.getInstance().getOntModel(DISPLAY);
+        }else{
             Model model = JenaIngestController.getModel( modelName, vreq);
             if( model == null )
                 throw new IllegalAccessError("Cannot get model <" + modelName +"> for DataGetter.");
             else
                 return model;
-        }else{
-            //default is just the JeanOntModel from the vreq.
-            return vreq.getJenaOntModel();
         }
     }
 
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/utils/dataGetter/SparqlQueryDataGetter.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/utils/dataGetter/SparqlQueryDataGetter.java
index e5c0577782..3807d8809d 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/utils/dataGetter/SparqlQueryDataGetter.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/utils/dataGetter/SparqlQueryDataGetter.java
@@ -4,15 +4,16 @@
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
+import java.util.HashSet;
 import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
 
-import javax.servlet.ServletContext;
-
+import org.apache.commons.lang3.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-
+import org.apache.jena.query.ParameterizedSparqlString;
 import org.apache.jena.query.Query;
 import org.apache.jena.query.QueryExecution;
 import org.apache.jena.query.QueryExecutionFactory;
@@ -37,6 +38,13 @@ public class SparqlQueryDataGetter extends DataGetterBase implements DataGetter{
     private static final String queryPropertyURI = "<" + DisplayVocabulary.QUERY + ">";
     private static final String saveToVarPropertyURI= "<" + DisplayVocabulary.SAVE_TO_VAR+ ">";
     private static final String queryModelPropertyURI= "<" + DisplayVocabulary.QUERY_MODEL+ ">";
+    private static final String uriParam = "<" + DisplayVocabulary.DISPLAY_URI_PARAM + ">";
+    private static final String stringParam = "<" + DisplayVocabulary.DISPLAY_STRING_PARAM + ">";
+    private static final String intParam = "<" + DisplayVocabulary.DISPLAY_INT_PARAM + ">";
+    private static final String longParam = "<" + DisplayVocabulary.DISPLAY_LONG_PARAM + ">";
+    private static final String floatParam = "<" + DisplayVocabulary.DISPLAY_FLOAT_PARAM + ">";
+    private static final String doubleParam = "<" + DisplayVocabulary.DISPLAY_DOUBLE_PARAM + ">";
+    private static final String booleanParam = "<" + DisplayVocabulary.DISPLAY_BOOLEAN_PARAM + ">";
 
     public static final String defaultVarNameForResults = "results";
     private static final String defaultTemplate = "menupage--defaultSparql.ftl";
@@ -45,8 +53,15 @@ public class SparqlQueryDataGetter extends DataGetterBase implements DataGetter{
     String queryText;
     String saveToVar;
     String modelURI;
+    Set<String> uriParams = new HashSet<String>();
+    Set<String> stringParams = new HashSet<String>();
+    Set<String> intParams = new HashSet<String>();
+    Set<String> longParams = new HashSet<String>();
+    Set<String> floatParams = new HashSet<String>();
+    Set<String> doubleParams = new HashSet<String>();
+    Set<String> booleanParams = new HashSet<String>();
+
     VitroRequest vreq;
-    ServletContext context;
 
     /**
      * Constructor with display model and data getter URI that will be called by reflection.
@@ -68,7 +83,6 @@ protected void configure(VitroRequest vreq, Model displayModel, String dataGette
             throw new IllegalArgumentException("PageUri may not be null.");
 
         this.vreq = vreq;
-        this.context = vreq.getSession().getServletContext();
         this.dataGetterURI = dataGetterURI;
 
         QuerySolutionMap initBindings = new QuerySolutionMap();
@@ -108,23 +122,49 @@ protected void configure(VitroRequest vreq, Model displayModel, String dataGette
                     }else{
                         this.saveToVar = defaultVarNameForResults;
                     }
+                    
+                    addTypedParameter("uriParam", uriParams, soln);
+                    addTypedParameter("stringParam", stringParams, soln);
+                    addTypedParameter("intParam", intParams, soln);
+                    addTypedParameter("longParam", longParams, soln);
+                    addTypedParameter("floatParam", floatParams, soln);
+                    addTypedParameter("doubleParam", doubleParams, soln);
+                    addTypedParameter("booleanParam", booleanParams, soln);
                 }
             }finally{ qexec.close(); }
         }finally{ displayModel.leaveCriticalSection(); }
     }
 
+    private void addTypedParameter(String name, Set<String> set, QuerySolution soln) {
+        RDFNode uriNode = soln.get(name);
+        if (uriNode != null && uriNode.isLiteral()) {
+            String uriParam = uriNode.asLiteral().getLexicalForm();
+            if (!StringUtils.isBlank(uriParam)) {
+                set.add(uriParam);
+            }
+        }
+    }
+
     /**
      * Query to get the definition of the SparqlDataGetter for a given URI.
      */
     private static final String dataGetterQuery =
         "PREFIX display: <" + DisplayVocabulary.DISPLAY_NS +"> \n" +
-        "SELECT ?query ?saveToVar ?queryModel WHERE { \n" +
-        "  ?dataGetterURI "+queryPropertyURI+" ?query . \n" +
-        "  OPTIONAL{ ?dataGetterURI "+saveToVarPropertyURI+" ?saveToVar } \n " +
-        "  OPTIONAL{ ?dataGetterURI "+queryModelPropertyURI+" ?queryModel } \n" +
+        "SELECT ?query ?saveToVar ?queryModel ?uriParam ?stringParam "
+        + "?intParam ?longParam ?floatParam ?doubleParam ?booleanParam \n" +
+        "WHERE { \n" +
+        "  ?dataGetterURI " + queryPropertyURI + " ?query . \n" +
+        "  OPTIONAL{ ?dataGetterURI " + saveToVarPropertyURI + " ?saveToVar } \n " +
+        "  OPTIONAL{ ?dataGetterURI " + queryModelPropertyURI + " ?queryModel } \n" +
+        "  OPTIONAL{ ?dataGetterURI " + uriParam + " ?uriParam } \n" +
+        "  OPTIONAL{ ?dataGetterURI " + stringParam + " ?stringParam } \n" +
+        "  OPTIONAL{ ?dataGetterURI " + intParam + " ?intParam } \n" +
+        "  OPTIONAL{ ?dataGetterURI " + longParam + " ?longParam } \n" +
+        "  OPTIONAL{ ?dataGetterURI " + floatParam + " ?floatParam } \n" +
+        "  OPTIONAL{ ?dataGetterURI " + doubleParam + " ?doubleParam } \n" +
+        "  OPTIONAL{ ?dataGetterURI " + booleanParam + " ?booleanParam } \n" +
         "}";
 
-
     @Override
     public Map<String, Object> getData(Map<String, Object> pageData) {
     	Map<String, String> merged = mergeParameters(vreq.getParameterMap(), pageData);
@@ -132,7 +172,8 @@ public Map<String, Object> getData(Map<String, Object> pageData) {
     	String boundQueryText = bindParameters(queryText, merged);
 
     	if (modelURI != null) {
-    		return doQueryOnModel(boundQueryText, getModel(context, vreq, modelURI));
+    		Model modelByUri = getModel(vreq, modelURI);
+            return doQueryOnModel(boundQueryText, modelByUri);
     	} else {
     		return doQueryOnRDFService(boundQueryText);
     	}
@@ -159,32 +200,70 @@ private Map<String, String> mergeParameters(
 	 * InitialBindings don't always work, and besides, RDFService doesn't accept
 	 * them. So do a text-based substitution.
 	 *
-	 * This assumes that every parameter is a URI. What if we want to substitute
-	 * a string value?
+	 * This assumes that every parameter is a URI unless data getter has specified
+	 * parameters. 
 	 */
-	private String bindParameters(String text, Map<String, String> merged) {
-		String bound = text;
-		for (String key : merged.keySet()) {
-			String value = merged.get(key);
-			if (value.startsWith("http://") || value.startsWith("https://")) {
-				/*
-				 * UQAM-Optimization if the "value" looks like an URI then wrap the value with the characters '<' '>'
-				 *
-				 */
-				bound = bound.replaceAll("([?$]" + key + ")([^a-zA-Z0-9_\\-])", "<" + value + ">$2");
-			} else {
-				bound = bound.replaceAll("([?$]" + key + ")([^a-zA-Z0-9_\\-])", value + "$2");
-			}
-		}
-		if (log.isDebugEnabled()) {
-			log.debug("parameters: " + merged);
-			log.debug("query before binding parameters:" + text);
-			log.debug("query after binding parameters: " + bound);
-		}
-		return bound;
-	}
+    private String bindParameters(String text, Map<String, String> parameters) {
+        ParameterizedSparqlString queryText = new ParameterizedSparqlString(text);
+        if (!isLegacyMode()) {
+            substitute(parameters, uriParams, queryText, 
+                    (pss, key, value) -> pss.setIri(key, value));
+            substitute(parameters, stringParams, queryText, 
+                    (pss, key, value) -> pss.setLiteral(key, value));
+            substitute(parameters, intParams, queryText,
+                    (pss, key, value) -> pss.setLiteral(key, Integer.parseInt(value)));
+            substitute(parameters, longParams, queryText,
+                    (pss, key, value) -> pss.setLiteral(key, Long.parseLong(value)));
+            substitute(parameters, floatParams, queryText,
+                    (pss, key, value) -> pss.setLiteral(key, Float.parseFloat(value)));
+            substitute(parameters, doubleParams, queryText,
+                    (pss, key, value) -> pss.setLiteral(key, Double.parseDouble(value)));
+            substitute(parameters, booleanParams, queryText,
+                    (pss, key, value) -> pss.setLiteral(key, Boolean.parseBoolean(value)));
+        } else {
+            //Substitute all variables as uris
+            substitute(parameters, parameters.keySet(), queryText, 
+                    (pss, key, value) -> pss.setIri(key, value));
+        }
 
-	/**
+        if (log.isDebugEnabled()) {
+            log.debug("parameters: " + parameters);
+            log.debug("query before binding parameters:" + text);
+            log.debug("query after binding parameters: " + queryText.toString());
+        }
+        return queryText.toString();
+    }
+
+    private void substitute(Map<String, String> parameters, Set<String> keys, ParameterizedSparqlString pss,
+            Substitution<ParameterizedSparqlString, String, String> substitution) {
+        for (String key : keys) {
+            String value = parameters.get(key);
+            if (value != null) {
+                substitution.apply(pss, key, value);
+            }
+        }
+    }
+
+    /**
+     * Checks if at least one parameter was defined in data getter,
+     * if not then work in legacy mode.
+     * @return
+     */
+	private boolean isLegacyMode() {
+        if (!uriParams.isEmpty() ||
+            !stringParams.isEmpty() ||
+            !intParams.isEmpty() ||
+            !longParams.isEmpty() ||
+            !floatParams.isEmpty() ||
+            !doubleParams.isEmpty() ||
+            !booleanParams.isEmpty()
+            ) {
+            return false; 
+        }
+        return true;
+    }
+
+    /**
 	 * Do the query and return a result. This is in its own method, with
 	 * protected access, to make testing easy.
 	 */
@@ -287,4 +366,8 @@ private Map<String, Object> assembleMap(List<Map<String, String>> results) {
         return rmap;
 	}
 
+	@FunctionalInterface
+	interface Substitution<Pss, Key, Value> {
+	    public void apply(ParameterizedSparqlString pss, String key, String value);
+	}
 }
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/web/directives/BaseTemplateDirectiveModel.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/web/directives/BaseTemplateDirectiveModel.java
index b9c2e20211..cd5f9208a6 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/web/directives/BaseTemplateDirectiveModel.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/web/directives/BaseTemplateDirectiveModel.java
@@ -4,6 +4,8 @@
 
 import java.io.IOException;
 import java.io.StringWriter;
+import java.util.Collections;
+import java.util.HashMap;
 import java.util.Map;
 
 import org.apache.commons.logging.Log;
@@ -14,7 +16,11 @@
 import freemarker.template.Template;
 import freemarker.template.TemplateDirectiveModel;
 import freemarker.template.TemplateException;
+import freemarker.template.TemplateHashModel;
+import freemarker.template.TemplateHashModelEx;
+import freemarker.template.TemplateModel;
 import freemarker.template.TemplateModelException;
+import freemarker.template.TemplateModelIterator;
 
 public abstract class BaseTemplateDirectiveModel implements TemplateDirectiveModel {
 
@@ -83,4 +89,23 @@ protected String getOptionalSimpleScalarParameter(Map<?, ?> params,
 		return o.toString();
 	}
 
+    protected Map<String, Object> getOptionalHashModelParameter(Map<?, ?> params, String name) throws TemplateModelException {
+        Object object = params.get(name);
+        if (object == null) {
+            return Collections.emptyMap();
+        }
+        if (!(object instanceof TemplateHashModelEx)) {
+            throw new TemplateModelException(String.format("The %s parameter must be a string value.", name));
+        }
+        TemplateHashModelEx hashModel = (TemplateHashModelEx) object;
+        Map<String, Object> map = new HashMap<>();
+
+        TemplateModelIterator it = hashModel.keys().iterator();
+        while (it.hasNext()) {
+            TemplateModel key = it.next();
+            TemplateModel value = hashModel.get(key.toString());
+            map.put(key.toString(), value);
+        }
+        return map;
+    }
 }
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/web/directives/DataGetterDirective.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/web/directives/DataGetterDirective.java
new file mode 100644
index 0000000000..4467085b94
--- /dev/null
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/web/directives/DataGetterDirective.java
@@ -0,0 +1,140 @@
+/* $This file is distributed under the terms of the license in LICENSE$ */
+
+package edu.cornell.mannlib.vitro.webapp.web.directives;
+
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.LinkedHashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+
+import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
+import edu.cornell.mannlib.vitro.webapp.utils.dataGetter.DataGetter;
+import edu.cornell.mannlib.vitro.webapp.utils.dataGetter.DataGetterUtils;
+import freemarker.core.Environment;
+import freemarker.template.ObjectWrapper;
+import freemarker.template.TemplateDirectiveBody;
+import freemarker.template.TemplateException;
+import freemarker.template.TemplateModel;
+import freemarker.template.TemplateModelException;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.jena.ontology.OntModel;
+
+/**
+ * Freemarker directive to make substitutions in DataGetter and return the data
+ * in variable.
+ */
+public class DataGetterDirective extends BaseTemplateDirectiveModel {
+    private static final Log log = LogFactory.getLog(DataGetterDirective.class);
+
+    @Override
+    public void execute(Environment env, Map params, TemplateModel[] loopVars, TemplateDirectiveBody body)
+            throws TemplateException, IOException {
+        long startTime = System.nanoTime();
+        String dataGetterUri = getRequiredSimpleScalarParameter(params, "uri");
+        String variableName = getOptionalSimpleScalarParameter(params, "var");
+        HttpServletRequest req = (HttpServletRequest) env.getCustomAttribute("request");
+        VitroRequest vreq = new VitroRequest(req);
+        try {
+            OntModel model = vreq.getDisplayModel();
+            debug(getTimeSince(startTime) + "ms spent before DataGetter retrieval.");
+            DataGetter dataGetter = DataGetterUtils.dataGetterForURI(vreq, model, dataGetterUri);
+            debug(getTimeSince(startTime) + "ms spent after DataGetter retrieval.");
+            Map<String, Object> parameters = getOptionalHashModelParameter(params, "parameters");
+            debug(getTimeSince(startTime) + "ms spent before DataGetter execution.");
+            applyDataGetter(dataGetter, env, parameters, variableName);
+            debug(getTimeSince(startTime) + "ms spent after DataGetter execution.");
+        } catch (Exception e) {
+            handleException(dataGetterUri, "Could not process data getter '%s'", e);
+        }
+    }
+
+    /**
+     * Get the data from a DataGetter, provide variable values for substitution and
+     * store results in Freemarker environment variable.
+     * 
+     * @param dataGetter - DataGetter to execute
+     * @param env - Freemarker environment
+     * @param parameters - parameters to substitute in DataGetter
+     * @param overrideVariableName - name of Freemarker variable
+     * 
+     */
+    private static void applyDataGetter(DataGetter dataGetter, Environment env, Map<String, Object> parameters,
+            String overrideVariableName) throws TemplateModelException {
+        Map<String, Object> data = dataGetter.getData(parameters);
+        if (data != null) {
+            Object key = data.get("variableName");
+            if (key != null) {
+                Object value = data.get(key.toString());
+                setVariable(env, overrideVariableName, key.toString(), value);
+            }
+        }
+    }
+
+    /**
+     * Decide under which variable store the data, wrap DataGetter results
+     * and assign it to Freemarker environment variable.
+     * 
+     * @param env - Freemarker environment
+     * @param overriddenVariable - overridden name of Freemarker variable
+     * @param defaultVariable - default variable name specified in DataGetter configuration
+     * @param value - value of data returned by DataGetter
+     * 
+     */
+    private static void setVariable(Environment env, String overriddenVariable, String defaultVariable, Object value)
+            throws TemplateModelException {
+        ObjectWrapper wrapper = env.getObjectWrapper();
+        if (!StringUtils.isBlank(overriddenVariable)) {
+            env.setVariable(overriddenVariable, wrapper.wrap(value));
+            debug(String.format("Stored overridden variable in Freemarker environment: '%s' = '%s'", overriddenVariable,
+                    value));
+        } else {
+            env.setVariable(defaultVariable, wrapper.wrap(value));
+            debug(String.format("Stored default variable in Freemarker environment: '%s' = '%s'", defaultVariable,
+                    value));
+        }
+    }
+
+    /**
+     * Handle exceptions that could happen during DataGetter execution
+     */
+    private void handleException(String templateName, String messageTemplate, Exception e) {
+        log.error(String.format(messageTemplate, templateName));
+        log.error(e, e);
+    }
+
+    @Override
+    public Map<String, Object> help(String name) {
+        Map<String, Object> map = new LinkedHashMap<String, Object>();
+        map.put("effect", "Find the freemarker template and optional DataGetters. "
+                + "Apply parameter substitutions in DataGetters." + "Execute the DataGetters and render the template.");
+        map.put("comments", "");
+        Map<String, String> params = new HashMap<String, String>();
+        params.put("template", "Freemarker template file name");
+        params.put("parameters", "Map of parameters and values");
+        map.put("parameters", params);
+
+        List<String> examples = new ArrayList<String>();
+        examples.add("<@dataGetter uri = \"http://dataGetterUri\" \n" + "var = \"foobar\" \n"
+                + "parameters = { \"object\": \"http://objUri\", \"property\": \"http://propUri\" } />");
+        map.put("examples", examples);
+
+        return map;
+    }
+
+    private static long getTimeSince(long previousTime) {
+        return (System.nanoTime() - previousTime) / 1000000;
+    }
+
+    private static void debug(String message) {
+        if (log.isDebugEnabled()) {
+            log.debug(message);
+        }
+    }
+
+}
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/CollatedObjectPropertyTemplateModel.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/CollatedObjectPropertyTemplateModel.java
index 49be8168f7..5edf9cacdb 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/CollatedObjectPropertyTemplateModel.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/CollatedObjectPropertyTemplateModel.java
@@ -57,8 +57,12 @@ public class CollatedObjectPropertyTemplateModel extends
 					+ op.getURI());
 
 			/* Get the data */
-			List<Map<String, String>> statementData = getStatementData();
-
+			List<Map<String, String>> statementData;
+			if (op instanceof FauxPropertyWrapper) {
+				statementData = getUnfilteredStatementData();
+			} else {
+				statementData = getStatementData(); 
+			}
 			/* Apply post-processing */
 			postprocess(statementData);
 
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/NameStatementTemplateModel.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/NameStatementTemplateModel.java
index 2c413481aa..dc2cc593d1 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/NameStatementTemplateModel.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/NameStatementTemplateModel.java
@@ -7,6 +7,8 @@
 
 import org.apache.jena.rdf.model.Literal;
 
+import static edu.cornell.mannlib.vitro.webapp.auth.objects.AccessObject.SOME_LITERAL;
+
 import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessOperation;
 import edu.cornell.mannlib.vitro.webapp.auth.objects.AccessObject;
 import edu.cornell.mannlib.vitro.webapp.auth.objects.DataPropertyStatementAccessObject;
@@ -44,10 +46,15 @@ public class NameStatementTemplateModel extends PropertyStatementTemplateModel {
         // NIHVIVO-2466 Use the same methods to get the label that are used elsewhere in the
         // application, to guarantee consistent results for individuals with multiple labels
         // across the application.
-        WebappDaoFactory wdf = vreq.getWebappDaoFactory();
-        IndividualDao iDao = wdf.getIndividualDao();
-        EditLiteral literal = iDao.getLabelEditLiteral(subjectUri);
 
+        AccessObject ao = new DataPropertyStatementAccessObject(vreq.getJenaOntModel(), subjectUri, property, SOME_LITERAL);
+        boolean isAuthorized = PolicyHelper.isAuthorizedForActions(vreq, ao, AccessOperation.DISPLAY);
+        EditLiteral literal = null;
+        if (isAuthorized) {
+            WebappDaoFactory wdf = vreq.getWebappDaoFactory();
+            IndividualDao iDao = wdf.getIndividualDao();
+            literal = iDao.getLabelEditLiteral(subjectUri);
+        }
         if (literal == null) {
         	// If the individual has no rdfs:label, use the local name. It will not be editable. (This replicates previous behavior;
         	// perhaps we would want to allow a label to be added. But such individuals do not usually have their profiles viewed or
diff --git a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/PropertyGroupTemplateModel.java b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/PropertyGroupTemplateModel.java
index 44b73d5b70..33aedb81d1 100644
--- a/api/src/main/java/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/PropertyGroupTemplateModel.java
+++ b/api/src/main/java/edu/cornell/mannlib/vitro/webapp/web/templatemodels/individual/PropertyGroupTemplateModel.java
@@ -8,18 +8,11 @@
 import java.util.ArrayList;
 import java.util.List;
 
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
 import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessOperation;
 import edu.cornell.mannlib.vitro.webapp.auth.objects.AccessObject;
-import edu.cornell.mannlib.vitro.webapp.auth.objects.DataPropertyAccessObject;
 import edu.cornell.mannlib.vitro.webapp.auth.objects.DataPropertyStatementAccessObject;
-import edu.cornell.mannlib.vitro.webapp.auth.objects.FauxDataPropertyAccessObject;
 import edu.cornell.mannlib.vitro.webapp.auth.objects.FauxDataPropertyStatementAccessObject;
-import edu.cornell.mannlib.vitro.webapp.auth.objects.FauxObjectPropertyAccessObject;
 import edu.cornell.mannlib.vitro.webapp.auth.objects.FauxObjectPropertyStatementAccessObject;
-import edu.cornell.mannlib.vitro.webapp.auth.objects.ObjectPropertyAccessObject;
 import edu.cornell.mannlib.vitro.webapp.auth.objects.ObjectPropertyStatementAccessObject;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
 import edu.cornell.mannlib.vitro.webapp.beans.DataProperty;
@@ -30,6 +23,8 @@
 import edu.cornell.mannlib.vitro.webapp.beans.PropertyGroup;
 import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
 import edu.cornell.mannlib.vitro.webapp.web.templatemodels.BaseTemplateModel;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
 
 public class PropertyGroupTemplateModel extends BaseTemplateModel {
 
@@ -78,20 +73,11 @@ public class PropertyGroupTemplateModel extends BaseTemplateModel {
 	 */
 	private boolean allowedToDisplay(VitroRequest vreq, ObjectProperty op, Individual subject) {
 	    AccessObject ao;
-	    if (op instanceof FauxObjectPropertyWrapper) {
-	        ao = new FauxObjectPropertyAccessObject(op);
-	    } else {
-	        ao = new ObjectPropertyAccessObject(op);    
-	    }
-		if (PolicyHelper.isAuthorizedForActions(vreq, ao, AccessOperation.DISPLAY)) {
-			return true;
-		}
-        //TODO: Model should be here to correctly check authorization
 		if (op instanceof FauxObjectPropertyWrapper) {
 			final FauxProperty fauxProperty = ((FauxObjectPropertyWrapper) op).getFauxProperty();
-            ao = new FauxObjectPropertyStatementAccessObject(null, subject.getURI(), fauxProperty, SOME_URI);
+            ao = new FauxObjectPropertyStatementAccessObject(vreq.getJenaOntModel(), subject.getURI(), fauxProperty, SOME_URI);
 		} else {
-			ao = new ObjectPropertyStatementAccessObject(null, subject.getURI(), op, SOME_URI);
+			ao = new ObjectPropertyStatementAccessObject(vreq.getJenaOntModel(), subject.getURI(), op, SOME_URI);
 		}
 		return PolicyHelper.isAuthorizedForActions(vreq, ao, AccessOperation.DISPLAY);
     }
@@ -102,20 +88,11 @@ private boolean allowedToDisplay(VitroRequest vreq, ObjectProperty op, Individua
 	 */
 	private boolean allowedToDisplay(VitroRequest vreq, DataProperty dp, Individual subject) {
         AccessObject ao;
-        if (dp instanceof FauxDataPropertyWrapper) {
-            ao = new FauxDataPropertyAccessObject(dp);
-        } else {
-            ao = new DataPropertyAccessObject(dp);    
-        }
-		if (PolicyHelper.isAuthorizedForActions(vreq, ao, AccessOperation.DISPLAY)) {
-			return true;
-		}
-        //TODO: Model should be here to correctly check authorization
 		if (dp instanceof FauxDataPropertyWrapper) {
 		    final FauxProperty fauxProperty = ((FauxDataPropertyWrapper) dp).getFauxProperty();
-			ao = new FauxDataPropertyStatementAccessObject(null, subject.getURI(), fauxProperty, SOME_LITERAL);
+			ao = new FauxDataPropertyStatementAccessObject(vreq.getJenaOntModel(), subject.getURI(), fauxProperty, SOME_LITERAL);
 		} else {
-			ao = new DataPropertyStatementAccessObject(null, subject.getURI(), dp, SOME_LITERAL);
+			ao = new DataPropertyStatementAccessObject(vreq.getJenaOntModel(), subject.getURI(), dp, SOME_LITERAL);
 		}
         return PolicyHelper.isAuthorizedForActions(vreq, ao, AccessOperation.DISPLAY);	
     }
diff --git a/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/AccessAllowedClassesPolicyTemplateTest.java b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/AccessAllowedClassesPolicyTemplateTest.java
index 139c547671..c6e4340b84 100644
--- a/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/AccessAllowedClassesPolicyTemplateTest.java
+++ b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/AccessAllowedClassesPolicyTemplateTest.java
@@ -48,8 +48,7 @@ public void testPolicy() {
         }
         EntityPolicyController.grantAccess("test:entity", type, ao, roleUri);
         DynamicPolicy policy = null;
-        String dataSet =
-                loader.getDataSetUriByKey(new String[] { }, new String[] { ao.toString(), type.toString(), roleUri });
+        String dataSet = loader.getDataSetUriByKey(ao.toString(), type.toString(), roleUri);
         policy = loader.loadPolicyFromTemplateDataSet(dataSet);
         countRulesAndAttributes(policy, rulesCount, attrCount);
         Set<String> values = loader.getDataSetValues(ao, type, roleUri);
diff --git a/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/AccessAllowedPropertiesPolicyTemplateTest.java b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/AccessAllowedPropertiesPolicyTemplateTest.java
index 5cd4826702..2c893f3036 100644
--- a/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/AccessAllowedPropertiesPolicyTemplateTest.java
+++ b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/AccessAllowedPropertiesPolicyTemplateTest.java
@@ -54,8 +54,7 @@ public void testPolicy() {
         }
         EntityPolicyController.grantAccess("test:entity", type, ao, roleUri);
         DynamicPolicy policy = null;
-        String dataSet =
-                loader.getDataSetUriByKey(new String[] { }, new String[] { ao.toString(), type.toString(), roleUri });
+        String dataSet = loader.getDataSetUriByKey(ao.toString(), type.toString(), roleUri);
         policy = loader.loadPolicyFromTemplateDataSet(dataSet);
         countRulesAndAttributes(policy, rulesCount, attrCount);
         assertTrue(EntityPolicyController.isGranted("test:entity", type, ao, roleUri));
diff --git a/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/AccessRelatedAllowedPropertiesPolicyTemplateTest.java b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/AccessRelatedAllowedPropertiesPolicyTemplateTest.java
index 60e90c7199..516f3cd9b8 100644
--- a/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/AccessRelatedAllowedPropertiesPolicyTemplateTest.java
+++ b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/AccessRelatedAllowedPropertiesPolicyTemplateTest.java
@@ -42,8 +42,7 @@ public void testPolicy() {
         load(TEMPLATE_RELATED_PROPERTIES_PATH);
         EntityPolicyController.grantAccess("test:entity", type, ao, roleUri);
         DynamicPolicy policy = null;
-        String dataSet =
-                loader.getDataSetUriByKey(new String[] { }, new String[] { ao.toString(), type.toString(), roleUri });
+        String dataSet = loader.getDataSetUriByKey(ao.toString(), type.toString(), roleUri);
         policy = loader.loadPolicyFromTemplateDataSet(dataSet);
         countRulesAndAttributes(policy, rulesCount, attrCount);
         Set<String> values = loader.getDataSetValues(ao, type, roleUri);
diff --git a/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/AllowDisplayIndividualPagePolicyTest.java b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/AllowDisplayIndividualPagePolicyTest.java
new file mode 100644
index 0000000000..4c30b73fa3
--- /dev/null
+++ b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/AllowDisplayIndividualPagePolicyTest.java
@@ -0,0 +1,45 @@
+package edu.cornell.mannlib.vitro.webapp.auth.policy;
+
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessOperation.ADD;
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessOperation.DISPLAY;
+import static edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.DecisionResult.AUTHORIZED;
+import static edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.DecisionResult.INCONCLUSIVE;
+import static edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary.AUTH_INDIVIDUAL_PREFIX;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.Set;
+
+import edu.cornell.mannlib.vitro.webapp.auth.objects.AccessObject;
+import edu.cornell.mannlib.vitro.webapp.auth.objects.IndividualAccessObject;
+import edu.cornell.mannlib.vitro.webapp.auth.objects.NamedAccessObject;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.SimpleAuthorizationRequest;
+import org.junit.Test;
+
+public class AllowDisplayIndividualPagePolicyTest extends PolicyTest {
+
+    public static final String POLICY_PATH = USER_ACCOUNTS_HOME_FIRSTTIME + "policy_allow_display_individual_page.n3";
+
+    @Test
+    public void testLoadPolicy() {
+        load(POLICY_PATH);
+        String policyUri = AUTH_INDIVIDUAL_PREFIX + "allow-display-individual-page/Policy";
+        Set<DynamicPolicy> policies = loader.loadPolicies(policyUri);
+        assertEquals(1, policies.size());
+        DynamicPolicy policy = policies.iterator().next();
+        assertTrue(policy != null);
+        assertEquals(1000, policy.getPriority());
+        countRulesAndAttributes(policy, 1, Collections.singleton(2));
+        AccessObject ao = new IndividualAccessObject("https://test-individual");
+        SimpleAuthorizationRequest ar = new SimpleAuthorizationRequest(ao, DISPLAY);
+        ar.setRoleUris(Arrays.asList(PUBLIC));
+        assertEquals(AUTHORIZED, policy.decide(ar).getDecisionResult());
+        ar = new SimpleAuthorizationRequest(ao, ADD);
+        assertEquals(INCONCLUSIVE, policy.decide(ar).getDecisionResult());
+        ao = new NamedAccessObject("https://test-individual");
+        ar = new SimpleAuthorizationRequest(ao, DISPLAY);
+        assertEquals(INCONCLUSIVE, policy.decide(ar).getDecisionResult());
+    }
+}
diff --git a/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_ModelsTest.java b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_ModelsTest.java
index bc9855eae9..9871755065 100644
--- a/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_ModelsTest.java
+++ b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_ModelsTest.java
@@ -344,7 +344,7 @@ public PolicyDecision decide(AuthorizationRequest ar) {
 
 			Statement friendStmt = objectStatement(PRIMARY_RESOURCE_URI,
 					FRIEND_PREDICATE_URI, subjectUri);
-			if (statementExists(action.getStatementOntModel(), friendStmt)) {
+			if (statementExists(action.getModel(), friendStmt)) {
 				return authorized();
 			}
 
diff --git a/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyLoaderTest.java b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyLoaderTest.java
index e3e677bf03..88b00f0601 100644
--- a/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyLoaderTest.java
+++ b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyLoaderTest.java
@@ -6,10 +6,13 @@
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertTrue;
 
+import java.util.Collections;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
 
 import edu.cornell.mannlib.vitro.webapp.auth.attributes.AttributeValueKey;
+import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary;
 import edu.cornell.mannlib.vitro.webapp.modelaccess.ModelNames;
 import org.apache.jena.rdf.model.Model;
 import org.apache.jena.rdf.model.ModelFactory;
@@ -53,8 +56,7 @@ public void getRoleDataSetDraftKeyTemplateTest() {
     @Test
     public void getDataSetUriByKeyTest() {
         load(DATA_SET);
-        String uri = PolicyLoader.getInstance().getDataSetUriByKey(new String[] {  },
-                new String[] { NAMED_OBJECT.toString(), EXECUTE.toString(), PUBLIC });
+        String uri = PolicyLoader.getInstance().getDataSetUriByKey(NAMED_OBJECT.toString(), EXECUTE.toString(), PUBLIC);
         assertEquals(PREFIX + "PublicDataSet", uri);
     }
 
@@ -75,7 +77,6 @@ public void getDataSetKeyTest() {
         expectedKey.setObjectType(NAMED_OBJECT);
         AttributeValueKey compositeKey = PolicyLoader.getInstance().getDataSetKey(PREFIX + "PublicDataSet");
         assertEquals(expectedKey, compositeKey);
-
     }
 
     @Test
@@ -91,4 +92,17 @@ public void getSubjectRoleValuePatternTest() {
         assertTrue(!patterns.isEmpty());
         assertEquals(1, patterns.size());
     }
+
+    @Test
+    public void testLoadPolicyWithValues() {
+        load(RESOURCES_RULES_PREFIX + "policy_values.n3");
+        String policyUri = VitroVocabulary.AUTH_INDIVIDUAL_PREFIX + "policy-values-test/Policy";
+        Set<DynamicPolicy> policies = loader.loadPolicies(policyUri);
+        assertEquals(1, policies.size());
+        DynamicPolicy policy = policies.iterator().next();
+        assertTrue(policy != null);
+        assertEquals(100, policy.getPriority());
+        countRulesAndAttributes(policy, 1, Collections.singleton(1));
+    }
+
 }
diff --git a/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyTest.java b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyTest.java
index e43d9472e8..ea3786ff4f 100644
--- a/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyTest.java
+++ b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyTest.java
@@ -43,6 +43,7 @@ public class PolicyTest {
     public static final String OBJECT_TYPES = USER_ACCOUNTS_HOME_FIRSTTIME + "object_types.n3";
     public static final String ATTRIBUTES_PATH = USER_ACCOUNTS_HOME_FIRSTTIME + "attributes.n3";
     public static final String OPERATORS_PATH = USER_ACCOUNTS_HOME_FIRSTTIME + "operators.n3";
+    public static final String NAMED_KEY_COMPONENTS_PATH = USER_ACCOUNTS_HOME_FIRSTTIME + "named_key_components.n3";
     public static final String PROFILE_PROXIMITY_QUERY = USER_ACCOUNTS_HOME_FIRSTTIME + "profile_proximity_query.n3";
     public static final String TEST_DECISIONS = USER_ACCOUNTS_HOME_FIRSTTIME + "decisions.n3";
     public static final String ROLES = USER_ACCOUNTS_HOME_FIRSTTIME + "roles.n3";
@@ -92,6 +93,7 @@ public void init() {
         load(OPERATORS_PATH);
         load(PROFILE_PROXIMITY_QUERY);
         load(TEST_DECISIONS);
+        load(NAMED_KEY_COMPONENTS_PATH);
         RDFServiceModel rdfService = new RDFServiceModel(configurationDataSet);
         AttributeValueSetRegistry.getInstance().clear();
         PolicyLoader.initialize(rdfService);
diff --git a/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/SimplePermissionTemplateTest.java b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/SimplePermissionTemplateTest.java
index 6ff3711777..2c6fb8ead2 100644
--- a/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/SimplePermissionTemplateTest.java
+++ b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/SimplePermissionTemplateTest.java
@@ -134,8 +134,8 @@ public void testCustomRole() {
         // Create custom data set
         PolicyTemplateController.createRoleDataSets(CUSTOM);
         // Get data set uri by key: role uri and named object
-        String dataSetUri = loader.getDataSetUriByKey(new String[] {  },
-                new String[] { AccessObjectType.NAMED_OBJECT.toString(), AccessOperation.EXECUTE.toString(), CUSTOM });
+        String dataSetUri = loader.getDataSetUriByKey(AccessObjectType.NAMED_OBJECT.toString(),
+                AccessOperation.EXECUTE.toString(), CUSTOM);
 
         assertTrue(dataSetUri != null);
         DynamicPolicy policy = loader.loadPolicyFromTemplateDataSet(dataSetUri);
diff --git a/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/SuppressDisplayIndividualPageByUriTemplateTest.java b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/SuppressDisplayIndividualPageByUriTemplateTest.java
new file mode 100644
index 0000000000..e0f91f0a70
--- /dev/null
+++ b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/SuppressDisplayIndividualPageByUriTemplateTest.java
@@ -0,0 +1,123 @@
+package edu.cornell.mannlib.vitro.webapp.auth.policy;
+
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessObjectType.INDIVIDUAL;
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessOperation.DISPLAY;
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.NamedKeyComponent.SUPPRESSION_BY_URI;
+import static edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.DecisionResult.INCONCLUSIVE;
+import static edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.DecisionResult.UNAUTHORIZED;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Set;
+
+import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessObjectType;
+import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessOperation;
+import edu.cornell.mannlib.vitro.webapp.auth.objects.AccessObject;
+import edu.cornell.mannlib.vitro.webapp.auth.objects.IndividualAccessObject;
+import edu.cornell.mannlib.vitro.webapp.auth.objects.NamedAccessObject;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.SimpleAuthorizationRequest;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized;
+
+@RunWith(Parameterized.class)
+public class SuppressDisplayIndividualPageByUriTemplateTest extends PolicyTest {
+
+    private static final String TEST_ENTITY = "test:entity";
+
+    public static final String POLICY_PATH =
+            USER_ACCOUNTS_HOME_FIRSTTIME + "template_suppress_display_individual_page_by_uri.n3";
+
+    @org.junit.runners.Parameterized.Parameter(0)
+    public AccessOperation ao;
+
+    @org.junit.runners.Parameterized.Parameter(1)
+    public AccessObjectType type;
+
+    @org.junit.runners.Parameterized.Parameter(2)
+    public String roleUri;
+
+    @org.junit.runners.Parameterized.Parameter(3)
+    public int rulesCount;
+
+    @org.junit.runners.Parameterized.Parameter(4)
+    public Set<Integer> attrCount;
+
+    @Test
+    public void testLoadPolicy() {
+        load(POLICY_PATH);
+
+        if (roleUri.equals(CUSTOM)) {
+            PolicyTemplateController.createRoleDataSets(CUSTOM);
+        }
+        EntityPolicyController.grantAccess(TEST_ENTITY, type, ao, roleUri, SUPPRESSION_BY_URI.toString());
+
+        String dataSetUri =
+                loader.getDataSetUriByKey(SUPPRESSION_BY_URI.toString(), ao.toString(), type.toString(), roleUri);
+        assertFalse(dataSetUri == null);
+        DynamicPolicy policy = loader.loadPolicyFromTemplateDataSet(dataSetUri);
+        assertTrue(policy != null);
+        assertEquals(2000, policy.getPriority());
+        countRulesAndAttributes(policy, 1, Collections.singleton(4));
+        policyDeniesAccess(policy);
+
+        policyNotAffectsOtherTypes(policy);
+        policyNotAffectsOtherEntities(policy);
+        policyNotAffectsOtherOperations(policy);
+        policyNotAffectsOtherRoles(policy);
+    }
+
+    private void policyNotAffectsOtherRoles(DynamicPolicy policy) {
+        AccessObject object = new IndividualAccessObject(TEST_ENTITY);
+        SimpleAuthorizationRequest ar = new SimpleAuthorizationRequest(object, ao);
+        ar.setRoleUris(Arrays.asList(roleUri + "_NOT_EXISTS"));
+        assertEquals(INCONCLUSIVE, policy.decide(ar).getDecisionResult());
+    }
+
+    private void policyNotAffectsOtherEntities(DynamicPolicy policy) {
+        AccessObject object = new IndividualAccessObject("test:anothe_entity");
+        SimpleAuthorizationRequest ar = new SimpleAuthorizationRequest(object, ao);
+        ar.setRoleUris(Arrays.asList(roleUri));
+        assertEquals(INCONCLUSIVE, policy.decide(ar).getDecisionResult());
+    }
+
+    private void policyNotAffectsOtherOperations(DynamicPolicy policy) {
+        AccessObject object = new IndividualAccessObject(TEST_ENTITY);
+        SimpleAuthorizationRequest ar = new SimpleAuthorizationRequest(object, AccessOperation.ADD);
+        ar.setRoleUris(Arrays.asList(roleUri));
+        assertEquals(INCONCLUSIVE, policy.decide(ar).getDecisionResult());
+    }
+
+    private void policyNotAffectsOtherTypes(DynamicPolicy policy) {
+        AccessObject object = new NamedAccessObject(TEST_ENTITY);
+        SimpleAuthorizationRequest ar = new SimpleAuthorizationRequest(object, ao);
+        ar.setRoleUris(Arrays.asList(roleUri));
+        assertEquals(INCONCLUSIVE, policy.decide(ar).getDecisionResult());
+    }
+
+    private void policyDeniesAccess(DynamicPolicy policy) {
+        AccessObject object = new IndividualAccessObject(TEST_ENTITY);
+        SimpleAuthorizationRequest ar = new SimpleAuthorizationRequest(object, ao);
+        ar.setRoleUris(Arrays.asList(roleUri));
+        assertEquals(UNAUTHORIZED, policy.decide(ar).getDecisionResult());
+    }
+
+    @Parameterized.Parameters
+    public static Collection<Object[]> requests() {
+        return Arrays.asList(new Object[][] {
+            { DISPLAY, INDIVIDUAL, ADMIN, 1, num(4) },
+            { DISPLAY, INDIVIDUAL, CURATOR, 1, num(4) },
+            { DISPLAY, INDIVIDUAL, EDITOR, 1, num(4) },
+            { DISPLAY, INDIVIDUAL, SELF_EDITOR, 1, num(4) },
+            { DISPLAY, INDIVIDUAL, PUBLIC, 1, num(4) },
+            { DISPLAY, INDIVIDUAL, CUSTOM, 1, num(4) },});
+    }
+
+    private static Set<Integer> num(int i) {
+        return Collections.singleton(i);
+    }
+}
diff --git a/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/SuppressDisplayIndividualPageTypeTemplateTest.java b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/SuppressDisplayIndividualPageTypeTemplateTest.java
new file mode 100644
index 0000000000..824d16c09b
--- /dev/null
+++ b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/SuppressDisplayIndividualPageTypeTemplateTest.java
@@ -0,0 +1,144 @@
+package edu.cornell.mannlib.vitro.webapp.auth.policy;
+
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessObjectType.INDIVIDUAL;
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessOperation.DISPLAY;
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.NamedKeyComponent.SUPPRESSION_BY_TYPE;
+import static edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.DecisionResult.INCONCLUSIVE;
+import static edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.DecisionResult.UNAUTHORIZED;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Set;
+
+import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessObjectType;
+import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessOperation;
+import edu.cornell.mannlib.vitro.webapp.auth.attributes.NamedKeyComponent;
+import edu.cornell.mannlib.vitro.webapp.auth.objects.AccessObject;
+import edu.cornell.mannlib.vitro.webapp.auth.objects.IndividualAccessObject;
+import edu.cornell.mannlib.vitro.webapp.auth.objects.NamedAccessObject;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.SimpleAuthorizationRequest;
+import org.apache.jena.rdf.model.Model;
+import org.apache.jena.rdf.model.ModelFactory;
+import org.apache.jena.shared.Lock;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized;
+
+@RunWith(Parameterized.class)
+public class SuppressDisplayIndividualPageTypeTemplateTest extends PolicyTest {
+
+    private static final NamedKeyComponent NAMED_KEY = SUPPRESSION_BY_TYPE;
+
+    private static final String TEST_ENTITY = "test:alice";
+    private static final String TEST_TYPE = "test:person";
+
+
+    public static final String POLICY_PATH =
+            USER_ACCOUNTS_HOME_FIRSTTIME + "template_suppress_display_individual_page_by_type.n3";
+    public static final String TEST_DATA = RESOURCES_RULES_PREFIX + "suppress_display_test_data.n3";
+
+    @org.junit.runners.Parameterized.Parameter(0)
+    public AccessOperation ao;
+
+    @org.junit.runners.Parameterized.Parameter(1)
+    public AccessObjectType type;
+
+    @org.junit.runners.Parameterized.Parameter(2)
+    public String roleUri;
+
+    @org.junit.runners.Parameterized.Parameter(3)
+    public int rulesCount;
+
+    @org.junit.runners.Parameterized.Parameter(4)
+    public Set<Integer> attrCount;
+
+    @Test
+    public void testLoadPolicy() {
+        load(POLICY_PATH);
+        Model dataModel = ModelFactory.createDefaultModel();
+        try {
+            dataModel.enterCriticalSection(Lock.WRITE);
+            dataModel.read(TEST_DATA);
+        } finally {
+            dataModel.leaveCriticalSection();
+        }
+        if (roleUri.equals(CUSTOM)) {
+            PolicyTemplateController.createRoleDataSets(CUSTOM);
+        }
+        EntityPolicyController.grantAccess(TEST_TYPE, type, ao, roleUri, NAMED_KEY.toString());
+
+        String dataSetUri =
+                loader.getDataSetUriByKey(NAMED_KEY.toString(), ao.toString(), type.toString(), roleUri);
+        assertFalse(dataSetUri == null);
+        DynamicPolicy policy = loader.loadPolicyFromTemplateDataSet(dataSetUri);
+        assertTrue(policy != null);
+        assertEquals(1500, policy.getPriority());
+        countRulesAndAttributes(policy, 1, Collections.singleton(4));
+        policyDeniesAccess(policy, dataModel);
+
+        policyNotAffectsOtherTypes(policy, dataModel);
+        policyNotAffectsOtherEntities(policy, dataModel);
+        policyNotAffectsOtherOperations(policy, dataModel);
+        policyNotAffectsOtherRoles(policy, dataModel);
+    }
+
+    private void policyNotAffectsOtherRoles(DynamicPolicy policy, Model targetModel) {
+        AccessObject object = new IndividualAccessObject(TEST_ENTITY);
+        object.setModel(targetModel);
+        SimpleAuthorizationRequest ar = new SimpleAuthorizationRequest(object, AccessOperation.DISPLAY);
+        ar.setRoleUris(Arrays.asList(roleUri + "_NOT_EXISTS"));
+        assertEquals(INCONCLUSIVE, policy.decide(ar).getDecisionResult());
+    }
+
+    private void policyNotAffectsOtherEntities(DynamicPolicy policy, Model targetModel) {
+        AccessObject object = new IndividualAccessObject("test:another_entity");
+        object.setModel(targetModel);
+        SimpleAuthorizationRequest ar = new SimpleAuthorizationRequest(object, ao);
+        ar.setRoleUris(Arrays.asList(roleUri));
+        assertEquals(INCONCLUSIVE, policy.decide(ar).getDecisionResult());
+    }
+
+    private void policyNotAffectsOtherOperations(DynamicPolicy policy, Model targetModel) {
+        AccessObject object = new IndividualAccessObject(TEST_ENTITY);
+        object.setModel(targetModel);
+        SimpleAuthorizationRequest ar = new SimpleAuthorizationRequest(object, AccessOperation.ADD);
+        ar.setRoleUris(Arrays.asList(roleUri));
+        assertEquals(INCONCLUSIVE, policy.decide(ar).getDecisionResult());
+    }
+
+    private void policyNotAffectsOtherTypes(DynamicPolicy policy, Model targetModel) {
+        AccessObject object = new NamedAccessObject(TEST_ENTITY);
+        object.setModel(targetModel);
+        SimpleAuthorizationRequest ar = new SimpleAuthorizationRequest(object, ao);
+        ar.setRoleUris(Arrays.asList(roleUri));
+        assertEquals(INCONCLUSIVE, policy.decide(ar).getDecisionResult());
+    }
+
+    private void policyDeniesAccess(DynamicPolicy policy, Model targetModel) {
+        AccessObject object = new IndividualAccessObject(TEST_ENTITY);
+        object.setModel(targetModel);
+        SimpleAuthorizationRequest ar = new SimpleAuthorizationRequest(object, ao);
+        ar.setRoleUris(Arrays.asList(roleUri));
+        assertEquals(UNAUTHORIZED, policy.decide(ar).getDecisionResult());
+    }
+
+
+    @Parameterized.Parameters
+    public static Collection<Object[]> requests() {
+        return Arrays.asList(new Object[][] {
+            { DISPLAY, INDIVIDUAL, ADMIN, 1, num(4) },
+            { DISPLAY, INDIVIDUAL, CURATOR, 1, num(4) },
+            { DISPLAY, INDIVIDUAL, EDITOR, 1, num(4) },
+            { DISPLAY, INDIVIDUAL, SELF_EDITOR, 1, num(4) },
+            { DISPLAY, INDIVIDUAL, PUBLIC, 1, num(4) },
+            { DISPLAY, INDIVIDUAL, CUSTOM, 1, num(4) },});
+    }
+
+    private static Set<Integer> num(int i) {
+        return Collections.singleton(i);
+    }
+}
diff --git a/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/SuppressDisplayNotRelatedIndividualPageByTypeTemplateTest.java b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/SuppressDisplayNotRelatedIndividualPageByTypeTemplateTest.java
new file mode 100644
index 0000000000..11738e1a20
--- /dev/null
+++ b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/SuppressDisplayNotRelatedIndividualPageByTypeTemplateTest.java
@@ -0,0 +1,146 @@
+package edu.cornell.mannlib.vitro.webapp.auth.policy;
+
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessObjectType.INDIVIDUAL;
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessOperation.DISPLAY;
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.NamedKeyComponent.NOT_RELATED;
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.NamedKeyComponent.SUPPRESSION_BY_TYPE;
+import static edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.DecisionResult.INCONCLUSIVE;
+import static edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.DecisionResult.UNAUTHORIZED;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Set;
+
+import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessObjectType;
+import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessOperation;
+import edu.cornell.mannlib.vitro.webapp.auth.objects.AccessObject;
+import edu.cornell.mannlib.vitro.webapp.auth.objects.IndividualAccessObject;
+import edu.cornell.mannlib.vitro.webapp.auth.objects.NamedAccessObject;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.SimpleAuthorizationRequest;
+import org.apache.jena.rdf.model.Model;
+import org.apache.jena.rdf.model.ModelFactory;
+import org.apache.jena.shared.Lock;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized;
+
+@RunWith(Parameterized.class)
+public class SuppressDisplayNotRelatedIndividualPageByTypeTemplateTest extends PolicyTest {
+
+    private static final String TEST_ENTITY = "test:alice";
+    private static final String TEST_TYPE = "test:person";
+
+    public static final String POLICY_PATH =
+            USER_ACCOUNTS_HOME_FIRSTTIME + "template_suppress_display_not_related_individual_page_by_type.n3";
+    public static final String TEST_DATA = RESOURCES_RULES_PREFIX + "suppress_display_test_data.n3";
+
+    @org.junit.runners.Parameterized.Parameter(0)
+    public AccessOperation ao;
+
+    @org.junit.runners.Parameterized.Parameter(1)
+    public AccessObjectType type;
+
+    @org.junit.runners.Parameterized.Parameter(2)
+    public String roleUri;
+
+    @org.junit.runners.Parameterized.Parameter(3)
+    public int rulesCount;
+
+    @org.junit.runners.Parameterized.Parameter(4)
+    public Set<Integer> attrCount;
+
+    @Test
+    public void testLoadPolicy() {
+        load(POLICY_PATH);
+        Model dataModel = ModelFactory.createDefaultModel();
+        try {
+            dataModel.enterCriticalSection(Lock.WRITE);
+            dataModel.read(TEST_DATA);
+        } finally {
+            dataModel.leaveCriticalSection();
+        }
+        if (roleUri.equals(CUSTOM)) {
+            PolicyTemplateController.createRoleDataSets(CUSTOM);
+        }
+        EntityPolicyController.grantAccess(TEST_TYPE, type, ao, roleUri, SUPPRESSION_BY_TYPE.toString(),
+                NOT_RELATED.toString());
+
+        String dataSetUri = loader.getDataSetUriByKey(SUPPRESSION_BY_TYPE.toString(), NOT_RELATED.toString(),
+                ao.toString(), type.toString(), roleUri);
+        assertFalse(dataSetUri == null);
+        DynamicPolicy policy = loader.loadPolicyFromTemplateDataSet(dataSetUri);
+        assertTrue(policy != null);
+        assertEquals(1500, policy.getPriority());
+        countRulesAndAttributes(policy, 1, Collections.singleton(5));
+        policyDeniesAccess(policy, dataModel);
+
+        policyNotAffectsOtherTypes(policy, dataModel);
+        policyNotAffectsOtherEntities(policy, dataModel);
+        policyNotAffectsOtherOperations(policy, dataModel);
+        policyNotAffectsOtherRoles(policy, dataModel);
+        policyNotAffectsRelatedIndividuals(policy, dataModel);
+
+    }
+
+    private void policyNotAffectsOtherRoles(DynamicPolicy policy, Model targetModel) {
+        AccessObject object = new IndividualAccessObject(TEST_ENTITY);
+        object.setModel(targetModel);
+        SimpleAuthorizationRequest ar = new SimpleAuthorizationRequest(object, AccessOperation.DISPLAY);
+        ar.setRoleUris(Arrays.asList(roleUri + "_NOT_EXISTS"));
+        assertEquals(INCONCLUSIVE, policy.decide(ar).getDecisionResult());
+    }
+
+    private void policyNotAffectsOtherEntities(DynamicPolicy policy, Model targetModel) {
+        AccessObject object = new IndividualAccessObject("test:another_entity");
+        object.setModel(targetModel);
+        SimpleAuthorizationRequest ar = new SimpleAuthorizationRequest(object, ao);
+        ar.setRoleUris(Arrays.asList(roleUri));
+        assertEquals(INCONCLUSIVE, policy.decide(ar).getDecisionResult());
+    }
+
+    private void policyNotAffectsOtherOperations(DynamicPolicy policy, Model targetModel) {
+        AccessObject object = new IndividualAccessObject(TEST_ENTITY);
+        object.setModel(targetModel);
+        SimpleAuthorizationRequest ar = new SimpleAuthorizationRequest(object, AccessOperation.ADD);
+        ar.setRoleUris(Arrays.asList(roleUri));
+        assertEquals(INCONCLUSIVE, policy.decide(ar).getDecisionResult());
+    }
+
+    private void policyNotAffectsOtherTypes(DynamicPolicy policy, Model targetModel) {
+        AccessObject object = new NamedAccessObject(TEST_ENTITY);
+        object.setModel(targetModel);
+        SimpleAuthorizationRequest ar = new SimpleAuthorizationRequest(object, ao);
+        ar.setRoleUris(Arrays.asList(roleUri));
+        assertEquals(INCONCLUSIVE, policy.decide(ar).getDecisionResult());
+    }
+
+    private void policyNotAffectsRelatedIndividuals(DynamicPolicy policy, Model targetModel) {
+        AccessObject object = new IndividualAccessObject(TEST_ENTITY);
+        object.setModel(targetModel);
+        SimpleAuthorizationRequest ar = new SimpleAuthorizationRequest(object, ao);
+        ar.setRoleUris(Arrays.asList(roleUri));
+        ar.setEditorUris(Arrays.asList(TEST_ENTITY));
+        assertEquals(INCONCLUSIVE, policy.decide(ar).getDecisionResult());
+    }
+
+    private void policyDeniesAccess(DynamicPolicy policy, Model targetModel) {
+        AccessObject object = new IndividualAccessObject(TEST_ENTITY);
+        object.setModel(targetModel);
+        SimpleAuthorizationRequest ar = new SimpleAuthorizationRequest(object, ao);
+        ar.setRoleUris(Arrays.asList(roleUri));
+        assertEquals(UNAUTHORIZED, policy.decide(ar).getDecisionResult());
+    }
+
+    @Parameterized.Parameters
+    public static Collection<Object[]> requests() {
+        return Arrays.asList(new Object[][] { { DISPLAY, INDIVIDUAL, SELF_EDITOR, 1, num(4) }, });
+    }
+
+    private static Set<Integer> num(int i) {
+        return Collections.singleton(i);
+    }
+}
diff --git a/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/SuppressDisplayNotRelatedPropertyByUriTemplateTest.java b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/SuppressDisplayNotRelatedPropertyByUriTemplateTest.java
new file mode 100644
index 0000000000..5e80d4def3
--- /dev/null
+++ b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/SuppressDisplayNotRelatedPropertyByUriTemplateTest.java
@@ -0,0 +1,184 @@
+package edu.cornell.mannlib.vitro.webapp.auth.policy;
+
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessObjectType.DATA_PROPERTY;
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessObjectType.FAUX_DATA_PROPERTY;
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessObjectType.FAUX_OBJECT_PROPERTY;
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessObjectType.OBJECT_PROPERTY;
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessOperation.DISPLAY;
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessOperation.PUBLISH;
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.NamedKeyComponent.NOT_RELATED;
+import static edu.cornell.mannlib.vitro.webapp.auth.attributes.NamedKeyComponent.SUPPRESSION_BY_URI;
+import static edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.DecisionResult.INCONCLUSIVE;
+import static edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.DecisionResult.UNAUTHORIZED;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Set;
+
+import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessObjectType;
+import edu.cornell.mannlib.vitro.webapp.auth.attributes.AccessOperation;
+import edu.cornell.mannlib.vitro.webapp.auth.objects.AccessObject;
+import edu.cornell.mannlib.vitro.webapp.auth.objects.DataPropertyStatementAccessObject;
+import edu.cornell.mannlib.vitro.webapp.auth.objects.FauxDataPropertyStatementAccessObject;
+import edu.cornell.mannlib.vitro.webapp.auth.objects.FauxObjectPropertyStatementAccessObject;
+import edu.cornell.mannlib.vitro.webapp.auth.objects.ObjectPropertyStatementAccessObject;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.SimpleAuthorizationRequest;
+import edu.cornell.mannlib.vitro.webapp.beans.FauxProperty;
+import edu.cornell.mannlib.vitro.webapp.beans.Property;
+import edu.cornell.mannlib.vitro.webapp.rdfservice.adapters.VitroModelFactory;
+import org.apache.jena.ontology.OntModel;
+import org.apache.jena.shared.Lock;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized;
+
+@RunWith(Parameterized.class)
+public class SuppressDisplayNotRelatedPropertyByUriTemplateTest extends PolicyTest {
+
+    public static final String POLICY_PATH =
+            USER_ACCOUNTS_HOME_FIRSTTIME + "template_suppress_display_not_related_property_by_uri.n3";
+    public static final String TEST_DATA = RESOURCES_RULES_PREFIX + "suppress_display_test_data.n3";
+    private static final String TEST_ENTITY = "test:alice";
+    private static final String OBJECT_ENTITY = "test:orange";
+    private static final String TEST_PROPERTY = "test:has";
+    private static final String OTHER_PROPERTY = "test:seen";
+
+    @org.junit.runners.Parameterized.Parameter(0)
+    public AccessOperation ao;
+
+    @org.junit.runners.Parameterized.Parameter(1)
+    public AccessObjectType type;
+
+    @org.junit.runners.Parameterized.Parameter(2)
+    public String roleUri;
+
+    @org.junit.runners.Parameterized.Parameter(3)
+    public int rulesCount;
+
+    @org.junit.runners.Parameterized.Parameter(4)
+    public Set<Integer> attrCount;
+
+    @Test
+    public void testLoadPolicy() {
+        load(POLICY_PATH);
+        OntModel dataModel = VitroModelFactory.createOntologyModel();
+        try {
+            dataModel.enterCriticalSection(Lock.WRITE);
+            dataModel.read(TEST_DATA);
+        } finally {
+            dataModel.leaveCriticalSection();
+        }
+        EntityPolicyController.grantAccess(TEST_PROPERTY, type, ao, roleUri, NOT_RELATED.toString(),
+                SUPPRESSION_BY_URI.toString());
+
+        String dataSetUri = loader.getDataSetUriByKey(SUPPRESSION_BY_URI.toString(), NOT_RELATED.toString(),
+                ao.toString(), type.toString(), roleUri);
+        DynamicPolicy policy = loader.loadPolicyFromTemplateDataSet(dataSetUri);
+        assertTrue(policy != null);
+        assertEquals(5000, policy.getPriority());
+        countRulesAndAttributes(policy, 1, Collections.singleton(5));
+        policyDeniesAccess(policy, dataModel);
+        policyNotAffectsOtherTypes(policy, dataModel);
+        policyNotAffectsOtherEntities(policy, dataModel);
+        policyNotAffectsOtherOperations(policy, dataModel);
+        policyNotAffectsOtherRoles(policy, dataModel);
+        policyNotAffectsRelatedIndividuals(policy, dataModel);
+    }
+
+    private void policyNotAffectsRelatedIndividuals(DynamicPolicy policy, OntModel targetModel) {
+        AccessObject object = getAccessObject(targetModel, TEST_PROPERTY);
+        SimpleAuthorizationRequest ar = new SimpleAuthorizationRequest(object, ao);
+        ar.setRoleUris(Arrays.asList(roleUri));
+        ar.setEditorUris(Arrays.asList(TEST_ENTITY));
+        assertEquals(INCONCLUSIVE, policy.decide(ar).getDecisionResult());
+    }
+
+    private void policyNotAffectsOtherRoles(DynamicPolicy policy, OntModel targetModel) {
+        AccessObject object = getAccessObject(targetModel, TEST_PROPERTY);
+        SimpleAuthorizationRequest ar = new SimpleAuthorizationRequest(object, ao);
+        ar.setRoleUris(Arrays.asList(ADMIN));
+        assertEquals(INCONCLUSIVE, policy.decide(ar).getDecisionResult());
+    }
+
+    private void policyNotAffectsOtherOperations(DynamicPolicy policy, OntModel targetModel) {
+        AccessObject object = getAccessObject(targetModel, TEST_PROPERTY);
+        SimpleAuthorizationRequest ar = new SimpleAuthorizationRequest(object, PUBLISH);
+        ar.setRoleUris(Arrays.asList(roleUri));
+        assertEquals(INCONCLUSIVE, policy.decide(ar).getDecisionResult());
+    }
+
+    private void policyNotAffectsOtherEntities(DynamicPolicy policy, OntModel targetModel) {
+        AccessObject object = getAccessObject(targetModel, OTHER_PROPERTY);
+        SimpleAuthorizationRequest ar = new SimpleAuthorizationRequest(object, ao);
+        ar.setRoleUris(Arrays.asList(roleUri));
+        assertEquals(INCONCLUSIVE, policy.decide(ar).getDecisionResult());
+    }
+
+    private void policyNotAffectsOtherTypes(DynamicPolicy policy, OntModel targetModel) {
+        AccessObject object = getWrongAccessObject(targetModel);
+        SimpleAuthorizationRequest ar = new SimpleAuthorizationRequest(object, ao);
+        ar.setRoleUris(Arrays.asList(roleUri));
+        assertEquals(INCONCLUSIVE, policy.decide(ar).getDecisionResult());
+    }
+
+    private void policyDeniesAccess(DynamicPolicy policy, OntModel targetModel) {
+        AccessObject object = getAccessObject(targetModel, TEST_PROPERTY);
+        SimpleAuthorizationRequest ar = new SimpleAuthorizationRequest(object, ao);
+        ar.setRoleUris(Arrays.asList(roleUri));
+        assertEquals(UNAUTHORIZED, policy.decide(ar).getDecisionResult());
+    }
+
+    private AccessObject getWrongAccessObject(OntModel targetModel) {
+        FauxProperty fauxProperty = new FauxProperty(TEST_ENTITY, TEST_PROPERTY, "");
+        fauxProperty.setConfigUri(TEST_PROPERTY);
+        switch (type) {
+            case OBJECT_PROPERTY:
+                return new DataPropertyStatementAccessObject(targetModel, TEST_ENTITY, TEST_PROPERTY, "test");
+            case DATA_PROPERTY:
+                return new ObjectPropertyStatementAccessObject(targetModel, TEST_ENTITY, new Property(TEST_PROPERTY),
+                        OBJECT_ENTITY);
+            case FAUX_OBJECT_PROPERTY:
+                return new FauxDataPropertyStatementAccessObject(targetModel, TEST_ENTITY, fauxProperty, "test");
+            case FAUX_DATA_PROPERTY:
+                return new FauxObjectPropertyStatementAccessObject(targetModel, TEST_ENTITY, fauxProperty,
+                        OBJECT_ENTITY);
+            default:
+                return null;
+        }
+    }
+
+    private AccessObject getAccessObject(OntModel targetModel, String property) {
+        FauxProperty fauxProperty = new FauxProperty(TEST_ENTITY, property, "");
+        fauxProperty.setConfigUri(property);
+        switch (type) {
+            case DATA_PROPERTY:
+                return new DataPropertyStatementAccessObject(targetModel, TEST_ENTITY, property, "test");
+            case OBJECT_PROPERTY:
+                return new ObjectPropertyStatementAccessObject(targetModel, TEST_ENTITY, new Property(property),
+                        OBJECT_ENTITY);
+            case FAUX_DATA_PROPERTY:
+                return new FauxDataPropertyStatementAccessObject(targetModel, TEST_ENTITY, fauxProperty, "test");
+            case FAUX_OBJECT_PROPERTY:
+                return new FauxObjectPropertyStatementAccessObject(targetModel, TEST_ENTITY, fauxProperty,
+                        OBJECT_ENTITY);
+            default:
+                return null;
+        }
+    }
+
+    @Parameterized.Parameters
+    public static Collection<Object[]> requests() {
+        return Arrays.asList(new Object[][] {
+            { DISPLAY, DATA_PROPERTY, SELF_EDITOR, 1, num(5) },
+            { DISPLAY, OBJECT_PROPERTY, SELF_EDITOR, 1, num(5) },
+            { DISPLAY, FAUX_DATA_PROPERTY, SELF_EDITOR, 1, num(5) },
+            { DISPLAY, FAUX_OBJECT_PROPERTY, SELF_EDITOR, 1, num(5) }, });
+    }
+
+    private static Set<Integer> num(int i) {
+        return Collections.singleton(i);
+    }
+}
diff --git a/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/UpdateRelatedAllowedPropertiesPolicyTemplateTest.java b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/UpdateRelatedAllowedPropertiesPolicyTemplateTest.java
index b8ac2077a4..26ea23637f 100644
--- a/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/UpdateRelatedAllowedPropertiesPolicyTemplateTest.java
+++ b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/auth/policy/UpdateRelatedAllowedPropertiesPolicyTemplateTest.java
@@ -43,8 +43,7 @@ public void testPolicy() {
         load(TEMPLATE_RELATED_UPDATE_PATH);
         EntityPolicyController.grantAccess("test:entity", type, ao, roleUri);
         DynamicPolicy policy = null;
-        String dataSet =
-                loader.getDataSetUriByKey(new String[] { }, new String[] { ao.toString(), type.toString(), roleUri });
+        String dataSet = loader.getDataSetUriByKey(ao.toString(), type.toString(), roleUri);
         policy = loader.loadPolicyFromTemplateDataSet(dataSet);
         countRulesAndAttributes(policy, rulesCount, attrCount);
         Set<String> values = loader.getDataSetValues(ao, type, roleUri);
diff --git a/api/src/test/java/edu/cornell/mannlib/vitro/webapp/controller/VitroRequestStub.java b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/controller/VitroRequestStub.java
new file mode 100644
index 0000000000..d9810f2ee6
--- /dev/null
+++ b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/controller/VitroRequestStub.java
@@ -0,0 +1,23 @@
+package edu.cornell.mannlib.vitro.webapp.controller;
+
+import javax.servlet.http.HttpServletRequest;
+
+import edu.cornell.mannlib.vitro.webapp.rdfservice.RDFService;
+
+public class VitroRequestStub extends VitroRequest {
+
+    private RDFService defaultRdfService;
+
+    public VitroRequestStub(HttpServletRequest _req) {
+        super(_req);
+    }
+
+    @Override
+    public RDFService getRDFService() {
+        return defaultRdfService;
+    }
+
+    public void setRDFService(RDFService rdfService) {
+        this.defaultRdfService = rdfService;
+    }
+}
diff --git a/api/src/test/java/edu/cornell/mannlib/vitro/webapp/utils/dataGetter/SparqlQueryDataGetterTest.java b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/utils/dataGetter/SparqlQueryDataGetterTest.java
index a02516e1d4..5b26535223 100644
--- a/api/src/test/java/edu/cornell/mannlib/vitro/webapp/utils/dataGetter/SparqlQueryDataGetterTest.java
+++ b/api/src/test/java/edu/cornell/mannlib/vitro/webapp/utils/dataGetter/SparqlQueryDataGetterTest.java
@@ -3,85 +3,176 @@
 
 import java.io.InputStream;
 import java.lang.reflect.InvocationTargetException;
-import java.util.Collections;
+import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
-import org.apache.log4j.Level;
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.Test;
-
-import stubs.javax.servlet.http.HttpServletRequestStub;
-
+import edu.cornell.mannlib.vitro.testing.AbstractTestClass;
+import edu.cornell.mannlib.vitro.webapp.controller.VitroRequestStub;
+import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
+import edu.cornell.mannlib.vitro.webapp.dao.jena.SimpleOntModelSelector;
+import edu.cornell.mannlib.vitro.webapp.dao.jena.WebappDaoFactoryJena;
+import edu.cornell.mannlib.vitro.webapp.rdfservice.adapters.VitroModelFactory;
+import edu.cornell.mannlib.vitro.webapp.rdfservice.impl.jena.model.RDFServiceModel;
 import org.apache.jena.ontology.OntModel;
 import org.apache.jena.ontology.OntModelSpec;
-import org.apache.jena.rdf.model.Model;
 import org.apache.jena.rdf.model.ModelFactory;
+import org.apache.jena.rdf.model.Resource;
 import org.apache.jena.rdf.model.ResourceFactory;
+import org.apache.jena.rdf.model.impl.PropertyImpl;
 import org.apache.jena.rdf.model.impl.RDFDefaultErrorHandler;
 import org.apache.jena.vocabulary.RDF;
+import org.apache.log4j.Level;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import stubs.javax.servlet.http.HttpServletRequestStub;
 
-import edu.cornell.mannlib.vitro.testing.AbstractTestClass;
-import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
-import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
-import edu.cornell.mannlib.vitro.webapp.dao.jena.SimpleOntModelSelector;
-import edu.cornell.mannlib.vitro.webapp.dao.jena.WebappDaoFactoryJena;
+public class SparqlQueryDataGetterTest extends AbstractTestClass {
 
-public class SparqlQueryDataGetterTest extends AbstractTestClass{
+    private static final PropertyImpl HAS_ID = new PropertyImpl("test:has-id");
+    private static final String VAR_PARAM = "param";
+    private static final String PERSON_TYPE = "http://xmlns.com/foaf/0.1/Person";
+    private static final String PREFIX = "http://vitro.mannlib.cornell.edu/ontologies/display/1.1#";
+    private static final String BOB_URI = "http://example.com/p/bob";
+    private static final Resource BOB = ResourceFactory.createResource(BOB_URI);
+    private static final String ALICE_URI = "http://example.com/p/alice";
+    private static final Resource ALICE = ResourceFactory.createResource(ALICE_URI);
 
     OntModel displayModel;
-    String testDataGetterURI_1 = "http://vitro.mannlib.cornell.edu/ontologies/display/1.1#query1data";
+    String testDataGetterURI_1 = "query1data";
     WebappDaoFactory wdf;
-    VitroRequest vreq;
+    VitroRequestStub vreq;
+    private Map<String, Object> params;
+    private OntModel dataModel;
 
     @Before
     public void setUp() {
         // Suppress error logging.
         setLoggerLevel(RDFDefaultErrorHandler.class, Level.OFF);
 
-        OntModel model = ModelFactory.createOntologyModel( OntModelSpec.OWL_MEM);
+        OntModel model = ModelFactory.createOntologyModel(OntModelSpec.OWL_MEM);
         InputStream in = SparqlQueryDataGetterTest.class.getResourceAsStream("resources/dataGetterTest.n3");
-        model.read(in,"","N3");
-        displayModel = ModelFactory.createOntologyModel(OntModelSpec.OWL_DL_MEM,model);
+        model.read(in, "", "N3");
+        displayModel = ModelFactory.createOntologyModel(OntModelSpec.OWL_DL_MEM, model);
 
-        SimpleOntModelSelector sos = new SimpleOntModelSelector( ModelFactory.createOntologyModel(OntModelSpec.OWL_DL_MEM));
+        SimpleOntModelSelector sos =
+                new SimpleOntModelSelector(ModelFactory.createOntologyModel(OntModelSpec.OWL_DL_MEM));
         sos.setDisplayModel(displayModel);
         wdf = new WebappDaoFactoryJena(sos);
+        vreq = new VitroRequestStub(new HttpServletRequestStub());
+        params = new HashMap<>();
+        dataModel = VitroModelFactory.createOntologyModel();
+    }
+
+    @Test
+    public void testBasicGetData() throws Exception {
+        SparqlQueryDataGetter sdg = getDataGetter(testDataGetterURI_1);
+        dataModel.add(BOB, RDF.type, ResourceFactory.createResource(PERSON_TYPE));
+        Map<String, Object> data = sdg.doQueryOnModel(sdg.queryText, dataModel);
+        checkData(data);
+    }
 
-        vreq = new VitroRequest(new HttpServletRequestStub());
+    @Test
+    public void testDataGetterWithUriParam() throws Exception {
+        SparqlQueryDataGetter sdg = getDataGetter("dataGetterUriParam");
+        dataModel.add(BOB, RDF.type, ResourceFactory.createResource(PERSON_TYPE));
+        dataModel.add(ALICE, RDF.type, ResourceFactory.createResource("http://xmlns.com/foaf/0.1/Agent"));
+        vreq.setRDFService(new RDFServiceModel(dataModel));
+        params.put(VAR_PARAM, PERSON_TYPE);
+        Map<String, Object> data = sdg.getData(params);
+        checkData(data);
     }
 
     @Test
-    public void testBasicGetData() throws IllegalArgumentException, SecurityException, InstantiationException, IllegalAccessException, ClassNotFoundException, InvocationTargetException, NoSuchMethodException {
-        DataGetter dg = DataGetterUtils.dataGetterForURI(vreq, displayModel, testDataGetterURI_1);
-        Assert.assertNotNull(dg);
-        Assert.assertTrue(
-                "DataGetter should be of type " + SparqlQueryDataGetter.class.getName(),
-                dg instanceof SparqlQueryDataGetter);
+    public void testDataGetterWithStringParam() throws Exception {
+        SparqlQueryDataGetter sdg = getDataGetter("dataGetterStringParam");
+        dataModel.add(BOB, HAS_ID, dataModel.createTypedLiteral("profile"));
+        dataModel.add(ALICE, HAS_ID, dataModel.createTypedLiteral("car"));
+        vreq.setRDFService(new RDFServiceModel(dataModel));
+        params.put(VAR_PARAM, "profile");
+        Map<String, Object> data = sdg.getData(params);
+        checkData(data);
+    }
 
-        SparqlQueryDataGetter sdg = (SparqlQueryDataGetter)dg;
+    @Test
+    public void testDataGetterWithIntParam() throws Exception {
+        SparqlQueryDataGetter sdg = getDataGetter("dataGetterIntParam");
+        dataModel.add(BOB, HAS_ID, dataModel.createTypedLiteral(1));
+        dataModel.add(ALICE, HAS_ID, dataModel.createTypedLiteral(2));
+        vreq.setRDFService(new RDFServiceModel(dataModel));
+        params.put(VAR_PARAM, "1");
+        Map<String, Object> data = sdg.getData(params);
+        checkData(data);
+    }
 
+    @Test
+    public void testDataGetterWithLongParam() throws Exception {
+        SparqlQueryDataGetter sdg = getDataGetter("dataGetterLongParam");
+        dataModel.add(BOB, HAS_ID, dataModel.createTypedLiteral(1L));
+        dataModel.add(ALICE, HAS_ID, dataModel.createTypedLiteral(2L));
+        vreq.setRDFService(new RDFServiceModel(dataModel));
+        params.put(VAR_PARAM, "1");
+        Map<String, Object> data = sdg.getData(params);
+        checkData(data);
+    }
 
-        Model dataModel = ModelFactory.createDefaultModel();
-        String bobURI = "http://example.com/p/bob";
-        dataModel.add(ResourceFactory.createResource(bobURI), RDF.type, ResourceFactory.createResource("http://xmlns.com/foaf/0.1/Person"));
+    @Test
+    public void testDataGetterWithFloatParam() throws Exception {
+        SparqlQueryDataGetter sdg = getDataGetter("dataGetterFloatParam");
+        Float value = 1.1f;
+        dataModel.add(BOB, HAS_ID, dataModel.createTypedLiteral(value));
+        dataModel.add(ALICE, HAS_ID, dataModel.createTypedLiteral(1.2f));
+        vreq.setRDFService(new RDFServiceModel(dataModel));
+        params.put(VAR_PARAM, value.toString());
+        Map<String, Object> data = sdg.getData(params);
+        checkData(data);
+    }
 
-        Map<String, String> params = Collections.emptyMap();
+    @Test
+    public void testDataGetterWithDoubleParam() throws Exception {
+        SparqlQueryDataGetter sdg = getDataGetter("dataGetterDoubleParam");
+        Double value = 1.1d;
+        dataModel.add(BOB, HAS_ID, dataModel.createTypedLiteral(value));
+        dataModel.add(ALICE, HAS_ID, dataModel.createTypedLiteral(1.2d));
+        vreq.setRDFService(new RDFServiceModel(dataModel));
+        params.put(VAR_PARAM, value.toString());
+        Map<String, Object> data = sdg.getData(params);
+        checkData(data);
+    }
 
-        Map<String,Object> mapOut = sdg.doQueryOnModel(sdg.queryText, dataModel);
+    @Test
+    public void testDataGetterWithBooleanParam() throws Exception {
+        SparqlQueryDataGetter sdg = getDataGetter("dataGetterBooleanParam");
+        Boolean value = true;
+        dataModel.add(BOB, HAS_ID, dataModel.createTypedLiteral(value));
+        dataModel.add(ALICE, HAS_ID, dataModel.createTypedLiteral(!value));
+        vreq.setRDFService(new RDFServiceModel(dataModel));
+        params.put(VAR_PARAM, value.toString());
+        Map<String, Object> data = sdg.getData(params);
+        checkData(data);
+    }
 
-        Assert.assertNotNull(mapOut);
-        Assert.assertTrue("should contain key people" , mapOut.containsKey("people"));
+    private SparqlQueryDataGetter getDataGetter(String dataGetterName)
+            throws InstantiationException, IllegalAccessException, ClassNotFoundException, InvocationTargetException {
+        DataGetter dg = DataGetterUtils.dataGetterForURI(vreq, displayModel, PREFIX + dataGetterName);
+        Assert.assertNotNull(dg);
+        Assert.assertTrue("DataGetter should be of type " + SparqlQueryDataGetter.class.getName(),
+                dg instanceof SparqlQueryDataGetter);
+        SparqlQueryDataGetter sdg = (SparqlQueryDataGetter) dg;
+        return sdg;
+    }
 
-        Object obj = mapOut.get("people");
+    private void checkData(Map<String, Object> data) {
+        Assert.assertNotNull(data);
+        Assert.assertTrue("should contain key people", data.containsKey("people"));
+        Object obj = data.get("people");
         Assert.assertTrue("people should be a List, it is " + obj.getClass().getName(), obj instanceof List);
-        List people = (List)obj;
-
+        @SuppressWarnings("rawtypes")
+        List people = (List) obj;
         Assert.assertEquals(1, people.size());
-
-        Map<String,String> first = (Map<String, String>) people.get(0);
-        Assert.assertEquals(bobURI, first.get("uri"));
+        @SuppressWarnings("unchecked")
+        Map<String, String> first = (Map<String, String>) people.get(0);
+        Assert.assertEquals(BOB_URI, first.get("uri"));
     }
-
 }
diff --git a/api/src/test/resources/edu/cornell/mannlib/vitro/webapp/auth/rules/hide_entities_value_set.n3 b/api/src/test/resources/edu/cornell/mannlib/vitro/webapp/auth/rules/hide_entities_value_set.n3
new file mode 100644
index 0000000000..4895f3c7a3
--- /dev/null
+++ b/api/src/test/resources/edu/cornell/mannlib/vitro/webapp/auth/rules/hide_entities_value_set.n3
@@ -0,0 +1,13 @@
+# $This file is distributed under the terms of the license in LICENSE$
+
+@prefix access: <https://vivoweb.org/ontology/vitro-application/auth/vocabulary/> .
+@prefix : <https://vivoweb.org/ontology/vitro-application/auth/individual/hide-not-related-property/> .
+
+:SelfEditorHideNotRelatedObjectPropertyValueSet access:value <http://vivoweb.org/ontology/core#hasCollaborator> .
+
+:SelfEditorHideNotRelatedFauxObjectPropertyValueSet access:value <http://vitro.mannlib.cornell.edu/ns/vitro/siteConfig/hasResearcherRoleConfig> .
+
+:SelfEditorHideNotRelatedDataPropertyValueSet access:value <http://www.w3.org/2000/01/rdf-schema#label> .
+
+:SelfEditorHideNotRelatedFauxDataPropertyValueSet access:value <http://vitro.mannlib.cornell.edu/ns/vitro/siteConfig/fp4181> .
+
diff --git a/api/src/test/resources/edu/cornell/mannlib/vitro/webapp/auth/rules/policy_values.n3 b/api/src/test/resources/edu/cornell/mannlib/vitro/webapp/auth/rules/policy_values.n3
new file mode 100644
index 0000000000..6e7dafd2dd
--- /dev/null
+++ b/api/src/test/resources/edu/cornell/mannlib/vitro/webapp/auth/rules/policy_values.n3
@@ -0,0 +1,22 @@
+# $This file is distributed under the terms of the license in LICENSE$
+
+@prefix access-individual: <https://vivoweb.org/ontology/vitro-application/auth/individual/> .
+@prefix access: <https://vivoweb.org/ontology/vitro-application/auth/vocabulary/> .
+@prefix : <https://vivoweb.org/ontology/vitro-application/auth/individual/policy-values-test/> .
+
+:Policy a access:Policy ;
+    access:priority 100 ;
+    access:hasRule :TestRule .
+
+:TestRule a access:Rule;
+    access:requiresCheck :OperationCheck ;
+    .
+
+:OperationCheck a access:Check ;
+    access:useOperator access-individual:Equals ;
+    access:hasTypeToCheck access-individual:Operation ;
+    access:values access-individual:DisplayOperationValueSet ;
+    .
+
+
+
diff --git a/api/src/test/resources/edu/cornell/mannlib/vitro/webapp/auth/rules/proximity_test_policy.n3 b/api/src/test/resources/edu/cornell/mannlib/vitro/webapp/auth/rules/proximity_test_policy.n3
index 465610f253..e5d8966c81 100644
--- a/api/src/test/resources/edu/cornell/mannlib/vitro/webapp/auth/rules/proximity_test_policy.n3
+++ b/api/src/test/resources/edu/cornell/mannlib/vitro/webapp/auth/rules/proximity_test_policy.n3
@@ -22,6 +22,6 @@ access-individual:PublicationInProximityAttribute rdf:type access:Check ;
 access-individual:PublicationProximityToPerson rdf:type access:ValueSet ;
     access:id """
     SELECT ?resourceUri WHERE {
-              ?personUri <test:has_publication> ?resourceUri .
+              ?profileUri <test:has_publication> ?resourceUri .
     }
     """ .
diff --git a/api/src/test/resources/edu/cornell/mannlib/vitro/webapp/auth/rules/suppress_display_test_data.n3 b/api/src/test/resources/edu/cornell/mannlib/vitro/webapp/auth/rules/suppress_display_test_data.n3
new file mode 100644
index 0000000000..8dbf89b88a
--- /dev/null
+++ b/api/src/test/resources/edu/cornell/mannlib/vitro/webapp/auth/rules/suppress_display_test_data.n3
@@ -0,0 +1,4 @@
+# $This file is distributed under the terms of the license in LICENSE$
+
+<test:alice> <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <test:person> .
+
diff --git a/api/src/test/resources/edu/cornell/mannlib/vitro/webapp/utils/dataGetter/resources/dataGetterTest.n3 b/api/src/test/resources/edu/cornell/mannlib/vitro/webapp/utils/dataGetter/resources/dataGetterTest.n3
index e9d84d4ccf..98930cf8a1 100644
--- a/api/src/test/resources/edu/cornell/mannlib/vitro/webapp/utils/dataGetter/resources/dataGetterTest.n3
+++ b/api/src/test/resources/edu/cornell/mannlib/vitro/webapp/utils/dataGetter/resources/dataGetterTest.n3
@@ -19,6 +19,44 @@ display:query1data
     display:query "SELECT * WHERE { ?uri a <http://xmlns.com/foaf/0.1/Person> } " ;
     display:saveToVar "people" .
 
+display:dataGetterUriParam
+    a <java:edu.cornell.mannlib.vitro.webapp.utils.dataGetter.SparqlQueryDataGetter>;
+    display:uri "param" ;
+    display:query "SELECT * WHERE { ?uri a ?param } " ;
+    display:saveToVar "people" .
+    
+display:dataGetterStringParam
+    a <java:edu.cornell.mannlib.vitro.webapp.utils.dataGetter.SparqlQueryDataGetter>;
+    display:string "param" ;
+    display:query "SELECT * WHERE { ?uri <test:has-id> ?param } " ;
+    display:saveToVar "people" .
+    
+display:dataGetterIntParam
+    a <java:edu.cornell.mannlib.vitro.webapp.utils.dataGetter.SparqlQueryDataGetter>;
+    display:int "param" ;
+    display:query "SELECT * WHERE { ?uri <test:has-id> ?param } " ;
+    display:saveToVar "people" .
+    
+display:dataGetterLongParam
+    a <java:edu.cornell.mannlib.vitro.webapp.utils.dataGetter.SparqlQueryDataGetter>;
+    display:long "param" ;
+    display:query "SELECT * WHERE { ?uri <test:has-id> ?param } " ;
+    display:saveToVar "people" .
 
+display:dataGetterFloatParam
+    a <java:edu.cornell.mannlib.vitro.webapp.utils.dataGetter.SparqlQueryDataGetter>;
+    display:float "param" ;
+    display:query "SELECT * WHERE { ?uri <test:has-id> ?param } " ;
+    display:saveToVar "people" .
+    
+display:dataGetterDoubleParam
+    a <java:edu.cornell.mannlib.vitro.webapp.utils.dataGetter.SparqlQueryDataGetter>;
+    display:double "param" ;
+    display:query "SELECT * WHERE { ?uri <test:has-id> ?param } " ;
+    display:saveToVar "people" .
 
-
+display:dataGetterBooleanParam
+    a <java:edu.cornell.mannlib.vitro.webapp.utils.dataGetter.SparqlQueryDataGetter>;
+    display:boolean "param" ;
+    display:query "SELECT * WHERE { ?uri <test:has-id> ?param } " ;
+    display:saveToVar "people" .
diff --git a/checkstyle-suppressions.xml b/checkstyle-suppressions.xml
index 9cbcfecd2f..61524db233 100644
--- a/checkstyle-suppressions.xml
+++ b/checkstyle-suppressions.xml
@@ -1237,7 +1237,6 @@
     <suppress files="src[\\/]test[\\/]java[\\/]edu[\\/]cornell[\\/]mannlib[\\/]vitro[\\/]webapp[\\/]utils[\\/]configuration[\\/]ConfigurationBeanLoader_PropertyTest\.java" checks="."/>
     <suppress files="src[\\/]test[\\/]java[\\/]edu[\\/]cornell[\\/]mannlib[\\/]vitro[\\/]webapp[\\/]utils[\\/]configuration[\\/]ConfigurationBeanLoader_ValidationTest\.java" checks="."/>
     <suppress files="src[\\/]test[\\/]java[\\/]edu[\\/]cornell[\\/]mannlib[\\/]vitro[\\/]webapp[\\/]utils[\\/]dataGetter[\\/]DataGetterUtilsTest\.java" checks="."/>
-    <suppress files="src[\\/]test[\\/]java[\\/]edu[\\/]cornell[\\/]mannlib[\\/]vitro[\\/]webapp[\\/]utils[\\/]dataGetter[\\/]SparqlQueryDataGetterTest\.java" checks="."/>
     <suppress files="src[\\/]test[\\/]java[\\/]edu[\\/]cornell[\\/]mannlib[\\/]vitro[\\/]webapp[\\/]utils[\\/]http[\\/]ContentTypeUtilTest\.java" checks="."/>
     <suppress files="src[\\/]test[\\/]java[\\/]edu[\\/]cornell[\\/]mannlib[\\/]vitro[\\/]webapp[\\/]utils[\\/]ingest[\\/]JenaIngestUtilsTest\.java" checks="."/>
     <suppress files="src[\\/]test[\\/]java[\\/]edu[\\/]cornell[\\/]mannlib[\\/]vitro[\\/]webapp[\\/]utils[\\/]jena[\\/]JenaIngestUtilsTest\.java" checks="."/>
@@ -1295,4 +1294,4 @@
     <suppress files="src[\\/]test[\\/]java[\\/]stubs[\\/]javax[\\/]servlet[\\/]http[\\/]HttpSessionStub\.java" checks="."/>
     <suppress files="src[\\/]test[\\/]java[\\/]stubs[\\/]org[\\/]apache[\\/]jena[\\/]rdf[\\/]model[\\/]LiteralStub\.java" checks="."/>
     <suppress files="src[\\/]test[\\/]java[\\/]stubs[\\/]org[\\/]apache[\\/]jena[\\/]rdf[\\/]model[\\/]ModelMaker[\\/]ModelMakerStub\.java" checks="."/>
-</suppressions>
\ No newline at end of file
+</suppressions>
diff --git a/home/src/main/resources/rdf/accessControl/firsttime/named_key_components.n3 b/home/src/main/resources/rdf/accessControl/firsttime/named_key_components.n3
new file mode 100644
index 0000000000..a59f6b0f1a
--- /dev/null
+++ b/home/src/main/resources/rdf/accessControl/firsttime/named_key_components.n3
@@ -0,0 +1,13 @@
+# $This file is distributed under the terms of the license in LICENSE$
+
+@prefix access-individual: <https://vivoweb.org/ontology/vitro-application/auth/individual/> .
+@prefix access: <https://vivoweb.org/ontology/vitro-application/auth/vocabulary/> .
+
+access-individual:SuppressionByUri a access:NamedKeyComponent ;
+    access:id "SUPPRESSION_BY_URI" .
+
+access-individual:SuppressionByType a access:NamedKeyComponent ;
+    access:id "SUPPRESSION_BY_TYPE" .
+
+access-individual:NotRelated a access:NamedKeyComponent ;
+    access:id "NOT_RELATED" .
diff --git a/home/src/main/resources/rdf/accessControl/firsttime/object_types.n3 b/home/src/main/resources/rdf/accessControl/firsttime/object_types.n3
index 1e7a953583..3e103594fe 100644
--- a/home/src/main/resources/rdf/accessControl/firsttime/object_types.n3
+++ b/home/src/main/resources/rdf/accessControl/firsttime/object_types.n3
@@ -33,6 +33,9 @@ access-individual:Class a access:ObjectType ;
 access-individual:NamedObject a access:ObjectType ;
     access:id "NAMED_OBJECT" .
 
+access-individual:IndividualAccessObject a access:ObjectType ;
+    access:id "INDIVIDUAL" .
+
 #Object type value containers
 
 access-individual:ObjectPropertyValueSet a access:ValueSet ;
@@ -61,3 +64,6 @@ access-individual:FauxDataPropertyStatementValueSet a access:ValueSet ;
 
 access-individual:ClassValueSet a access:ValueSet ;
     access:value access-individual:Class .
+
+access-individual:IndividualValueSet a access:ValueSet ;
+    access:value access-individual:IndividualAccessObject .
diff --git a/home/src/main/resources/rdf/accessControl/firsttime/policy_allow_display_individual_page.n3 b/home/src/main/resources/rdf/accessControl/firsttime/policy_allow_display_individual_page.n3
new file mode 100644
index 0000000000..5041be2849
--- /dev/null
+++ b/home/src/main/resources/rdf/accessControl/firsttime/policy_allow_display_individual_page.n3
@@ -0,0 +1,27 @@
+# $This file is distributed under the terms of the license in LICENSE$
+
+@prefix access-individual: <https://vivoweb.org/ontology/vitro-application/auth/individual/> .
+@prefix access: <https://vivoweb.org/ontology/vitro-application/auth/vocabulary/> .
+@prefix : <https://vivoweb.org/ontology/vitro-application/auth/individual/allow-display-individual-page/> .
+
+:Policy a access:Policy ;
+    access:priority 1000 ;
+    access:hasRule :AllowDisplayIndividualPages .
+
+:AllowDisplayIndividualPages a access:Rule;
+    access:requiresCheck :OperationCheck ;
+    access:requiresCheck :AccessObjectTypeCheck ;
+    .
+
+:OperationCheck a access:Check ;
+    access:useOperator access-individual:Equals ;
+    access:hasTypeToCheck access-individual:Operation ;
+    access:values access-individual:DisplayOperationValueSet ;
+    .
+
+:AccessObjectTypeCheck a access:Check ;
+    access:useOperator access-individual:Equals ;
+    access:hasTypeToCheck access-individual:AccessObjectType ;
+    access:value access-individual:IndividualAccessObject ;
+    .
+
diff --git a/home/src/main/resources/rdf/accessControl/firsttime/profile_proximity_query.n3 b/home/src/main/resources/rdf/accessControl/firsttime/profile_proximity_query.n3
index f1e67b43e7..68bf924349 100644
--- a/home/src/main/resources/rdf/accessControl/firsttime/profile_proximity_query.n3
+++ b/home/src/main/resources/rdf/accessControl/firsttime/profile_proximity_query.n3
@@ -6,7 +6,7 @@
 access-individual:PersonProfileProximityToResourceUri a access:SparqlSelectValuesQuery ;
     access:id """
     SELECT ?resourceUri WHERE {
-          BIND ( ?personUri as ?resourceUri)
+          BIND ( ?profileUri as ?resourceUri)
     }
     """ .
 
diff --git a/home/src/main/resources/rdf/accessControl/firsttime/template_suppress_display_individual_page_by_type.n3 b/home/src/main/resources/rdf/accessControl/firsttime/template_suppress_display_individual_page_by_type.n3
new file mode 100644
index 0000000000..0a90b4ffc6
--- /dev/null
+++ b/home/src/main/resources/rdf/accessControl/firsttime/template_suppress_display_individual_page_by_type.n3
@@ -0,0 +1,188 @@
+# $This file is distributed under the terms of the license in LICENSE$
+
+@prefix auth: <http://vitro.mannlib.cornell.edu/ns/vitro/authorization#> .
+@prefix access-individual: <https://vivoweb.org/ontology/vitro-application/auth/individual/> .
+@prefix access: <https://vivoweb.org/ontology/vitro-application/auth/vocabulary/> .
+@prefix : <https://vivoweb.org/ontology/vitro-application/auth/individual/suppress-display-individual-page-by-type/> .
+
+:PolicyTemplate a access:PolicyTemplate ;
+    access:priority 1500 ;
+    access:hasRule :SuppressMatchingUri ;
+    access:hasDataSet :PublicDisplaySuppressionDataSet ;
+    access:hasDataSet :SelfEditorDisplaySuppressionDataSet ;
+    access:hasDataSet :EditorDisplaySuppressionDataSet ;
+    access:hasDataSet :CuratorDisplaySuppressionDataSet ;
+    access:hasDataSet :AdminDisplaySuppressionDataSet ;
+    access:hasDataSetTemplate :RoleDisplaySuppressionDataSetTemplate ;
+    .
+
+#Role Display data set template
+
+:RoleDisplaySuppressionDataSetTemplate a access:DataSetTemplate ;
+    access:hasDataSetTemplateKey :RoleDisplaySuppressionDataSetTemplateKey ;
+    access:hasDataSetKeyTemplate :RoleDisplaySuppressionDataSetKeyTemplate ;
+    access:hasRelatedValueSet access-individual:IndividualValueSet ;
+    access:hasRelatedValueSet access-individual:DisplayOperationValueSet ;
+    access:dataSetValueTemplate :RoleDisplayRoleValueSetTemplate ;
+    access:dataSetValueTemplate :RoleDisplayValueSetTemplate .  
+
+:RoleDisplaySuppressionDataSetTemplateKey a access:DataSetTemplateKey ;
+    access:hasTemplateKeyComponent access-individual:SubjectRole .
+
+:RoleDisplaySuppressionDataSetKeyTemplate a access:DataSetKeyTemplate ;
+    access:hasKeyComponent access-individual:IndividualAccessObject ;
+    access:hasKeyComponent access-individual:DisplayOperation ;
+    access:hasKeyComponent access-individual:SuppressionByType ;
+    access:hasKeyComponentTemplate access-individual:SubjectRole .
+
+:RoleDisplayRoleValueSetTemplate a access:ValueSetTemplate ;
+    access:relatedCheck :SubjectRoleCheck;
+    access:containsElementsOfType access-individual:SubjectRole .
+
+:RoleDisplayValueSetTemplate a access:ValueSetTemplate ;
+    access:relatedCheck :AccessObjectClassCheck ;
+#    access:value access-individual:defaultUri ;
+    access:containsElementsOfType access-individual:IndividualAccessObject .
+
+### Public display uri data sets
+
+:PublicDisplaySuppressionDataSet a access:DataSet ;
+    access:hasDataSetKey :PublicDisplaySuppressionDataSetKey ;
+    access:hasRelatedValueSet access-individual:PublicRoleValueSet ;
+    access:hasRelatedValueSet access-individual:IndividualValueSet ;
+    access:hasRelatedValueSet access-individual:DisplayOperationValueSet ;
+    access:hasRelatedValueSet :PublicDisplayValueSet .
+
+:PublicDisplaySuppressionDataSetKey a access:DataSetKey ;
+    access:hasKeyComponent access-individual:IndividualAccessObject ;
+    access:hasKeyComponent access-individual:PublicRoleUri ;
+    access:hasKeyComponent access-individual:SuppressionByType ;
+    access:hasKeyComponent access-individual:DisplayOperation .
+
+### SelfEditor display uri data sets
+
+:SelfEditorDisplaySuppressionDataSet a access:DataSet ;
+    access:hasDataSetKey :SelfEditorDisplaySuppressionDataSetKey ;
+    access:hasRelatedValueSet access-individual:SelfEditorRoleValueSet ;
+    access:hasRelatedValueSet access-individual:IndividualValueSet ;
+    access:hasRelatedValueSet access-individual:DisplayOperationValueSet ;
+    access:hasRelatedValueSet :SelfEditorDisplayValueSet .
+
+:SelfEditorDisplaySuppressionDataSetKey a access:DataSetKey ;
+    access:hasKeyComponent access-individual:IndividualAccessObject ;
+    access:hasKeyComponent access-individual:SelfEditorRoleUri ;
+    access:hasKeyComponent access-individual:SuppressionByType ;
+    access:hasKeyComponent access-individual:DisplayOperation .
+
+### Editor display uri data sets
+
+:EditorDisplaySuppressionDataSet a access:DataSet ;
+    access:hasDataSetKey :EditorDisplaySuppressionDataSetKey ;
+    access:hasRelatedValueSet access-individual:EditorRoleValueSet ;
+    access:hasRelatedValueSet access-individual:IndividualValueSet ;
+    access:hasRelatedValueSet access-individual:DisplayOperationValueSet ;
+    access:hasRelatedValueSet :EditorDisplayValueSet .
+
+:EditorDisplaySuppressionDataSetKey a access:DataSetKey ;
+    access:hasKeyComponent access-individual:IndividualAccessObject ;
+    access:hasKeyComponent access-individual:EditorRoleUri ;
+    access:hasKeyComponent access-individual:SuppressionByType ;
+    access:hasKeyComponent access-individual:DisplayOperation .
+
+### Curator display uri data sets
+
+:CuratorDisplaySuppressionDataSet a access:DataSet ;
+    access:hasDataSetKey :CuratorDisplaySuppressionDataSetKey ;
+    access:hasRelatedValueSet access-individual:CuratorRoleValueSet ;
+    access:hasRelatedValueSet access-individual:IndividualValueSet ;
+    access:hasRelatedValueSet access-individual:DisplayOperationValueSet ;
+    access:hasRelatedValueSet :CuratorDisplayValueSet .
+
+:CuratorDisplaySuppressionDataSetKey a access:DataSetKey ;
+    access:hasKeyComponent access-individual:IndividualAccessObject ;
+    access:hasKeyComponent access-individual:CuratorRoleUri ;
+    access:hasKeyComponent access-individual:SuppressionByType ;
+    access:hasKeyComponent access-individual:DisplayOperation .
+
+### Admin display uri data sets
+
+:AdminDisplaySuppressionDataSet a access:DataSet ;
+    access:hasDataSetKey :AdminDisplaySuppressionDataSetKey ;
+    access:hasRelatedValueSet access-individual:AdminRoleValueSet ;
+    access:hasRelatedValueSet access-individual:IndividualValueSet ;
+    access:hasRelatedValueSet access-individual:DisplayOperationValueSet ;
+    access:hasRelatedValueSet :AdminDisplayValueSet .
+
+:AdminDisplaySuppressionDataSetKey a access:DataSetKey ;
+    access:hasKeyComponent access-individual:IndividualAccessObject ;
+    access:hasKeyComponent access-individual:AdminRoleUri ;
+    access:hasKeyComponent access-individual:SuppressionByType ;
+    access:hasKeyComponent access-individual:DisplayOperation .
+
+### Rule
+
+:SuppressMatchingUri a access:Rule;
+    access:hasDecision access-individual:Deny ;
+    access:requiresCheck :SubjectRoleCheck ;
+    access:requiresCheck :OperationCheck ;
+    access:requiresCheck :AccessObjectTypeCheck ;
+    access:requiresCheck :AccessObjectClassCheck .
+
+### Checks
+
+:AccessObjectTypeCheck a access:Check ;
+    access:useOperator access-individual:Equals ;
+    access:hasTypeToCheck access-individual:AccessObjectType ;
+    access:values access-individual:IndividualValueSet ;
+    .
+
+:OperationCheck a access:Check ;
+    access:useOperator access-individual:Equals ;
+    access:hasTypeToCheck access-individual:Operation ;
+    access:values access-individual:DisplayOperationValueSet ;
+    .
+
+:SubjectRoleCheck a access:Check ;
+    access:useOperator access-individual:Equals ;
+    access:hasTypeToCheck access-individual:SubjectRole ;
+    access:values access-individual:PublicRoleValueSet ;
+    access:values access-individual:SelfEditorRoleValueSet ;
+    access:values access-individual:EditorRoleValueSet ;
+    access:values access-individual:CuratorRoleValueSet ;
+    access:values access-individual:AdminRoleValueSet .
+
+:AccessObjectClassCheck a access:Check ;
+    access:useOperator access-individual:SparqlSelectQueryResultsContain ;
+    access:useConfiguration :IndividualTypeQuery ;
+    access:hasTypeToCheck access-individual:AccessObjectUri ;
+    access:values :AdminDisplayValueSet ;
+    access:values :CuratorDisplayValueSet ;
+    access:values :EditorDisplayValueSet ;
+    access:values :PublicDisplayValueSet ;
+    access:values :SelfEditorDisplayValueSet ;
+    .
+
+:IndividualTypeQuery a access:SparqlSelectValuesQuery ;
+    access:id """
+		SELECT ?type WHERE {
+		    ?objectUri <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> ?type .
+		}
+    """ .
+
+###Value sets
+
+:AdminDisplayValueSet a access:ValueSet ;
+    access:containsElementsOfType access-individual:IndividualAccessObject .
+
+:CuratorDisplayValueSet a access:ValueSet ;
+    access:containsElementsOfType access-individual:IndividualAccessObject .
+
+:EditorDisplayValueSet a access:ValueSet ;
+    access:containsElementsOfType access-individual:IndividualAccessObject .
+
+:SelfEditorDisplayValueSet a access:ValueSet ;
+    access:containsElementsOfType access-individual:IndividualAccessObject .
+
+:PublicDisplayValueSet a access:ValueSet ;
+    access:containsElementsOfType access-individual:IndividualAccessObject .
+
diff --git a/home/src/main/resources/rdf/accessControl/firsttime/template_suppress_display_individual_page_by_uri.n3 b/home/src/main/resources/rdf/accessControl/firsttime/template_suppress_display_individual_page_by_uri.n3
new file mode 100644
index 0000000000..3ebca99dcb
--- /dev/null
+++ b/home/src/main/resources/rdf/accessControl/firsttime/template_suppress_display_individual_page_by_uri.n3
@@ -0,0 +1,180 @@
+# $This file is distributed under the terms of the license in LICENSE$
+
+@prefix auth: <http://vitro.mannlib.cornell.edu/ns/vitro/authorization#> .
+@prefix access-individual: <https://vivoweb.org/ontology/vitro-application/auth/individual/> .
+@prefix access: <https://vivoweb.org/ontology/vitro-application/auth/vocabulary/> .
+@prefix : <https://vivoweb.org/ontology/vitro-application/auth/individual/suppress-display-individual-page-by-uri/> .
+
+:PolicyTemplate a access:PolicyTemplate ;
+    access:priority 2000 ;
+    access:hasRule :SuppressMatchingUri ;
+    access:hasDataSet :PublicDisplaySuppressionDataSet ;
+    access:hasDataSet :SelfEditorDisplaySuppressionDataSet ;
+    access:hasDataSet :EditorDisplaySuppressionDataSet ;
+    access:hasDataSet :CuratorDisplaySuppressionDataSet ;
+    access:hasDataSet :AdminDisplaySuppressionDataSet ;
+    access:hasDataSetTemplate :RoleDisplaySuppressionDataSetTemplate ;
+    .
+
+#Role Display data set template
+
+:RoleDisplaySuppressionDataSetTemplate a access:DataSetTemplate ;
+    access:hasDataSetTemplateKey :RoleDisplaySuppressionDataSetTemplateKey ;
+    access:hasDataSetKeyTemplate :RoleDisplaySuppressionDataSetKeyTemplate ;
+    access:hasRelatedValueSet access-individual:IndividualValueSet ;
+    access:hasRelatedValueSet access-individual:DisplayOperationValueSet ;
+    access:dataSetValueTemplate :RoleDisplayRoleValueSetTemplate ;
+    access:dataSetValueTemplate :RoleDisplayValueSetTemplate .  
+
+:RoleDisplaySuppressionDataSetTemplateKey a access:DataSetTemplateKey ;
+    access:hasTemplateKeyComponent access-individual:SubjectRole .
+
+:RoleDisplaySuppressionDataSetKeyTemplate a access:DataSetKeyTemplate ;
+    access:hasKeyComponent access-individual:IndividualAccessObject ;
+    access:hasKeyComponent access-individual:DisplayOperation ;
+    access:hasKeyComponent access-individual:SuppressionByUri ;
+    access:hasKeyComponentTemplate access-individual:SubjectRole .
+
+:RoleDisplayRoleValueSetTemplate a access:ValueSetTemplate ;
+    access:relatedCheck :SubjectRoleCheck;
+    access:containsElementsOfType access-individual:SubjectRole .
+
+:RoleDisplayValueSetTemplate a access:ValueSetTemplate ;
+    access:relatedCheck :AccessObjectUriCheck ;
+#    access:value access-individual:defaultUri ;
+    access:containsElementsOfType access-individual:IndividualAccessObject .
+
+### Public display uri data sets
+
+:PublicDisplaySuppressionDataSet a access:DataSet ;
+    access:hasDataSetKey :PublicDisplaySuppressionDataSetKey ;
+    access:hasRelatedValueSet access-individual:PublicRoleValueSet ;
+    access:hasRelatedValueSet access-individual:IndividualValueSet ;
+    access:hasRelatedValueSet access-individual:DisplayOperationValueSet ;
+    access:hasRelatedValueSet :PublicDisplayValueSet .
+
+:PublicDisplaySuppressionDataSetKey a access:DataSetKey ;
+    access:hasKeyComponent access-individual:IndividualAccessObject ;
+    access:hasKeyComponent access-individual:PublicRoleUri ;
+    access:hasKeyComponent access-individual:SuppressionByUri ;
+    access:hasKeyComponent access-individual:DisplayOperation .
+
+### SelfEditor display uri data sets
+
+:SelfEditorDisplaySuppressionDataSet a access:DataSet ;
+    access:hasDataSetKey :SelfEditorDisplaySuppressionDataSetKey ;
+    access:hasRelatedValueSet access-individual:SelfEditorRoleValueSet ;
+    access:hasRelatedValueSet access-individual:IndividualValueSet ;
+    access:hasRelatedValueSet access-individual:DisplayOperationValueSet ;
+    access:hasRelatedValueSet :SelfEditorDisplayValueSet .
+
+:SelfEditorDisplaySuppressionDataSetKey a access:DataSetKey ;
+    access:hasKeyComponent access-individual:IndividualAccessObject ;
+    access:hasKeyComponent access-individual:SelfEditorRoleUri ;
+    access:hasKeyComponent access-individual:SuppressionByUri ;
+    access:hasKeyComponent access-individual:DisplayOperation .
+
+### Editor display uri data sets
+
+:EditorDisplaySuppressionDataSet a access:DataSet ;
+    access:hasDataSetKey :EditorDisplaySuppressionDataSetKey ;
+    access:hasRelatedValueSet access-individual:EditorRoleValueSet ;
+    access:hasRelatedValueSet access-individual:IndividualValueSet ;
+    access:hasRelatedValueSet access-individual:DisplayOperationValueSet ;
+    access:hasRelatedValueSet :EditorDisplayValueSet .
+
+:EditorDisplaySuppressionDataSetKey a access:DataSetKey ;
+    access:hasKeyComponent access-individual:IndividualAccessObject ;
+    access:hasKeyComponent access-individual:EditorRoleUri ;
+    access:hasKeyComponent access-individual:SuppressionByUri ;
+    access:hasKeyComponent access-individual:DisplayOperation .
+
+### Curator display uri data sets
+
+:CuratorDisplaySuppressionDataSet a access:DataSet ;
+    access:hasDataSetKey :CuratorDisplaySuppressionDataSetKey ;
+    access:hasRelatedValueSet access-individual:CuratorRoleValueSet ;
+    access:hasRelatedValueSet access-individual:IndividualValueSet ;
+    access:hasRelatedValueSet access-individual:DisplayOperationValueSet ;
+    access:hasRelatedValueSet :CuratorDisplayValueSet .
+
+:CuratorDisplaySuppressionDataSetKey a access:DataSetKey ;
+    access:hasKeyComponent access-individual:IndividualAccessObject ;
+    access:hasKeyComponent access-individual:CuratorRoleUri ;
+    access:hasKeyComponent access-individual:SuppressionByUri ;
+    access:hasKeyComponent access-individual:DisplayOperation .
+
+### Admin display uri data sets
+
+:AdminDisplaySuppressionDataSet a access:DataSet ;
+    access:hasDataSetKey :AdminDisplaySuppressionDataSetKey ;
+    access:hasRelatedValueSet access-individual:AdminRoleValueSet ;
+    access:hasRelatedValueSet access-individual:IndividualValueSet ;
+    access:hasRelatedValueSet access-individual:DisplayOperationValueSet ;
+    access:hasRelatedValueSet :AdminDisplayValueSet .
+
+:AdminDisplaySuppressionDataSetKey a access:DataSetKey ;
+    access:hasKeyComponent access-individual:IndividualAccessObject ;
+    access:hasKeyComponent access-individual:AdminRoleUri ;
+    access:hasKeyComponent access-individual:SuppressionByUri ;
+    access:hasKeyComponent access-individual:DisplayOperation .
+
+### Rule
+
+:SuppressMatchingUri a access:Rule;
+    access:hasDecision access-individual:Deny ;
+    access:requiresCheck :SubjectRoleCheck ;
+    access:requiresCheck :OperationCheck ;
+    access:requiresCheck :AccessObjectTypeCheck ;
+    access:requiresCheck :AccessObjectUriCheck .
+
+### Checks
+
+:AccessObjectTypeCheck a access:Check ;
+    access:useOperator access-individual:Equals ;
+    access:hasTypeToCheck access-individual:AccessObjectType ;
+    access:values access-individual:IndividualValueSet ;
+    .
+
+:OperationCheck a access:Check ;
+    access:useOperator access-individual:Equals ;
+    access:hasTypeToCheck access-individual:Operation ;
+    access:values access-individual:DisplayOperationValueSet ;
+    .
+
+:SubjectRoleCheck a access:Check ;
+    access:useOperator access-individual:Equals ;
+    access:hasTypeToCheck access-individual:SubjectRole ;
+    access:values access-individual:PublicRoleValueSet ;
+    access:values access-individual:SelfEditorRoleValueSet ;
+    access:values access-individual:EditorRoleValueSet ;
+    access:values access-individual:CuratorRoleValueSet ;
+    access:values access-individual:AdminRoleValueSet .
+
+:AccessObjectUriCheck a access:Check ;
+    access:useOperator access-individual:OneOf ;
+    access:hasTypeToCheck access-individual:AccessObjectUri ;
+    access:values :AdminDisplayValueSet ;
+    access:values :CuratorDisplayValueSet ;
+    access:values :EditorDisplayValueSet ;
+    access:values :PublicDisplayValueSet ;
+    access:values :SelfEditorDisplayValueSet ;
+    .
+
+###Value sets
+
+:AdminDisplayValueSet a access:ValueSet ;
+    access:containsElementsOfType access-individual:IndividualAccessObject .
+
+:CuratorDisplayValueSet a access:ValueSet ;
+    access:containsElementsOfType access-individual:IndividualAccessObject .
+
+:EditorDisplayValueSet a access:ValueSet ;
+    access:containsElementsOfType access-individual:IndividualAccessObject .
+
+:SelfEditorDisplayValueSet a access:ValueSet ;
+    access:containsElementsOfType access-individual:IndividualAccessObject .
+
+:PublicDisplayValueSet a access:ValueSet ;
+    access:containsElementsOfType access-individual:IndividualAccessObject .
+
diff --git a/home/src/main/resources/rdf/accessControl/firsttime/template_suppress_display_not_related_individual_page_by_type.n3 b/home/src/main/resources/rdf/accessControl/firsttime/template_suppress_display_not_related_individual_page_by_type.n3
new file mode 100644
index 0000000000..9b9e491940
--- /dev/null
+++ b/home/src/main/resources/rdf/accessControl/firsttime/template_suppress_display_not_related_individual_page_by_type.n3
@@ -0,0 +1,84 @@
+# $This file is distributed under the terms of the license in LICENSE$
+
+@prefix auth: <http://vitro.mannlib.cornell.edu/ns/vitro/authorization#> .
+@prefix access-individual: <https://vivoweb.org/ontology/vitro-application/auth/individual/> .
+@prefix access: <https://vivoweb.org/ontology/vitro-application/auth/vocabulary/> .
+@prefix : <https://vivoweb.org/ontology/vitro-application/auth/individual/suppress-display-not-related-individual-page-by-type-/> .
+
+:PolicyTemplate a access:PolicyTemplate ;
+    access:priority 1500 ;
+    access:hasRule :SuppressMatchingUri ;
+    access:hasDataSet :SelfEditorDisplaySuppressionDataSet ;
+    .
+
+### SelfEditor display uri data sets
+
+:SelfEditorDisplaySuppressionDataSet a access:DataSet ;
+    access:hasDataSetKey :SelfEditorDisplaySuppressionDataSetKey ;
+    access:hasRelatedValueSet access-individual:SelfEditorRoleValueSet ;
+    access:hasRelatedValueSet access-individual:IndividualValueSet ;
+    access:hasRelatedValueSet access-individual:DisplayOperationValueSet ;
+    access:hasRelatedValueSet :SelfEditorDisplayValueSet .
+
+:SelfEditorDisplaySuppressionDataSetKey a access:DataSetKey ;
+    access:hasKeyComponent access-individual:IndividualAccessObject ;
+    access:hasKeyComponent access-individual:SelfEditorRoleUri ;
+    access:hasKeyComponent access-individual:SuppressionByType ;
+    access:hasKeyComponent access-individual:NotRelated ;
+    access:hasKeyComponent access-individual:DisplayOperation .
+
+### Rule
+
+:SuppressMatchingUri a access:Rule;
+    access:hasDecision access-individual:Deny ;
+    access:requiresCheck :SubjectRoleCheck ;
+    access:requiresCheck :OperationCheck ;
+    access:requiresCheck :AccessObjectTypeCheck ;
+    access:requiresCheck :RelationCheck ;
+    access:requiresCheck :AccessObjectClassCheck .
+
+### Checks
+
+:AccessObjectTypeCheck a access:Check ;
+    access:useOperator access-individual:Equals ;
+    access:hasTypeToCheck access-individual:AccessObjectType ;
+    access:values access-individual:IndividualValueSet ;
+    .
+
+:OperationCheck a access:Check ;
+    access:useOperator access-individual:Equals ;
+    access:hasTypeToCheck access-individual:Operation ;
+    access:values access-individual:DisplayOperationValueSet ;
+    .
+
+:SubjectRoleCheck a access:Check ;
+    access:useOperator access-individual:Equals ;
+    access:hasTypeToCheck access-individual:SubjectRole ;
+    access:values access-individual:SelfEditorRoleValueSet .
+
+:AccessObjectClassCheck a access:Check ;
+    access:useOperator access-individual:SparqlSelectQueryResultsContain ;
+    access:useConfiguration :IndividualTypeQuery ;
+    access:hasTypeToCheck access-individual:AccessObjectUri ;
+    access:values :SelfEditorDisplayValueSet ;
+    .
+
+:RelationCheck a access:Check ;
+    access:useOperator access-individual:SparqlSelectQueryResultsNotContain ;
+    access:hasTypeToCheck access-individual:AccessObjectUri ;
+    access:value access-individual:PersonProfileProximityToResourceUri
+    .
+
+
+:IndividualTypeQuery a access:SparqlSelectValuesQuery ;
+    access:id """
+		SELECT ?type WHERE {
+		    ?objectUri <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> ?type .
+		}
+    """ .
+
+###Value sets
+
+:SelfEditorDisplayValueSet a access:ValueSet ;
+    access:containsElementsOfType access-individual:IndividualAccessObject .
+
diff --git a/home/src/main/resources/rdf/accessControl/firsttime/template_suppress_display_not_related_property_by_uri.n3 b/home/src/main/resources/rdf/accessControl/firsttime/template_suppress_display_not_related_property_by_uri.n3
new file mode 100644
index 0000000000..8dfe664bce
--- /dev/null
+++ b/home/src/main/resources/rdf/accessControl/firsttime/template_suppress_display_not_related_property_by_uri.n3
@@ -0,0 +1,164 @@
+# $This file is distributed under the terms of the license in LICENSE$
+
+@prefix access-individual: <https://vivoweb.org/ontology/vitro-application/auth/individual/> .
+@prefix access: <https://vivoweb.org/ontology/vitro-application/auth/vocabulary/> .
+@prefix : <https://vivoweb.org/ontology/vitro-application/auth/individual/suppress-display-not-related-property/> .
+
+:PolicyTemplate a access:PolicyTemplate ;
+    access:priority 5000 ;
+    access:hasRule :SuppressDisplayPropertyStatementWithBlacklistedProperty ;
+    access:hasDataSet :SelfEditorObjectPropertyDataSet ;
+    access:hasDataSet :SelfEditorDataPropertyDataSet ;
+    access:hasDataSet :SelfEditorFauxObjectPropertyDataSet ;
+    access:hasDataSet :SelfEditorFauxDataPropertyDataSet ;
+    .
+
+### Suppress Display not related object property data sets
+
+#Object properties
+
+:SelfEditorObjectPropertyDataSet a access:DataSet ;
+    access:hasDataSetKey :SelfEditorObjectPropertyDataSetKey ;
+    access:hasRelatedValueSet access-individual:SelfEditorRoleValueSet ;
+    access:hasRelatedValueSet access-individual:ObjectPropertyStatementValueSet ;
+    access:hasRelatedValueSet access-individual:DisplayOperationValueSet ;
+    access:hasRelatedValueSet :SelfEditorObjectPropertyValueSet ;
+    .
+
+:SelfEditorObjectPropertyDataSetKey a access:DataSetKey ;
+    access:hasKeyComponent access-individual:ObjectProperty ;
+    access:hasKeyComponent access-individual:SelfEditorRoleUri ;
+    access:hasKeyComponent access-individual:DisplayOperation ;
+    access:hasKeyComponent access-individual:NotRelated ;
+    access:hasKeyComponent access-individual:SuppressionByUri ;
+    .
+
+#Data properties
+
+:SelfEditorDataPropertyDataSet a access:DataSet ;
+    access:hasDataSetKey :SelfEditorDataPropertyDataSetKey ;
+    access:hasRelatedValueSet access-individual:SelfEditorRoleValueSet ;
+    access:hasRelatedValueSet access-individual:DataPropertyStatementValueSet ;
+    access:hasRelatedValueSet access-individual:DisplayOperationValueSet ;
+    access:hasRelatedValueSet :SelfEditorDataPropertyValueSet ;
+    .
+
+:SelfEditorDataPropertyDataSetKey a access:DataSetKey ;
+    access:hasKeyComponent access-individual:DataProperty ;
+    access:hasKeyComponent access-individual:SelfEditorRoleUri ;
+    access:hasKeyComponent access-individual:DisplayOperation ;
+    access:hasKeyComponent access-individual:NotRelated ;
+    access:hasKeyComponent access-individual:SuppressionByUri ;
+    .
+
+#Faux object properties
+
+:SelfEditorFauxObjectPropertyDataSet a access:DataSet ;
+    access:hasDataSetKey :SelfEditorFauxObjectPropertyDataSetKey ;
+    access:hasRelatedValueSet access-individual:SelfEditorRoleValueSet ;
+    access:hasRelatedValueSet access-individual:FauxObjectPropertyStatementValueSet ;
+    access:hasRelatedValueSet access-individual:DisplayOperationValueSet ;
+    access:hasRelatedValueSet :SelfEditorFauxObjectPropertyValueSet ;
+    .
+
+:SelfEditorFauxObjectPropertyDataSetKey a access:DataSetKey ;
+    access:hasKeyComponent access-individual:FauxObjectProperty ;
+    access:hasKeyComponent access-individual:SelfEditorRoleUri ;
+    access:hasKeyComponent access-individual:DisplayOperation ;
+    access:hasKeyComponent access-individual:NotRelated ;
+    access:hasKeyComponent access-individual:SuppressionByUri ;
+    .
+
+#Faux data properties
+
+:SelfEditorFauxDataPropertyDataSet a access:DataSet ;
+    access:hasDataSetKey :SelfEditorFauxDataPropertyDataSetKey ;
+    access:hasRelatedValueSet access-individual:SelfEditorRoleValueSet ;
+    access:hasRelatedValueSet access-individual:FauxDataPropertyStatementValueSet ;
+    access:hasRelatedValueSet access-individual:DisplayOperationValueSet ;
+    access:hasRelatedValueSet :SelfEditorFauxDataPropertyValueSet ;
+    .
+
+:SelfEditorFauxDataPropertyDataSetKey a access:DataSetKey ;
+    access:hasKeyComponent access-individual:FauxDataProperty ;
+    access:hasKeyComponent access-individual:SelfEditorRoleUri ;
+    access:hasKeyComponent access-individual:DisplayOperation ;
+    access:hasKeyComponent access-individual:NotRelated ;
+    access:hasKeyComponent access-individual:SuppressionByUri ;
+    .
+
+#Rule
+
+:SuppressDisplayPropertyStatementWithBlacklistedProperty a access:Rule;
+    access:hasDecision access-individual:Deny ;
+    access:requiresCheck :SubjectRoleCheck ;
+    access:requiresCheck :OperationCheck ;
+    access:requiresCheck :AccessObjectStatementTypeCheck ;
+    access:requiresCheck :StatementPredicateCheck ;
+    access:requiresCheck :RelationCheck ;
+    .
+
+#Checks
+
+:RelationCheck a access:Check ;
+    access:useOperator access-individual:SparqlSelectQueryResultsNotContain ;
+    access:hasTypeToCheck access-individual:StatementSubjectUri ;
+    access:value access-individual:PersonProfileProximityToResourceUri ;
+    .
+
+:AccessObjectStatementTypeCheck a access:Check ;
+    access:useOperator access-individual:Equals ;
+    access:hasTypeToCheck access-individual:AccessObjectType ;
+    access:values access-individual:ObjectPropertyStatementValueSet ;
+    access:values access-individual:DataPropertyStatementValueSet ;
+    access:values access-individual:FauxObjectPropertyStatementValueSet ;
+    access:values access-individual:FauxDataPropertyStatementValueSet ;
+    .
+
+:OperationCheck a access:Check ;
+    access:useOperator access-individual:Equals ;
+    access:hasTypeToCheck access-individual:Operation ;
+    access:values access-individual:DisplayOperationValueSet ;
+    .
+
+:SubjectRoleCheck a access:Check ;
+    access:useOperator access-individual:Equals ;
+    access:hasTypeToCheck access-individual:SubjectRole ;
+    access:values access-individual:SelfEditorRoleValueSet ;
+    .
+
+:StatementPredicateCheck a access:Check ;
+    access:useOperator access-individual:OneOf ;
+    access:hasTypeToCheck access-individual:StatementPredicateUri ;
+    access:values :SelfEditorObjectPropertyValueSet ;
+    access:values :SelfEditorDataPropertyValueSet ;
+    access:values :SelfEditorFauxObjectPropertyValueSet ;
+    access:values :SelfEditorFauxDataPropertyValueSet ;
+    .
+
+:AccessObjectUriCheck a access:Check ;
+    access:useOperator access-individual:OneOf ;
+    access:hasTypeToCheck access-individual:AccessObjectUri ;
+    access:values :SelfEditorObjectPropertyValueSet ;
+    access:values :SelfEditorDataPropertyValueSet ;
+    access:values :SelfEditorFauxObjectPropertyValueSet ;
+    access:values :SelfEditorFauxDataPropertyValueSet ;
+    .
+
+#Value sets
+
+:SelfEditorObjectPropertyValueSet a access:ValueSet ;
+    access:containsElementsOfType access-individual:ObjectProperty ;
+    .
+
+:SelfEditorDataPropertyValueSet a access:ValueSet ;
+    access:containsElementsOfType access-individual:DataProperty ;
+    .
+
+:SelfEditorFauxObjectPropertyValueSet a access:ValueSet ;
+    access:containsElementsOfType access-individual:FauxObjectProperty ;
+    .
+
+:SelfEditorFauxDataPropertyValueSet a access:ValueSet ;
+    access:containsElementsOfType access-individual:FauxDataProperty ;
+    .
diff --git a/home/src/main/resources/rdf/display/firsttime/search_individuals_vitro.n3 b/home/src/main/resources/rdf/display/firsttime/search_individuals_vitro.n3
index 6477308989..8dd2abd3bd 100644
--- a/home/src/main/resources/rdf/display/firsttime/search_individuals_vitro.n3
+++ b/home/src/main/resources/rdf/display/firsttime/search_individuals_vitro.n3
@@ -44,6 +44,9 @@
         vitro-search:order         30 ;
         vitro-search:id            "titleasc" .
 
+:sort_by_relevance a                vitro-search:Sort ;
+        vitro-search:id            "relevance" .
+
 :field_label_sort
         a                          vitro-search:SearchField ;
         vitro-search:isLanguageSpecific true ;
diff --git a/home/src/main/resources/rdf/displayTbox/everytime/displayTBOX.n3 b/home/src/main/resources/rdf/displayTbox/everytime/displayTBOX.n3
index 07478b7717..e2764a5bc3 100644
--- a/home/src/main/resources/rdf/displayTbox/everytime/displayTBOX.n3
+++ b/home/src/main/resources/rdf/displayTbox/everytime/displayTBOX.n3
@@ -135,6 +135,27 @@ display:htmlValue
 display:cannotDeletePage
     a owl:DatatypeProperty.
 
+display:uri
+    a owl:DatatypeProperty.
+
+display:string
+    a owl:DatatypeProperty.
+
+display:int
+    a owl:DatatypeProperty.
+
+display:long
+    a owl:DatatypeProperty.
+
+display:float
+    a owl:DatatypeProperty.
+
+display:double
+    a owl:DatatypeProperty.
+
+display:boolean
+    a owl:DatatypeProperty.
+
 ######### Object Properties#########
 ###Basic
 rdfs:range
diff --git a/home/src/main/resources/rdf/i18n/de_DE/display/firsttime/search_individuals_vitro.n3 b/home/src/main/resources/rdf/i18n/de_DE/display/firsttime/search_individuals_vitro.n3
new file mode 100644
index 0000000000..6284db824e
--- /dev/null
+++ b/home/src/main/resources/rdf/i18n/de_DE/display/firsttime/search_individuals_vitro.n3
@@ -0,0 +1,14 @@
+@prefix : <https://vivoweb.org/ontology/vitro-search-individual/> .
+@prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .
+
+:filter_group_search_filters rdfs:label "Suchfilter"@de-DE .
+:filter_type rdfs:label "Typ"@de-DE .
+:filter_category rdfs:label "Kategorie"@de-DE .
+:sort_title_desc rdfs:label "Titel Z-A"@de-DE .
+:sort_title_asc rdfs:label "Titel A-Z"@de-DE .
+:sort_by_relevance rdfs:label "Relevanz"@de-DE .
+:field_label_sort rdfs:label "Etikettensortierfeld"@de-DE .
+:field_category rdfs:label "Klassengruppe"@de-DE .
+:field_type rdfs:label "Typ"@de-DE .
+:filter_querytext rdfs:label "Text"@de-DE .
+:field_querytext rdfs:label "Standardfeld"@de-DE .
diff --git a/home/src/main/resources/rdf/i18n/de_DE/interface-i18n/firsttime/vitro_UiLabel.ttl b/home/src/main/resources/rdf/i18n/de_DE/interface-i18n/firsttime/vitro_UiLabel.ttl
index ef00eaac44..90a1d39a6d 100644
--- a/home/src/main/resources/rdf/i18n/de_DE/interface-i18n/firsttime/vitro_UiLabel.ttl
+++ b/home/src/main/resources/rdf/i18n/de_DE/interface-i18n/firsttime/vitro_UiLabel.ttl
@@ -6309,3 +6309,52 @@ uil-data:captcha_user_sol_invalid.Vitro
         uil:hasApp      "Vitro" ;
         uil:hasKey      "captcha_user_sol_invalid" ;
         uil:hasPackage  "Vitro-languages" .
+
+	uil-data:suppress_operation_for_roles.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "{0}-Vorgänge für Rollen verweigern"@de-DE ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_roles" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:operation_permissions_for_this_property.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "{0}-Vorgänge für diese Property erlauben"@de-DE ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "operation_permissions_for_this_property" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:operation_permissions_for_this_class.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "{0}-Vorgänge für diese Klasse erlauben"@de-DE ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "operation_permissions_for_this_class" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:suppress_operation_for_this_property_in_unrelated_individuals.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "{0}-Vorgänge für diese Property bei nicht verwandten Instanzen verhindern"@de-DE ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_this_property_in_unrelated_individuals" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:suppress_operation_for_individuals_of_this_class.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Verweigern Sie <b>{0}</b>-Vorgänge für Objektseiten, die zur bearbeiteten Klasse gehören"@de-DE ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_individuals_of_this_class" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:suppress_operation_for_unrelated_individuals_of_this_class.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "{0}-Vorgänge für Seiten mit nicht verwandten Instanzen, die zur bearbeiteten Klasse gehören, verhindern"@de-DE ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_unrelated_individuals_of_this_class" ;
+        uil:hasPackage   "Vitro-languages" .
+
diff --git a/home/src/main/resources/rdf/i18n/de_DE/interface-i18n/firsttime/vitro_extended_search.ttl b/home/src/main/resources/rdf/i18n/de_DE/interface-i18n/firsttime/vitro_extended_search.ttl
new file mode 100644
index 0000000000..c0e0eee473
--- /dev/null
+++ b/home/src/main/resources/rdf/i18n/de_DE/interface-i18n/firsttime/vitro_extended_search.ttl
@@ -0,0 +1,40 @@
+@prefix owl:   <http://www.w3.org/2002/07/owl#> .
+@prefix rdf:   <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
+@prefix uil-data: <http://vivoweb.org/ontology/vitro/ui-label/individual#> .
+@prefix uil:  <http://vivoweb.org/ontology/vitro/ui-label/vocabulary#> .
+@prefix xsd:   <http://www.w3.org/2001/XMLSchema#> .
+@prefix skos:  <http://www.w3.org/2004/02/skos/core#> .
+@prefix rdfs:  <http://www.w3.org/2000/01/rdf-schema#> .
+
+uil-data:search_results_sort_by.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "Sortieren nach {0}"@de-DE ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "search_results_sort_by" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:search_results_per_page.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "{0} Ergebnisse pro Seite"@de-DE ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "search_results_per_page" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:search_field_placeholder.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "Suchbegriff eingeben"@de-DE ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "search_field_placeholder" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:results_found.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "{0} Ergebnisse gefunden"@de-DE ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "results_found" ;
+        uil:hasPackage   "Vitro-languages" .
+
diff --git a/home/src/main/resources/rdf/i18n/en_CA/display/firsttime/search_individuals_vitro.n3 b/home/src/main/resources/rdf/i18n/en_CA/display/firsttime/search_individuals_vitro.n3
new file mode 100644
index 0000000000..10b29482c3
--- /dev/null
+++ b/home/src/main/resources/rdf/i18n/en_CA/display/firsttime/search_individuals_vitro.n3
@@ -0,0 +1,14 @@
+@prefix : <https://vivoweb.org/ontology/vitro-search-individual/> .
+@prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .
+
+:filter_group_search_filters rdfs:label "Filters"@en-CA .
+:filter_type rdfs:label "Type"@en-CA .
+:filter_category rdfs:label "Category"@en-CA .
+:sort_title_desc rdfs:label "Title Z-A"@en-CA .
+:sort_title_asc rdfs:label "Title A-Z"@en-CA .
+:sort_by_relevance rdfs:label "Relevance"@en-CA .
+:field_label_sort rdfs:label "Label sort field"@en-CA .
+:field_category rdfs:label "ClassGroup"@en-CA .
+:field_type rdfs:label "Type"@en-CA .
+:filter_querytext rdfs:label "Text"@en-CA .
+:field_querytext rdfs:label "Default field"@en-CA .
diff --git a/home/src/main/resources/rdf/i18n/en_CA/interface-i18n/firsttime/vitro_UiLabel.ttl b/home/src/main/resources/rdf/i18n/en_CA/interface-i18n/firsttime/vitro_UiLabel.ttl
index eacfae4b4c..9889757a53 100644
--- a/home/src/main/resources/rdf/i18n/en_CA/interface-i18n/firsttime/vitro_UiLabel.ttl
+++ b/home/src/main/resources/rdf/i18n/en_CA/interface-i18n/firsttime/vitro_UiLabel.ttl
@@ -6309,3 +6309,52 @@ uil-data:captcha_user_sol_invalid.Vitro
         uil:hasApp      "Vitro" ;
         uil:hasKey      "captcha_user_sol_invalid" ;
         uil:hasPackage  "Vitro-languages" .
+
+uil-data:suppress_operation_for_roles.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Suppress <b>{0}</b> for roles "@en-CA ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_roles" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:operation_permissions_for_this_property.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "<b>{0}</b> permissions for this property"@en-CA ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "operation_permissions_for_this_property" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:operation_permissions_for_this_class.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "<b>{0}</b> permissions for this class"@en-CA ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "operation_permissions_for_this_class" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:suppress_operation_for_this_property_in_unrelated_individuals.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Suppress <b>{0}</b> for this property in unrelated individuals"@en-CA ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_this_property_in_unrelated_individuals" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:suppress_operation_for_individuals_of_this_class.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Suppress <b>{0}</b> for individual pages of this class"@en-CA ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_individuals_of_this_class" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:suppress_operation_for_unrelated_individuals_of_this_class.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Suppress <b>{0}</b> for not related individual pages of this class"@en-CA ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_unrelated_individuals_of_this_class" ;
+        uil:hasPackage   "Vitro-languages" .
+
diff --git a/home/src/main/resources/rdf/i18n/en_CA/interface-i18n/firsttime/vitro_extended_search.ttl b/home/src/main/resources/rdf/i18n/en_CA/interface-i18n/firsttime/vitro_extended_search.ttl
new file mode 100644
index 0000000000..0150b0f423
--- /dev/null
+++ b/home/src/main/resources/rdf/i18n/en_CA/interface-i18n/firsttime/vitro_extended_search.ttl
@@ -0,0 +1,40 @@
+@prefix owl:   <http://www.w3.org/2002/07/owl#> .
+@prefix rdf:   <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
+@prefix uil-data: <http://vivoweb.org/ontology/vitro/ui-label/individual#> .
+@prefix uil:  <http://vivoweb.org/ontology/vitro/ui-label/vocabulary#> .
+@prefix xsd:   <http://www.w3.org/2001/XMLSchema#> .
+@prefix skos:  <http://www.w3.org/2004/02/skos/core#> .
+@prefix rdfs:  <http://www.w3.org/2000/01/rdf-schema#> .
+
+uil-data:search_results_sort_by.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "Sort by {0}"@en-CA ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "search_results_sort_by" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:search_results_per_page.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "{0} results per page"@en-CA ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "search_results_per_page" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:search_field_placeholder.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "Enter search term"@en-CA ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "search_field_placeholder" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:results_found.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "{0} results found"@en-CA ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "results_found" ;
+        uil:hasPackage   "Vitro-languages" .
+
diff --git a/home/src/main/resources/rdf/i18n/en_US/display/firsttime/search_individuals_vitro.n3 b/home/src/main/resources/rdf/i18n/en_US/display/firsttime/search_individuals_vitro.n3
index 8a060d07bf..919370772c 100644
--- a/home/src/main/resources/rdf/i18n/en_US/display/firsttime/search_individuals_vitro.n3
+++ b/home/src/main/resources/rdf/i18n/en_US/display/firsttime/search_individuals_vitro.n3
@@ -1,11 +1,12 @@
 @prefix : <https://vivoweb.org/ontology/vitro-search-individual/> .
 @prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .
 
-:filter_group_search_filters rdfs:label "Search filters"@en-US .
+:filter_group_search_filters rdfs:label "Filters"@en-US .
 :filter_type rdfs:label "Type"@en-US .
 :filter_category rdfs:label "Category"@en-US .
 :sort_title_desc rdfs:label "Title Z-A"@en-US .
 :sort_title_asc rdfs:label "Title A-Z"@en-US .
+:sort_by_relevance rdfs:label "Relevance"@en-US .
 :field_label_sort rdfs:label "Label sort field"@en-US .
 :field_category rdfs:label "ClassGroup"@en-US .
 :field_type rdfs:label "Type"@en-US .
diff --git a/home/src/main/resources/rdf/i18n/en_US/interface-i18n/firsttime/vitro_UiLabel.ttl b/home/src/main/resources/rdf/i18n/en_US/interface-i18n/firsttime/vitro_UiLabel.ttl
index 157ea5bcb0..f7815323a5 100644
--- a/home/src/main/resources/rdf/i18n/en_US/interface-i18n/firsttime/vitro_UiLabel.ttl
+++ b/home/src/main/resources/rdf/i18n/en_US/interface-i18n/firsttime/vitro_UiLabel.ttl
@@ -6309,3 +6309,52 @@ uil-data:captcha_user_sol_invalid.Vitro
         uil:hasApp      "Vitro" ;
         uil:hasKey      "captcha_user_sol_invalid" ;
         uil:hasPackage  "Vitro-languages" .
+
+uil-data:suppress_operation_for_roles.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Suppress <b>{0}</b> for roles "@en-US ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_roles" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:operation_permissions_for_this_property.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "<b>{0}</b> permissions for this property"@en-US ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "operation_permissions_for_this_property" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:operation_permissions_for_this_class.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "<b>{0}</b> permissions for this class"@en-US ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "operation_permissions_for_this_class" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:suppress_operation_for_this_property_in_unrelated_individuals.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Suppress <b>{0}</b> for this property in unrelated individuals"@en-US ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_this_property_in_unrelated_individuals" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:suppress_operation_for_individuals_of_this_class.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Suppress <b>{0}</b> for individual pages of this class"@en-US ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_individuals_of_this_class" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:suppress_operation_for_unrelated_individuals_of_this_class.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Suppress <b>{0}</b> for not related individual pages of this class"@en-US ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_unrelated_individuals_of_this_class" ;
+        uil:hasPackage   "Vitro-languages" .
+
diff --git a/home/src/main/resources/rdf/i18n/en_US/interface-i18n/firsttime/vitro_extended_search.ttl b/home/src/main/resources/rdf/i18n/en_US/interface-i18n/firsttime/vitro_extended_search.ttl
index d679818dd7..acfee30e90 100644
--- a/home/src/main/resources/rdf/i18n/en_US/interface-i18n/firsttime/vitro_extended_search.ttl
+++ b/home/src/main/resources/rdf/i18n/en_US/interface-i18n/firsttime/vitro_extended_search.ttl
@@ -6,43 +6,35 @@
 @prefix skos:  <http://www.w3.org/2004/02/skos/core#> .
 @prefix rdfs:  <http://www.w3.org/2000/01/rdf-schema#> .
 
-uil-data:search_results_relevance.Vitro
-        rdf:type         owl:NamedIndividual ;
-        rdf:type         uil:PropertyKey ;
-        rdfs:label       "Relevance"@en-US ;
-        uil:hasApp      "Vitro" ;
-        uil:hasKey      "search_results_relevance" ;
-        uil:hasPackage  "Vitro-languages" .
-
 uil-data:search_results_sort_by.Vitro
         rdf:type         owl:NamedIndividual ;
         rdf:type         uil:PropertyKey ;
-        rdfs:label       "Sort by"@en-US ;
-        uil:hasApp      "Vitro" ;
-        uil:hasKey      "search_results_sort_by" ;
-        uil:hasPackage  "Vitro-languages" .
+        rdfs:label       "Sort by {0}"@en-US ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "search_results_sort_by" ;
+        uil:hasPackage   "Vitro-languages" .
 
 uil-data:search_results_per_page.Vitro
         rdf:type         owl:NamedIndividual ;
         rdf:type         uil:PropertyKey ;
-        rdfs:label       "Results per page"@en-US ;
-        uil:hasApp      "Vitro" ;
-        uil:hasKey      "search_results_per_page" ;
-        uil:hasPackage  "Vitro-languages" .
+        rdfs:label       "{0} Results per page"@en-US ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "search_results_per_page" ;
+        uil:hasPackage   "Vitro-languages" .
 
 uil-data:search_field_placeholder.Vitro
         rdf:type         owl:NamedIndividual ;
         rdf:type         uil:PropertyKey ;
         rdfs:label       "Enter search term"@en-US ;
-        uil:hasApp      "Vitro" ;
-        uil:hasKey      "search_field_placeholder" ;
-        uil:hasPackage  "Vitro-languages" .
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "search_field_placeholder" ;
+        uil:hasPackage   "Vitro-languages" .
 
 uil-data:results_found.Vitro
         rdf:type         owl:NamedIndividual ;
         rdf:type         uil:PropertyKey ;
-        rdfs:label       "results found"@en-US ;
-        uil:hasApp      "Vitro" ;
-        uil:hasKey      "results_found" ;
-        uil:hasPackage  "Vitro-languages" .
+        rdfs:label       "{0} results found"@en-US ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "results_found" ;
+        uil:hasPackage   "Vitro-languages" .
 
diff --git a/home/src/main/resources/rdf/i18n/es/display/firsttime/search_individuals_vitro.n3 b/home/src/main/resources/rdf/i18n/es/display/firsttime/search_individuals_vitro.n3
new file mode 100644
index 0000000000..0fd81cff50
--- /dev/null
+++ b/home/src/main/resources/rdf/i18n/es/display/firsttime/search_individuals_vitro.n3
@@ -0,0 +1,14 @@
+@prefix : <https://vivoweb.org/ontology/vitro-search-individual/> .
+@prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .
+
+:filter_group_search_filters rdfs:label "Filtros de búsqueda"@es .
+:filter_type rdfs:label "Tipo"@es .
+:filter_category rdfs:label "Categoría"@es .
+:sort_title_desc rdfs:label "Título Z-A"@es .
+:sort_title_asc rdfs:label "Título A-Z"@es .
+:sort_by_relevance rdfs:label "Relevancia"@es .
+:field_label_sort rdfs:label "Campo de clasificación de etiquetas"@es .
+:field_category rdfs:label "Grupo de clase"@es .
+:field_type rdfs:label "Tipo"@es .
+:filter_querytext rdfs:label "Texto"@es .
+:field_querytext rdfs:label "Campo predeterminado"@es .
diff --git a/home/src/main/resources/rdf/i18n/es/interface-i18n/firsttime/vitro_UiLabel.ttl b/home/src/main/resources/rdf/i18n/es/interface-i18n/firsttime/vitro_UiLabel.ttl
index 3871418990..dabf22813b 100644
--- a/home/src/main/resources/rdf/i18n/es/interface-i18n/firsttime/vitro_UiLabel.ttl
+++ b/home/src/main/resources/rdf/i18n/es/interface-i18n/firsttime/vitro_UiLabel.ttl
@@ -6309,3 +6309,52 @@ uil-data:captcha_user_sol_invalid.Vitro
         uil:hasApp      "Vitro" ;
         uil:hasKey      "captcha_user_sol_invalid" ;
         uil:hasPackage  "Vitro-languages" .
+
+uil-data:suppress_operation_for_roles.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Denegar operaciones <b>{0}</b> para roles"@es ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_roles" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:operation_permissions_for_this_property.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Permitir operaciones <b>{0}</b> para esta propiedad"@es ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "operation_permissions_for_this_property" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:operation_permissions_for_this_class.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Permitir operaciones <b>{0}</b> para esta clase"@es ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "operation_permissions_for_this_class" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:suppress_operation_for_this_property_in_unrelated_individuals.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Impedir operaciones <b>{0}</b> para esta propiedad en páginas de objetos no relacionados"@es ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_this_property_in_unrelated_individuals" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:suppress_operation_for_individuals_of_this_class.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Denegar operaciones <b>{0}</b> para páginas de objetos que pertenecen a la clase editada"@es ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_individuals_of_this_class" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:suppress_operation_for_unrelated_individuals_of_this_class.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Evitar operaciones <b>{0}</b> para páginas de objetos no relacionados que pertenecen a la clase editada"@es ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_unrelated_individuals_of_this_class" ;
+        uil:hasPackage   "Vitro-languages" .
+
diff --git a/home/src/main/resources/rdf/i18n/es/interface-i18n/firsttime/vitro_extended_search.ttl b/home/src/main/resources/rdf/i18n/es/interface-i18n/firsttime/vitro_extended_search.ttl
new file mode 100644
index 0000000000..b29e53b1ad
--- /dev/null
+++ b/home/src/main/resources/rdf/i18n/es/interface-i18n/firsttime/vitro_extended_search.ttl
@@ -0,0 +1,40 @@
+@prefix owl:   <http://www.w3.org/2002/07/owl#> .
+@prefix rdf:   <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
+@prefix uil-data: <http://vivoweb.org/ontology/vitro/ui-label/individual#> .
+@prefix uil:  <http://vivoweb.org/ontology/vitro/ui-label/vocabulary#> .
+@prefix xsd:   <http://www.w3.org/2001/XMLSchema#> .
+@prefix skos:  <http://www.w3.org/2004/02/skos/core#> .
+@prefix rdfs:  <http://www.w3.org/2000/01/rdf-schema#> .
+
+uil-data:search_results_sort_by.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "Ordenar por {0}"@es ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "search_results_sort_by" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:search_results_per_page.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "{0} resultados por página"@es ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "search_results_per_page" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:search_field_placeholder.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "Introduzca el término de búsqueda"@es ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "search_field_placeholder" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:results_found.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "{0} resultados encontrados"@es ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "results_found" ;
+        uil:hasPackage   "Vitro-languages" .
+
diff --git a/home/src/main/resources/rdf/i18n/fr_CA/display/firsttime/search_individuals_vitro.n3 b/home/src/main/resources/rdf/i18n/fr_CA/display/firsttime/search_individuals_vitro.n3
new file mode 100644
index 0000000000..00927ab732
--- /dev/null
+++ b/home/src/main/resources/rdf/i18n/fr_CA/display/firsttime/search_individuals_vitro.n3
@@ -0,0 +1,14 @@
+@prefix : <https://vivoweb.org/ontology/vitro-search-individual/> .
+@prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .
+
+:filter_group_search_filters rdfs:label "Filtres"@fr-CA .
+:filter_type rdfs:label "Taper"@fr-CA .
+:filter_category rdfs:label "Catégorie"@fr-CA .
+:sort_title_desc rdfs:label "Titre Z-A"@fr-CA .
+:sort_title_asc rdfs:label "Titre A-Z"@fr-CA .
+:sort_by_relevance rdfs:label "Pertinence"@fr-CA .
+:field_label_sort rdfs:label "Champ de tri des étiquettes"@fr-CA .
+:field_category rdfs:label "Groupe de classe"@fr-CA .
+:field_type rdfs:label "Taper"@fr-CA .
+:filter_querytext rdfs:label "Texte"@fr-CA .
+:field_querytext rdfs:label "Champ par défaut"@fr-CA .
diff --git a/home/src/main/resources/rdf/i18n/fr_CA/interface-i18n/firsttime/vitro_UiLabel.ttl b/home/src/main/resources/rdf/i18n/fr_CA/interface-i18n/firsttime/vitro_UiLabel.ttl
index 74a00f2c9c..b293b11aec 100644
--- a/home/src/main/resources/rdf/i18n/fr_CA/interface-i18n/firsttime/vitro_UiLabel.ttl
+++ b/home/src/main/resources/rdf/i18n/fr_CA/interface-i18n/firsttime/vitro_UiLabel.ttl
@@ -6309,3 +6309,52 @@ uil-data:captcha_user_sol_invalid.Vitro
         uil:hasApp      "Vitro" ;
         uil:hasKey      "captcha_user_sol_invalid" ;
         uil:hasPackage  "Vitro-languages" .
+
+uil-data:suppress_operation_for_roles.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Refuser <b>{0}</b> opérations pour les rôles"@fr-CA ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_roles" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:operation_permissions_for_this_property.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Autoriser les opérations <b>{0}</b> pour cette propriété"@fr-CA ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "operation_permissions_for_this_property" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:operation_permissions_for_this_class.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Autoriser les opérations <b>{0}</b> pour cette classe"@fr-CA ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "operation_permissions_for_this_class" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:suppress_operation_for_this_property_in_unrelated_individuals.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Empêcher les opérations <b>{0}</b> pour cette propriété sur les pages d'objets sans rapport"@fr-CA ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_this_property_in_unrelated_individuals" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:suppress_operation_for_individuals_of_this_class.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Refuser les opérations <b>{0}</b> pour les pages d'objet appartenant à la classe modifiée"@fr-CA ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_individuals_of_this_class" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:suppress_operation_for_unrelated_individuals_of_this_class.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Empêcher les opérations <b>{0}</b> pour les pages d'objets non liés appartenant à la classe modifiée"@fr-CA ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_unrelated_individuals_of_this_class" ;
+        uil:hasPackage   "Vitro-languages" .
+
diff --git a/home/src/main/resources/rdf/i18n/fr_CA/interface-i18n/firsttime/vitro_extended_search.ttl b/home/src/main/resources/rdf/i18n/fr_CA/interface-i18n/firsttime/vitro_extended_search.ttl
new file mode 100644
index 0000000000..e342c3107e
--- /dev/null
+++ b/home/src/main/resources/rdf/i18n/fr_CA/interface-i18n/firsttime/vitro_extended_search.ttl
@@ -0,0 +1,40 @@
+@prefix owl:   <http://www.w3.org/2002/07/owl#> .
+@prefix rdf:   <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
+@prefix uil-data: <http://vivoweb.org/ontology/vitro/ui-label/individual#> .
+@prefix uil:  <http://vivoweb.org/ontology/vitro/ui-label/vocabulary#> .
+@prefix xsd:   <http://www.w3.org/2001/XMLSchema#> .
+@prefix skos:  <http://www.w3.org/2004/02/skos/core#> .
+@prefix rdfs:  <http://www.w3.org/2000/01/rdf-schema#> .
+
+uil-data:search_results_sort_by.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "Trier par {0}"@fr-CA ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "search_results_sort_by" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:search_results_per_page.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "{0} résultats par page"@fr-CA ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "search_results_per_page" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:search_field_placeholder.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "Entrez le terme de recherche"@fr-CA ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "search_field_placeholder" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:results_found.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "{0} résultats trouvés"@fr-CA ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "results_found" ;
+        uil:hasPackage   "Vitro-languages" .
+
diff --git a/home/src/main/resources/rdf/i18n/pt_BR/display/firsttime/search_individuals_vitro.n3 b/home/src/main/resources/rdf/i18n/pt_BR/display/firsttime/search_individuals_vitro.n3
new file mode 100644
index 0000000000..2d3240de7f
--- /dev/null
+++ b/home/src/main/resources/rdf/i18n/pt_BR/display/firsttime/search_individuals_vitro.n3
@@ -0,0 +1,14 @@
+@prefix : <https://vivoweb.org/ontology/vitro-search-individual/> .
+@prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .
+
+:filter_group_search_filters rdfs:label "Filtros"@pt-BR .
+:filter_type rdfs:label "Tipo"@pt-BR .
+:filter_category rdfs:label "Categoria"@pt-BR .
+:sort_title_desc rdfs:label "Título Z-A"@pt-BR .
+:sort_title_asc rdfs:label "Título A-Z"@pt-BR .
+:sort_by_relevance rdfs:label "Relevância"@pt-BR .
+:field_label_sort rdfs:label "Campo de ordenação por rótulo"@pt-BR .
+:field_category rdfs:label "Grupo de Classe"@pt-BR .
+:field_type rdfs:label "Tipo"@pt-BR .
+:filter_querytext rdfs:label "Texto"@pt-BR .
+:field_querytext rdfs:label "Campo padrão"@pt-BR .
diff --git a/home/src/main/resources/rdf/i18n/pt_BR/interface-i18n/firsttime/vitro_UiLabel.ttl b/home/src/main/resources/rdf/i18n/pt_BR/interface-i18n/firsttime/vitro_UiLabel.ttl
index 4297780456..1170a3880d 100644
--- a/home/src/main/resources/rdf/i18n/pt_BR/interface-i18n/firsttime/vitro_UiLabel.ttl
+++ b/home/src/main/resources/rdf/i18n/pt_BR/interface-i18n/firsttime/vitro_UiLabel.ttl
@@ -6309,3 +6309,52 @@ uil-data:captcha_user_sol_invalid.Vitro
         uil:hasApp      "Vitro" ;
         uil:hasKey      "captcha_user_sol_invalid" ;
         uil:hasPackage  "Vitro-languages" .
+
+uil-data:suppress_operation_for_roles.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Negar <b>{0}</b> operações para funções"@pt-BR ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_roles" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:operation_permissions_for_this_property.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Permitir <b>{0}</b> operações para esta propriedade"@pt-BR ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "operation_permissions_for_this_property" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:operation_permissions_for_this_class.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Permitir <b>{0}</b> operações para esta classe"@pt-BR ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "operation_permissions_for_this_class" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:suppress_operation_for_this_property_in_unrelated_individuals.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Impedir operações <b>{0}</b> para esta propriedade em páginas de objetos não relacionados"@pt-BR ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_this_property_in_unrelated_individuals" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:suppress_operation_for_individuals_of_this_class.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Negar operações <b>{0}</b> para páginas de objetos pertencentes à classe editada"@pt-BR ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_individuals_of_this_class" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:suppress_operation_for_unrelated_individuals_of_this_class.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Impedir operações <b>{0}</b> para páginas de objetos não relacionados pertencentes à classe editada"@pt-BR ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_unrelated_individuals_of_this_class" ;
+        uil:hasPackage   "Vitro-languages" .
+
diff --git a/home/src/main/resources/rdf/i18n/pt_BR/interface-i18n/firsttime/vitro_extended_search.ttl b/home/src/main/resources/rdf/i18n/pt_BR/interface-i18n/firsttime/vitro_extended_search.ttl
new file mode 100644
index 0000000000..ceea444b5f
--- /dev/null
+++ b/home/src/main/resources/rdf/i18n/pt_BR/interface-i18n/firsttime/vitro_extended_search.ttl
@@ -0,0 +1,40 @@
+@prefix owl:   <http://www.w3.org/2002/07/owl#> .
+@prefix rdf:   <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
+@prefix uil-data: <http://vivoweb.org/ontology/vitro/ui-label/individual#> .
+@prefix uil:  <http://vivoweb.org/ontology/vitro/ui-label/vocabulary#> .
+@prefix xsd:   <http://www.w3.org/2001/XMLSchema#> .
+@prefix skos:  <http://www.w3.org/2004/02/skos/core#> .
+@prefix rdfs:  <http://www.w3.org/2000/01/rdf-schema#> .
+
+uil-data:search_results_sort_by.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "Ordenar por {0}"@pt-BR ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "search_results_sort_by" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:search_results_per_page.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "{0} resultados por página"@pt-BR ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "search_results_per_page" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:search_field_placeholder.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "Insira o termo de pesquisa"@pt-BR ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "search_field_placeholder" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:results_found.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "{0} resultados encontrados"@pt-BR ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "results_found" ;
+        uil:hasPackage   "Vitro-languages" .
+
diff --git a/home/src/main/resources/rdf/i18n/ru_RU/display/firsttime/search_individuals_vitro.n3 b/home/src/main/resources/rdf/i18n/ru_RU/display/firsttime/search_individuals_vitro.n3
new file mode 100644
index 0000000000..95738dac37
--- /dev/null
+++ b/home/src/main/resources/rdf/i18n/ru_RU/display/firsttime/search_individuals_vitro.n3
@@ -0,0 +1,14 @@
+@prefix : <https://vivoweb.org/ontology/vitro-search-individual/> .
+@prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .
+
+:filter_group_search_filters rdfs:label "Фильтры"@ru-RU .
+:filter_type rdfs:label "Тип"@ru-RU .
+:filter_category rdfs:label "Категория"@ru-RU .
+:sort_title_desc rdfs:label "названию Я-А"@ru-RU .
+:sort_title_asc rdfs:label "названию А-Я"@ru-RU .
+:sort_by_relevance rdfs:label "релевантности"@ru-RU .
+:field_label_sort rdfs:label "Поле сортировки по названию"@ru-RU .
+:field_category rdfs:label "Поле категория"@ru-RU .
+:field_type rdfs:label "Поле тип"@ru-RU .
+:filter_querytext rdfs:label "Текст"@ru-RU .
+:field_querytext rdfs:label "Поле фильтра по умолчанию"@ru-RU .
diff --git a/home/src/main/resources/rdf/i18n/ru_RU/interface-i18n/firsttime/vitro_UiLabel.ttl b/home/src/main/resources/rdf/i18n/ru_RU/interface-i18n/firsttime/vitro_UiLabel.ttl
index d091845941..582dfe544e 100644
--- a/home/src/main/resources/rdf/i18n/ru_RU/interface-i18n/firsttime/vitro_UiLabel.ttl
+++ b/home/src/main/resources/rdf/i18n/ru_RU/interface-i18n/firsttime/vitro_UiLabel.ttl
@@ -6309,3 +6309,52 @@ uil-data:captcha_user_sol_invalid.Vitro
         uil:hasApp      "Vitro" ;
         uil:hasKey      "captcha_user_sol_invalid" ;
         uil:hasPackage  "Vitro-languages" .
+
+uil-data:suppress_operation_for_roles.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Запрещать операции <b>{0}</b> для ролей"@ru-RU ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_roles" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:operation_permissions_for_this_property.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Разрешать операции <b>{0}</b> для данного свойства"@ru-RU ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "operation_permissions_for_this_property" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:operation_permissions_for_this_class.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Разрешать операции <b>{0}</b> для данного класса"@ru-RU ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "operation_permissions_for_this_class" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:suppress_operation_for_this_property_in_unrelated_individuals.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Запрещать операции <b>{0}</b> для данного свойства на страницах не связанных объектов"@ru-RU ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_this_property_in_unrelated_individuals" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:suppress_operation_for_individuals_of_this_class.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Запрещать операции <b>{0}</b> для страниц объектов, относящихся к редактируемому классу"@ru-RU ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_individuals_of_this_class" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:suppress_operation_for_unrelated_individuals_of_this_class.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Запрещать операции <b>{0}</b> для страниц не связанных объектов, относящихся к редактируемому классу"@ru-RU ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_unrelated_individuals_of_this_class" ;
+        uil:hasPackage   "Vitro-languages" .
+
diff --git a/home/src/main/resources/rdf/i18n/ru_RU/interface-i18n/firsttime/vitro_extended_search.ttl b/home/src/main/resources/rdf/i18n/ru_RU/interface-i18n/firsttime/vitro_extended_search.ttl
new file mode 100644
index 0000000000..31aae13c86
--- /dev/null
+++ b/home/src/main/resources/rdf/i18n/ru_RU/interface-i18n/firsttime/vitro_extended_search.ttl
@@ -0,0 +1,40 @@
+@prefix owl:   <http://www.w3.org/2002/07/owl#> .
+@prefix rdf:   <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
+@prefix uil-data: <http://vivoweb.org/ontology/vitro/ui-label/individual#> .
+@prefix uil:  <http://vivoweb.org/ontology/vitro/ui-label/vocabulary#> .
+@prefix xsd:   <http://www.w3.org/2001/XMLSchema#> .
+@prefix skos:  <http://www.w3.org/2004/02/skos/core#> .
+@prefix rdfs:  <http://www.w3.org/2000/01/rdf-schema#> .
+
+uil-data:search_results_sort_by.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "Сортировка по {0}"@ru-RU ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "search_results_sort_by" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:search_results_per_page.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "по {0} результатов на странице"@ru-RU ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "search_results_per_page" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:search_field_placeholder.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "Введите текст"@ru-RU ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "search_field_placeholder" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:results_found.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "{0} результатов найдено"@ru-RU ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "results_found" ;
+        uil:hasPackage   "Vitro-languages" .
+
diff --git a/home/src/main/resources/rdf/i18n/sr_Latn_RS/display/firsttime/search_individuals_vitro.n3 b/home/src/main/resources/rdf/i18n/sr_Latn_RS/display/firsttime/search_individuals_vitro.n3
new file mode 100644
index 0000000000..9a83d4109c
--- /dev/null
+++ b/home/src/main/resources/rdf/i18n/sr_Latn_RS/display/firsttime/search_individuals_vitro.n3
@@ -0,0 +1,14 @@
+@prefix : <https://vivoweb.org/ontology/vitro-search-individual/> .
+@prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .
+
+:filter_group_search_filters rdfs:label "Filteri za pretragu"@sr-Latn-RS .
+:filter_type rdfs:label "Tip"@sr-Latn-RS .
+:filter_category rdfs:label "Kategorija"@sr-Latn-RS .
+:sort_title_desc rdfs:label "Naslov Z-A"@sr-Latn-RS .
+:sort_title_asc rdfs:label "Naslov A-Z"@sr-Latn-RS .
+:sort_by_relevance rdfs:label "Relevantnost"@sr-Latn-RS .
+:field_label_sort rdfs:label "Polje za sortiranje oznaka"@sr-Latn-RS .
+:field_category rdfs:label "Odeljenska grupa"@sr-Latn-RS .
+:field_type rdfs:label "Tip"@sr-Latn-RS .
+:filter_querytext rdfs:label "Tekst"@sr-Latn-RS .
+:field_querytext rdfs:label "Podrazumevano polje"@sr-Latn-RS .
diff --git a/home/src/main/resources/rdf/i18n/sr_Latn_RS/interface-i18n/firsttime/vitro_UiLabel.ttl b/home/src/main/resources/rdf/i18n/sr_Latn_RS/interface-i18n/firsttime/vitro_UiLabel.ttl
index a900c469f8..ef426fc344 100644
--- a/home/src/main/resources/rdf/i18n/sr_Latn_RS/interface-i18n/firsttime/vitro_UiLabel.ttl
+++ b/home/src/main/resources/rdf/i18n/sr_Latn_RS/interface-i18n/firsttime/vitro_UiLabel.ttl
@@ -6309,3 +6309,52 @@ uil-data:captcha_user_sol_invalid.Vitro
         uil:hasApp      "Vitro" ;
         uil:hasKey      "captcha_user_sol_invalid" ;
         uil:hasPackage  "Vitro-languages" .
+
+uil-data:suppress_operation_for_roles.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Zabrani <b>{0}</b> operacije za role"@sr-Latn-RS ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_roles" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:operation_permissions_for_this_property.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Dozvoli <b>{0}</b> operacije za ovo svojstvo"@sr-Latn-RS ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "operation_permissions_for_this_property" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:operation_permissions_for_this_class.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Dozvoli <b>{0}</b> operacije za ovu klasu"@sr-Latn-RS ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "operation_permissions_for_this_class" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:suppress_operation_for_this_property_in_unrelated_individuals.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Zabrani <b>{0}</b> operacije za ovo svojstvo na stranicama nepovezanih objekata"@sr-Latn-RS ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_this_property_in_unrelated_individuals" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:suppress_operation_for_individuals_of_this_class.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Zabrani <b>{0}</b> operacije za objekte koji pripadaju ovoj klasi"@sr-Latn-RS ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_individuals_of_this_class" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:suppress_operation_for_unrelated_individuals_of_this_class.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:UILabel ;
+        rdfs:label       "Zabrani <b>{0}</b> operacija za nepovezane objekte koji pripadaju ovoj klasi"@sr-Latn-RS ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "suppress_operation_for_unrelated_individuals_of_this_class" ;
+        uil:hasPackage   "Vitro-languages" .
+
diff --git a/home/src/main/resources/rdf/i18n/sr_Latn_RS/interface-i18n/firsttime/vitro_extended_search.ttl b/home/src/main/resources/rdf/i18n/sr_Latn_RS/interface-i18n/firsttime/vitro_extended_search.ttl
new file mode 100644
index 0000000000..fecf473079
--- /dev/null
+++ b/home/src/main/resources/rdf/i18n/sr_Latn_RS/interface-i18n/firsttime/vitro_extended_search.ttl
@@ -0,0 +1,40 @@
+@prefix owl:   <http://www.w3.org/2002/07/owl#> .
+@prefix rdf:   <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
+@prefix uil-data: <http://vivoweb.org/ontology/vitro/ui-label/individual#> .
+@prefix uil:  <http://vivoweb.org/ontology/vitro/ui-label/vocabulary#> .
+@prefix xsd:   <http://www.w3.org/2001/XMLSchema#> .
+@prefix skos:  <http://www.w3.org/2004/02/skos/core#> .
+@prefix rdfs:  <http://www.w3.org/2000/01/rdf-schema#> .
+
+uil-data:search_results_sort_by.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "Sortiraj po {0}"@sr-Latn-RS ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "search_results_sort_by" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:search_results_per_page.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "{0} rezultati po strani"@sr-Latn-RS ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "search_results_per_page" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:search_field_placeholder.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "Unesite termin za pretragu"@sr-Latn-RS ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "search_field_placeholder" ;
+        uil:hasPackage   "Vitro-languages" .
+
+uil-data:results_found.Vitro
+        rdf:type         owl:NamedIndividual ;
+        rdf:type         uil:PropertyKey ;
+        rdfs:label       "{0} pronađeni rezultati"@sr-Latn-RS ;
+        uil:hasApp       "Vitro" ;
+        uil:hasKey       "results_found" ;
+        uil:hasPackage   "Vitro-languages" .
+
diff --git a/home/src/main/resources/rdf/tbox/firsttime/vitro-access-control-ontology.n3 b/home/src/main/resources/rdf/tbox/firsttime/vitro-access-control-ontology.n3
index 886a7bd068..48c397dc2c 100644
--- a/home/src/main/resources/rdf/tbox/firsttime/vitro-access-control-ontology.n3
+++ b/home/src/main/resources/rdf/tbox/firsttime/vitro-access-control-ontology.n3
@@ -58,6 +58,11 @@
     rdfs:comment "Represents attribute uri value";
     rdfs:label "Attribute uri value"@en-US .
 
+:NamedKeyComponent a owl:Class ;
+    rdfs:subClassOf :AttributeValuePattern ;
+    rdfs:comment "Represents named key component";
+    rdfs:label "Named key component"@en-US .
+
 :SubjectRoleUri a owl:Class ;
     rdfs:subClassOf :AttributeUriValue ;
     rdfs:comment "Represents role uri";
@@ -149,6 +154,12 @@
     rdfs:domain :Check ;
     rdfs:range :Operator .
 
+:useConfiguration a owl:ObjectProperty ;
+    rdfs:comment "Use configuration in case :Check needs additional configuration";
+    rdfs:label "use configuration"@en-US ;
+    rdfs:domain :Check ;
+    rdfs:range :AttributeValuePattern .
+
 :hasTypeToCheck a owl:ObjectProperty ,
     owl:FunctionalProperty ;
     rdfs:comment "Set attribute type that should be checked";
diff --git a/webapp/src/main/webapp/templates/edit/specific/dataprop_retry.jsp b/webapp/src/main/webapp/templates/edit/specific/dataprop_retry.jsp
index 6b35856959..526651acc0 100644
--- a/webapp/src/main/webapp/templates/edit/specific/dataprop_retry.jsp
+++ b/webapp/src/main/webapp/templates/edit/specific/dataprop_retry.jsp
@@ -133,7 +133,7 @@
 	<input id="${BaseEditController.ENTITY_TYPE_ATTRIBUTE_NAME}" type="hidden" name="${BaseEditController.ENTITY_TYPE_ATTRIBUTE_NAME}" value="DATA_PROPERTY" />
 	<c:forEach var="entry" items="${operationsToRoles}">
 		<tr class="editformcell">
-			<td valign="top" colspan="5"><b>${entry.key}</b> permissions for this property<br /> 
+			<td valign="top" colspan="5">${i18n.text('operation_permissions_for_this_property', entry.key)}<br /> 
 				<c:set var="operationLowercase" value="${fn:toLowerCase(entry.key)}" />
 				<c:forEach var="role" items="${entry.value}">
 					<input id="${operationLowercase}${role.label}"
@@ -150,6 +150,31 @@
 			</td>
 		</tr>
 	</c:forEach>
+	<!-- Property suppressions (not related) -->
+	<c:if test="${!empty propertySuppressionsNotRelated}">
+	    <input id="${BaseEditController.PROPERTY_SUPPRESSIONS_NOT_RELATED}" type="hidden" name="${BaseEditController.PROPERTY_SUPPRESSIONS_NOT_RELATED}" value="enabled" />
+		<c:forEach var="entry" items="${propertySuppressionsNotRelated}">
+			<tr class="editformcell">
+				<td valign="top" colspan="5">${i18n.text('suppress_operation_for_this_property_in_unrelated_individuals', entry.key)}<br /> 
+					<c:set var="operationLowercase" value="${fn:toLowerCase(entry.key)}" />
+					<c:forEach var="role" items="${entry.value}">
+						<input id="propertySuppressionNotRelated${operationLowercase}${role.label}"
+							type="checkbox" name="propertySuppressionNotRelated${operationLowercase}Roles"
+							value="${role.uri}" ${role.granted?'checked':''}
+							${role.enabled?'':'disabled'} />
+						<label class="inline" for="${operationLowercase}${role.label}">${role.label}</label>
+					</c:forEach>
+				</td>
+			</tr>
+			<tr>
+				<td colspan="5">
+					<hr class="formDivider" />
+				</td>
+			</tr>
+		</c:forEach>
+	</c:if>
+	<!-- Property suppressions (not related) end -->
+	
 </c:if>
 <!-- Permissions End -->
 <tr class="editformcell">
diff --git a/webapp/src/main/webapp/templates/edit/specific/entity_retry.jsp b/webapp/src/main/webapp/templates/edit/specific/entity_retry.jsp
index 96d06f7df1..c36c5f7d0d 100644
--- a/webapp/src/main/webapp/templates/edit/specific/entity_retry.jsp
+++ b/webapp/src/main/webapp/templates/edit/specific/entity_retry.jsp
@@ -2,6 +2,37 @@
 
 <%@ taglib prefix="form" uri="http://vitro.mannlib.cornell.edu/edit/tags" %>
 <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions"%>
+
+<jsp:directive.page import="edu.cornell.mannlib.vedit.controller.BaseEditController"/>
+
+<!--  Uri suppressions -->
+<c:if test="${!empty uriSuppressions}">
+    <input id="${BaseEditController.URI_SUPPRESSIONS}" type="hidden" name="${BaseEditController.URI_SUPPRESSIONS}" value="enabled" />
+    <input id="${BaseEditController.ENTITY_URI_ATTRIBUTE_NAME}" type="hidden" name="${BaseEditController.ENTITY_URI_ATTRIBUTE_NAME}" value="${_permissionsEntityURI}" />
+    <input id="${BaseEditController.ENTITY_TYPE_ATTRIBUTE_NAME}" type="hidden" name="${BaseEditController.ENTITY_TYPE_ATTRIBUTE_NAME}" value="INDIVIDUAL" />
+	<c:forEach var="entry" items="${uriSuppressions}">
+		<tr class="editformcell">
+			<td valign="top" colspan="5">${i18n.text('suppress_operation_for_roles', entry.key)} <br /> 
+				<c:set var="operationLowercase" value="${fn:toLowerCase(entry.key)}" />
+				<c:forEach var="role" items="${entry.value}">
+					<input id="uriSuppression${operationLowercase}${role.label}"
+						type="checkbox" name="uriSuppression${operationLowercase}Roles"
+						value="${role.uri}" ${role.granted?'checked':''}
+						${role.enabled?'':'disabled'} />
+					<label class="inline" for="${operationLowercase}${role.label}">${role.label}</label>
+				</c:forEach>
+			</td>
+		</tr>
+		<tr>
+			<td colspan="5">
+				<hr class="formDivider" />
+			</td>
+		</tr>
+	</c:forEach>
+</c:if>
+<!-- Uri suppressions end -->
+
 
     <tr class="editformcell" id="entityNameTr">
         <td valign="bottom" id="entityNameTd" colspan="2">
diff --git a/webapp/src/main/webapp/templates/edit/specific/fauxProperty_retry.jsp b/webapp/src/main/webapp/templates/edit/specific/fauxProperty_retry.jsp
index 577d30ea5c..23867979b2 100644
--- a/webapp/src/main/webapp/templates/edit/specific/fauxProperty_retry.jsp
+++ b/webapp/src/main/webapp/templates/edit/specific/fauxProperty_retry.jsp
@@ -69,7 +69,7 @@
     <input id="${BaseEditController.ENTITY_TYPE_ATTRIBUTE_NAME}" type="hidden" name="${BaseEditController.ENTITY_TYPE_ATTRIBUTE_NAME}" value="${_faux_property_type}" />
 	<c:forEach var="entry" items="${operationsToRoles}">
 		<tr class="editformcell">
-			<td valign="top" colspan="5"><b>${entry.key}</b> permissions for this property<br /> 
+			<td valign="top" colspan="5">${i18n.text('operation_permissions_for_this_property', entry.key)}<br /> 
 				<c:set var="operationLowercase" value="${fn:toLowerCase(entry.key)}" />
 				<c:forEach var="role" items="${entry.value}">
 					<input id="${operationLowercase}${role.label}"
@@ -86,6 +86,30 @@
 			</td>
 		</tr>
 	</c:forEach>
+	<!-- Property suppressions (not related) -->
+	<c:if test="${!empty propertySuppressionsNotRelated}">
+	    <input id="${BaseEditController.PROPERTY_SUPPRESSIONS_NOT_RELATED}" type="hidden" name="${BaseEditController.PROPERTY_SUPPRESSIONS_NOT_RELATED}" value="enabled" />
+		<c:forEach var="entry" items="${propertySuppressionsNotRelated}">
+			<tr class="editformcell">
+				<td valign="top" colspan="5">${i18n.text('suppress_operation_for_this_property_in_unrelated_individuals', entry.key)}<br /> 
+					<c:set var="operationLowercase" value="${fn:toLowerCase(entry.key)}" />
+					<c:forEach var="role" items="${entry.value}">
+						<input id="propertySuppressionNotRelated${operationLowercase}${role.label}"
+							type="checkbox" name="propertySuppressionNotRelated${operationLowercase}Roles"
+							value="${role.uri}" ${role.granted?'checked':''}
+							${role.enabled?'':'disabled'} />
+						<label class="inline" for="${operationLowercase}${role.label}">${role.label}</label>
+					</c:forEach>
+				</td>
+			</tr>
+			<tr>
+				<td colspan="5">
+					<hr class="formDivider" />
+				</td>
+			</tr>
+		</c:forEach>
+	</c:if>
+	<!-- Property suppressions (not related) end -->
 </c:if>
 <!-- Permissions End -->
 
diff --git a/webapp/src/main/webapp/templates/edit/specific/property_retry.jsp b/webapp/src/main/webapp/templates/edit/specific/property_retry.jsp
index 00ad410eb9..d0d967ad06 100644
--- a/webapp/src/main/webapp/templates/edit/specific/property_retry.jsp
+++ b/webapp/src/main/webapp/templates/edit/specific/property_retry.jsp
@@ -196,7 +196,7 @@
     <input id="${BaseEditController.ENTITY_TYPE_ATTRIBUTE_NAME}" type="hidden" name="${BaseEditController.ENTITY_TYPE_ATTRIBUTE_NAME}" value="OBJECT_PROPERTY" />
 	<c:forEach var="entry" items="${operationsToRoles}">
 		<tr class="editformcell">
-			<td valign="top" colspan="5"><b>${entry.key}</b> permissions for this property<br /> 
+			<td valign="top" colspan="5">${i18n.text('operation_permissions_for_this_property', entry.key)}<br /> 
 				<c:set var="operationLowercase" value="${fn:toLowerCase(entry.key)}" />
 				<c:forEach var="role" items="${entry.value}">
 					<input id="${operationLowercase}${role.label}"
@@ -213,6 +213,30 @@
 			</td>
 		</tr>
 	</c:forEach>
+	<!-- Property suppressions (not related) -->
+	<c:if test="${!empty propertySuppressionsNotRelated}">
+	    <input id="${BaseEditController.PROPERTY_SUPPRESSIONS_NOT_RELATED}" type="hidden" name="${BaseEditController.PROPERTY_SUPPRESSIONS_NOT_RELATED}" value="enabled" />
+		<c:forEach var="entry" items="${propertySuppressionsNotRelated}">
+			<tr class="editformcell">
+				<td valign="top" colspan="5">${i18n.text('suppress_operation_for_this_property_in_unrelated_individuals', entry.key)}<br /> 
+					<c:set var="operationLowercase" value="${fn:toLowerCase(entry.key)}" />
+					<c:forEach var="role" items="${entry.value}">
+						<input id="propertySuppressionNotRelated${operationLowercase}${role.label}"
+							type="checkbox" name="propertySuppressionNotRelated${operationLowercase}Roles"
+							value="${role.uri}" ${role.granted?'checked':''}
+							${role.enabled?'':'disabled'} />
+						<label class="inline" for="${operationLowercase}${role.label}">${role.label}</label>
+					</c:forEach>
+				</td>
+			</tr>
+			<tr>
+				<td colspan="5">
+					<hr class="formDivider" />
+				</td>
+			</tr>
+		</c:forEach>
+	</c:if>
+	<!-- Property suppressions (not related) end -->
 </c:if>
 <!-- Permissions End -->
 <tr class="editformcell">
diff --git a/webapp/src/main/webapp/templates/edit/specific/vclass_retry.jsp b/webapp/src/main/webapp/templates/edit/specific/vclass_retry.jsp
index 864879e82c..c5c36e40f3 100644
--- a/webapp/src/main/webapp/templates/edit/specific/vclass_retry.jsp
+++ b/webapp/src/main/webapp/templates/edit/specific/vclass_retry.jsp
@@ -94,7 +94,7 @@
     <input id="${BaseEditController.ENTITY_TYPE_ATTRIBUTE_NAME}" type="hidden" name="${BaseEditController.ENTITY_TYPE_ATTRIBUTE_NAME}" value="CLASS" />
 	<c:forEach var="entry" items="${operationsToRoles}">
 		<tr class="editformcell">
-			<td valign="top" colspan="5"><b>${entry.key}</b> permissions for this property<br /> 
+			<td valign="top" colspan="5">${i18n.text('operation_permissions_for_this_class', entry.key)}<br /> 
 				<c:set var="operationLowercase" value="${fn:toLowerCase(entry.key)}" />
 				<c:forEach var="role" items="${entry.value}">
 					<input id="${operationLowercase}${role.label}"
@@ -111,8 +111,59 @@
 			</td>
 		</tr>
 	</c:forEach>
+	
+	<!-- Type suppressions -->
+	<c:if test="${!empty typeSuppressions}">
+	    <input id="${BaseEditController.TYPE_SUPPRESSIONS}" type="hidden" name="${BaseEditController.TYPE_SUPPRESSIONS}" value="enabled" />
+		<c:forEach var="entry" items="${typeSuppressions}">
+			<tr class="editformcell">
+				<td valign="top" colspan="5">${i18n.text('suppress_operation_for_individuals_of_this_class', entry.key)}<br /> 
+					<c:set var="operationLowercase" value="${fn:toLowerCase(entry.key)}" />
+					<c:forEach var="role" items="${entry.value}">
+						<input id="typeSuppression${operationLowercase}${role.label}"
+							type="checkbox" name="typeSuppression${operationLowercase}Roles"
+							value="${role.uri}" ${role.granted?'checked':''}
+							${role.enabled?'':'disabled'} />
+						<label class="inline" for="${operationLowercase}${role.label}">${role.label}</label>
+					</c:forEach>
+				</td>
+			</tr>
+			<tr>
+				<td colspan="5">
+					<hr class="formDivider" />
+				</td>
+			</tr>
+		</c:forEach>
+	</c:if>
+	<!-- Type suppressions end -->
+	
+	<!-- Type suppressions (not related) -->
+	<c:if test="${!empty typeSuppressionsNotRelated}">
+	    <input id="${BaseEditController.TYPE_SUPPRESSIONS_NOT_RELATED}" type="hidden" name="${BaseEditController.TYPE_SUPPRESSIONS_NOT_RELATED}" value="enabled" />
+		<c:forEach var="entry" items="${typeSuppressionsNotRelated}">
+			<tr class="editformcell">
+				<td valign="top" colspan="5">${i18n.text('suppress_operation_for_unrelated_individuals_of_this_class', entry.key)}<br /> 
+					<c:set var="operationLowercase" value="${fn:toLowerCase(entry.key)}" />
+					<c:forEach var="role" items="${entry.value}">
+						<input id="typeSuppressionNotRelated${operationLowercase}${role.label}"
+							type="checkbox" name="typeSuppressionNotRelated${operationLowercase}Roles"
+							value="${role.uri}" ${role.granted?'checked':''}
+							${role.enabled?'':'disabled'} />
+						<label class="inline" for="${operationLowercase}${role.label}">${role.label}</label>
+					</c:forEach>
+				</td>
+			</tr>
+			<tr>
+				<td colspan="5">
+					<hr class="formDivider" />
+				</td>
+			</tr>
+		</c:forEach>
+	</c:if>
+	<!-- Type suppressions (not related) end -->
 </c:if>
 <!-- Permissions End -->
+
 <tr class="editformcell">
 	<!--td valign="top" colspan="1">
 		<b>Display Limit</b><br/>
diff --git a/webapp/src/main/webapp/templates/freemarker/body/search/search-pagedResults.ftl b/webapp/src/main/webapp/templates/freemarker/body/search/search-pagedResults.ftl
index 4300450944..f758de98b1 100644
--- a/webapp/src/main/webapp/templates/freemarker/body/search/search-pagedResults.ftl
+++ b/webapp/src/main/webapp/templates/freemarker/body/search/search-pagedResults.ftl
@@ -31,15 +31,15 @@ ${headScripts.add('<script type="text/javascript" src="${urls.base}/bootstrap-5.
     <#if (pagingLinks?size > 0)>
         <div class="searchpages">
             ${i18n().pages}:
-            <#if prevPage??><a class="prev" href="${prevPage}" title="${i18n().previous}">${i18n().previous}</a></#if>
+            <#if prevPage??><a class="prev" href="${prevPage?html}" title="${i18n().previous}">${i18n().previous}</a></#if>
             <#list pagingLinks as link>
                 <#if link.url??>
-                    <a href="${link.url}" title="${i18n().page_link}">${link.text}</a>
+                    <a href="${link.url?html}" title="${i18n().page_link}">${link.text?html}</a>
                 <#else>
-                    <span>${link.text}</span> <#-- no link if current page -->
+                    <span>${link.text?html}</span> <#-- no link if current page -->
                 </#if>
             </#list>
-            <#if nextPage??><a class="next" href="${nextPage}" title="${i18n().next_capitalized}">${i18n().next_capitalized}</a></#if>
+            <#if nextPage??><a class="next" href="${nextPage?html}" title="${i18n().next_capitalized}">${i18n().next_capitalized}</a></#if>
         </div>
     </#if>
 </#macro>
@@ -47,17 +47,17 @@ ${headScripts.add('<script type="text/javascript" src="${urls.base}/bootstrap-5.
 <#macro printResultNumbers>
 	<h2 class="searchResultsHeader">
 	<#escape x as x?html>
-	    ${hitCount} ${i18n().results_found} 
+	    ${i18n().results_found(hitCount)} 
 	</#escape>
 	<script type="text/javascript">
 		var url = window.location.toString();
 		if (url.indexOf("?") == -1){
-			var queryText = 'querytext=${querytext}';
+			var queryText = 'querytext=${querytext?js_string}';
 		} else {
 			var urlArray = url.split("?");
 			var queryText = urlArray[1];
 		}
-	
+
 		var urlsBase = '${urls.base}';
 		
 		$("input:radio").on("click",function (e) {
@@ -266,14 +266,18 @@ ${headScripts.add('<script type="text/javascript" src="${urls.base}/bootstrap-5.
 	<#if sorting?has_content>
 		<div>
 			<select form="search-form" name="sort" id="search-form-sort" onchange="this.form.submit()" >
-				<option value="">${i18n().search_results_sort_by} ${i18n().search_results_relevance}</option>
+			    <#assign addDefaultOption = true>
 				<#list sorting as option>
 					<#if option.selected>
-						<option value="${option.id}" selected="selected">${i18n().search_results_sort_by} ${option.label}</option>
+						<option value="${option.id}" selected="selected">${i18n().search_results_sort_by(option.label)}</option>
+						<#assign addDefaultOption = false>
 					<#else>
-						<option value="${option.id}" >${i18n().search_results_sort_by} ${option.label}</option>
+						<option value="${option.id}" >${i18n().search_results_sort_by(option.label)}</option>
 					</#if>
 				</#list>
+				<#if addDefaultOption>
+					<option disabled selected value="" style="display:none">${i18n().search_results_sort_by('')}</option>
+				</#if>
 			</select>
 		</div>
 	</#if>
@@ -284,9 +288,9 @@ ${headScripts.add('<script type="text/javascript" src="${urls.base}/bootstrap-5.
 	<select form="search-form" name="hitsPerPage" id="search-form-hits-per-page" onchange="this.form.submit()">
 		<#list hitsPerPageOptions as option>
 			<#if option == hitsPerPage>
-				<option value="${option}" selected="selected">${option} ${i18n().search_results_per_page}</option>
+				<option value="${option}" selected="selected">${i18n().search_results_per_page(option)}</option>
 			<#else>
-				<option value="${option}">${option} ${i18n().search_results_per_page}</option>
+				<option value="${option}">${i18n().search_results_per_page(option)}</option>
 			</#if>
 		</#list>
 	</select>
@@ -299,7 +303,7 @@ ${headScripts.add('<script type="text/javascript" src="${urls.base}/bootstrap-5.
 	<#else>
 		<li class="form-group-tab nav-item">
 	</#if>
-			<a data-toggle="tab" class="nav-link" href="#${group.id}" id="${group.id}-tab" data-bs-toggle="tab" data-bs-target="#${group.id}" type="button" role="tab" aria-controls="${group.id}" aria-selected="false">${group.label}</a>
+			<a data-toggle="tab" class="nav-link" href="#${group.id?html}" id="${group.id?html}-tab" data-bs-toggle="tab" data-bs-target="#${group.id?html}" type="button" role="tab" aria-controls="${group.id?html}" aria-selected="false">${group.label?html}</a>
 		</li>
 </#macro>
 
@@ -309,12 +313,12 @@ ${headScripts.add('<script type="text/javascript" src="${urls.base}/bootstrap-5.
 		<#return>
 	</#if>
 		<li class="filter-tab">
-			<a data-toggle="tab" class="nav-link" href="#${filter.id}" id="${filter.id}-tab" data-bs-toggle="tab" data-bs-target="#${filter.id}" type="button" role="tab" aria-controls="${filter.id}" aria-selected="false">${filter.name}</a>
+			<a data-toggle="tab" class="nav-link" href="#${filter.id?html}" id="${filter.id?html}-tab" data-bs-toggle="tab" data-bs-target="#${filter.id?html}" type="button" role="tab" aria-controls="${filter.id?html}" aria-selected="false">${filter.name?html}</a>
 		</li>
 </#macro>
 
 <#macro printFilterValues filter assignedActive isEmptySearch>
-		<div id="${filter.id}" class="tab-pane fade filter-area">
+		<div id="${filter.id?html}" class="tab-pane fade filter-area">
 			<#if filter.id == "querytext">
 			<#-- skip query text filter -->
 			<#elseif filter.type == "RangeFilter">
@@ -355,22 +359,22 @@ ${headScripts.add('<script type="text/javascript" src="${urls.base}/bootstrap-5.
 	<#assign from = filter.fromYear >
 	<#assign to = filter.toYear >
 
-	<div class="range-filter" id="${filter.id}" class="tab-pane fade filter-area">
-		<div class="range-slider-container" min="${filter.min}" max="${filter.max}">
+	<div class="range-filter" id="${filter.id?html}" class="tab-pane fade filter-area">
+		<div class="range-slider-container" min="${filter.min?html}" max="${filter.max?html}">
 			<div class="range-slider"></div>
 			${i18n().from}
 			<#if from?has_content>
-				<div class="range-slider-start">${from}</div>
+				<div class="range-slider-start">${from?html}</div>
 			<#else>
-				<div class="range-slider-start">${min}</div>
+				<div class="range-slider-start">${min?html}</div>
 			</#if>
 			${i18n().to}
 			<#if to?has_content>
-				<div class="range-slider-end">${to}</div>
+				<div class="range-slider-end">${to?html}</div>
 			<#else>
-				<div class="range-slider-end">${max}</div>
+				<div class="range-slider-end">${max?html}</div>
 			</#if>
-			<input form="search-form" id="filter_range_${filter.id}" style="display:none;" class="range-slider-input" name="filter_range_${filter.id}" value="${filter.rangeInput}"/>
+			<input form="search-form" id="filter_range_${filter.id?html}" style="display:none;" class="range-slider-input" name="filter_range_${filter.id?html}" value="${filter.rangeInput?html}"/>
 		</div>
 	</div>
 </#macro>
@@ -381,7 +385,7 @@ ${headScripts.add('<script type="text/javascript" src="${urls.base}/bootstrap-5.
 	<#if !filter.localizationRequired>
 		<#assign label = filter.name + " : " + value.id >
 	</#if>
-	<#return "<label for=\"" + getValueID(filter.id, valueNumber) + "\">" + getValueLabel(label, value.count) + "</label>" />
+	<#return "<label for=\"" + getValueID(filter.id, valueNumber)?html + "\">" + getValueLabel(label, value.count)?html + "</label>" />
 </#function>
 
 <#function getLabel valueID value filter additional=false >
@@ -393,24 +397,24 @@ ${headScripts.add('<script type="text/javascript" src="${urls.base}/bootstrap-5.
 	<#if additional=true>
 		<#assign additionalClass = "additional-search-options hidden-search-option" >
 	</#if>
-	<#return "<label class=\"" + additionalClass + "\" for=\"" + getValueID(filter.id, valueNumber) + "\">" + getValueLabel(label, value.count) + "</label>" />
+	<#return "<label class=\"" + additionalClass + "\" for=\"" + getValueID(filter.id, valueNumber)?html + "\">" + getValueLabel(label, value.count)?html + "</label>" />
 </#function>
 
 
 <#macro userSelectedInput filter>
 	<#if filter.inputText?has_content>
-		<button form="search-form" type="button" id="button_filter_input_${filter.id}" onclick="clearInput('filter_input_${filter.id}')" class="checked-search-input-label">${filter.name} : ${filter.inputText}</button>
+		<button form="search-form" type="button" id="button_filter_input_${filter.id?html}" onclick="clearInput('filter_input_${filter.id?js_string?html}')" class="checked-search-input-label">${filter.name?html} : ${filter.inputText?html}</button>
 	</#if>
 	<#assign from = filter.fromYear >
 	<#assign to = filter.toYear >
 	<#if from?has_content && to?has_content >
 		<#assign range = i18n().from + " " + from + " " + i18n().to + " " + to >
-		<button form="search-form" type="button" id="button_filter_range_${filter.id}" onclick="clearInput('filter_range_${filter.id}')" class="checked-search-input-label">${filter.name} : ${range}</button>
+		<button form="search-form" type="button" id="button_filter_range_${filter.id?html}" onclick="clearInput('filter_range_${filter.id?js_string?html}')" class="checked-search-input-label">${filter.name?html} : ${range?html}</button>
 	</#if>
 </#macro>
 
 <#macro createUserInput filter>
-	<input form="search-form" id="filter_input_${filter.id}"  placeholder="${i18n().search_field_placeholder}" class="search-vivo" type="text" name="filter_input_${filter.id}" value="${filter.inputText}" autocapitalize="none" />
+	<input form="search-form" id="filter_input_${filter.id?html}"  placeholder="${i18n().search_field_placeholder}" class="search-vivo" type="text" name="filter_input_${filter.id?html}" value="${filter.inputText?html}" autocapitalize="none" />
 </#macro>
 
 <#function getInput filter filterValue valueID valueNumber>
@@ -429,7 +433,7 @@ ${headScripts.add('<script type="text/javascript" src="${urls.base}/bootstrap-5.
 		<#assign filterName = filterName + "_" + valueNumber >
 	</#if>
 
-	<#return "<input form=\"search-form\" type=\"" + type + "\" id=\"" + valueID?html + "\"  value=\"" + filter.id + ":" + filterValue.id 
+	<#return "<input form=\"search-form\" type=\"" + type + "\" id=\"" + valueID?html + "\"  value=\"" + filter.id?html + ":" + filterValue.id?html 
 		+ "\" name=\"filters_" + valueID?html + "\" style=\"display:none;\" " + checked + "\" class=\"" + class + "\" >" />
 </#function>
 
diff --git a/webapp/src/main/webapp/templates/freemarker/page/partials/search.ftl b/webapp/src/main/webapp/templates/freemarker/page/partials/search.ftl
index 159a41c65e..87b843ebff 100644
--- a/webapp/src/main/webapp/templates/freemarker/page/partials/search.ftl
+++ b/webapp/src/main/webapp/templates/freemarker/page/partials/search.ftl
@@ -3,7 +3,7 @@
 <div id="searchBlock">
     <form id="searchForm" action="${urls.search}" accept-charset="UTF-8" method="GET">
         <label for="search">${i18n().search_button}</label>
-        <input type="text" name="querytext" id="filter_input_querytext" class="search-form-item" value="${querytext!}" size="20" autocapitalize="off" />
+        <input type="text" name="querytext" id="filter_input_querytext" class="search-form-item" value="${querytext!?html}" size="20" autocapitalize="off" />
         <input class="search-form-submit" name="submit" type="submit"  value="${i18n().search_button}" />
     </form>
 </div> <!-- end searchBlock -->
diff --git a/webapp/src/main/webapp/themes/vitro/templates/search.ftl b/webapp/src/main/webapp/themes/vitro/templates/search.ftl
index f69eb809c8..dd509302e4 100644
--- a/webapp/src/main/webapp/themes/vitro/templates/search.ftl
+++ b/webapp/src/main/webapp/themes/vitro/templates/search.ftl
@@ -6,7 +6,7 @@
 
         <form id="search-form" action="${urls.search}" name="search" role="search" accept-charset="UTF-8" method="GET">
             <div id="search-field">
-                <input type="text" id="filter_input_querytext" name="querytext" class="search-vitro" value="${querytext!}" autocapitalize="off" />
+                <input type="text" id="filter_input_querytext" name="querytext" class="search-vitro" value="${querytext!?html}" autocapitalize="off" />
                 <input type="submit" value="${i18n().search_button}" class="search">
             </div>
         </form>