Designing For Privacy Safe Data Sharing, via Semantic Web Architecture (a sketch)
A Privacy Preference Manager for the Social Semantic Web
-
Upload
owen-sacco -
Category
Education
-
view
114 -
download
0
description
Transcript of A Privacy Preference Manager for the Social Semantic Web
Copyright 2011 Digital Enterprise Research Institute. All rights reserved.
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
A Privacy Preference Manager for the Social
Semantic WebOwen Sacco and Alexandre Passant
[email protected] 2011 – Bonn, Germany Monday 24th October 2011
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
Introduction
Increase in shared personal information on the Social Web raised awareness about privacy
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
Introduction
Recent Study1 shows:
Privacy became a concern in Social Networks (SN) when private news was publicly shared
SNs provided third party with user’s information
Most users are aware of privacy settings and have set them at least since 2009
1Danah Boyd and Eszter Hargittai. Facebook privacy settings. Who cares? First Monday. August 2010.
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
Current Limitations
Social Web applications provide system default privacy settings
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
Use Case
A FOAF based Social Network
Users feel more confident to publish their information
Users would be in full control– Which specific information can be shared and to whom
Granting access based on interest and not only to friends in contact lists
– Eg: Provide my phone number only to DERI colleagues without being in a friend or group list called DERI
Protecting a FOAF based Social Network
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
PPO Overview
A light weight vocabulary for defining fine-grained privacy preferences for RDF data
A privacy preference contains: Which resource, statement or graph must be restricted A condition that must be satisfied The access control privilege (defined using WAC) A SPARQL query that tests whether a user requesting
information matches a graph pattern
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
PPO Overview
ppo:PrivacyPreference
ppo:hasLiteral
rdfs:Literal
rdfs:Resource
ppo:appliesToResource
rdf:Statement trix:Graph
ppo:AccessSpaceppo:hasAccessSpace
ppo:appliesToStatement ppo:appliesToNamedGraph
ppo:hasAccessQuery
ppo:Condition
rdf:Property
ppo:hasPropertyppo:classAsObjectppo:classAsSubjectppo:resourceAsObject
acl:Access
ppo:hasAccess
ppo:resourceAsSubject
ppo:hasCondition
Restrictions Conditions Access Test Queries Access Control Privileges
rdfs:Resource rdfs:Resource rdfs:Class rdfs:Class
rdfs:Literal
This rdfs:Literal represents a SPARQL query as a String.
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
Example: Provide my phone number only to DERI colleagues
PPO Overview
PREFIX ppo: <http://vocab.deri.ie/ppo#> .PREFIX ex: <http://example.org/> .
ex:pp1 a ppo:PrivacyPreference;
ppo:hasCondition [ ppo:hasProperty foaf:phone ];
ppo:hasAccess acl:Read;
ppo:hasAccessSpace [ ppo:hasAccessQuery "ASK {?x foaf:workplaceHomepage <http://www.deri.ie>}"].
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
PPO Formal Model
Definition 1: Restrictions Resource
– Identified by its own URI
∀St(AssignAccess(U,A) ∧ (Subject(U,St) ∨ Predicate(U,St) ∨ Object(U,St)) ⇒
AssignAccess(St,A))
Statement– Consists of <subject, predicate, object>
∀St((AssignAccess(S,A) ∧ AssignAccess(P,A) ∧ AssignAccess(O,A)) ∧ (Subject(S,St) ∧
Predicate(P,St) ∧ Object(O,St)) ⇒ AssignAccess(St,A))
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
PPO Formal Model
Named Graph– A name denoted by a URI– A set of statements mapped to this name
∀St(AssignAccess(NG,A) ∧ RDFGraph(St,NG) ⇒ AssignAccess(St,A))
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
PPO Formal Model
Definition 2: Conditions Resource As Subject
– A resource’s URI identified as a statement’s Subject
∀St(AssignAccess(U,A) ∧ Subject(U,St) ⇒ AssignAccess(St,A))
Resource As Object– A resource’s URI identified as a statement’s Object
∀St(AssignAccess(U,A) ∧ Object(U,St) ⇒ AssignAccess(St,A))
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
PPO Formal Model
Class As Subject– An instance of a class defined as a statement’s Subject
∀St(AssignAccess(C,A) ∧ RDFType(U,C) ∧ Subject(U,St) ⇒ AssignAccess(St,A))
Class As Object– An instance of a class defined as a statement’s Object
∀St(AssignAccess(C,A) ∧ RDFType(U,C) ∧ Object(U,St) ⇒ AssignAccess(St,A))
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
PPO Formal Model
Definition 3: Access Control Privilege An access control privilege defines the read and/or write
privilege
AccessControl = {read,write}
Definition 4: Access Space Contains an access query that checks if a requester
satisfies specific attributes
AccessSpace = {accessquery1, ..., accessqueryn}
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
PPO Formal Model
Definition 5: A Privacy Preference The set of all: Restrictions, Conditions, AccessControl
and AccessSpace
PrivacyPreference ⊆ Restrictions ∪ Conditions ∪ AccessControl ∪ AccessSpace
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
PPO Formal Model
Definition 6: Applying Privacy Preferences A requester requests personal information This request is matched to the correct privacy
preference– i.e. the restrictions
∀P((Statement(St,P) ∨ Resource(R,P) ∨ NamedGraph(NG,P)) ⇒ ApplyPrivacyPreference(P))
A mapping is done between the restricted statements (RS) and the condition statements (CS)
M : RestrictedStatements(RS) → ConditionStatements(CS)
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
PPO Formal Model
If M = false THEN ¬ApplyPrivacyPreference(P)
If ApplyPrivacyPreference(P), AccessSpace(Q) is executed on the requester’s information
If AccessSpace(Q) = true THEN AccessControl(A) is granted to the requester
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
MyPrivacyManager provides two main tasks: A user creates his/her privacy preferences A requester logs in to the other user’s
MyPrivacyManager which in turn will view a faceted profile
– filtered based on the privacy preferences
MyPrivacyManager
User BRequester
MyPrivacy ManagerPrivate FOAF Profile
Privacy Preferences
User A
WebID
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
MyPrivacyManager
WebID Authenticato
r
RDF Data Retriever & Parser
Privacy Preferences
Enforcer
Privacy Preferences
Creator
User Interface
Privacy Preferences
WebID Authentication Service
foafssl.org
User
SSL Certificate Confirmation
ConfirmationSSL Certificate
PrivacyPreferences
Created Privacy
Preferences
FOAF URI
Request RDF DATA
FOAF
Logs In
Created Privacy
Preferences
Social Semantic Data
MyPrivacyManager
Privacy Preferences
Created Privacy
Preferences
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
MyPrivacyManager
FOAF
Attributes which a
requester must satisfy
(AccessQuery)
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
MyPrivacyManager
PREFIX ppo: <http://vocab.deri.ie/ppo#> . PREFIX ex: <http://vmuss13.deri.ie/> .
ex:preference1 a ppo:PrivacyPreference;foaf:maker <http://foaf.me/ppm_usera#me>; dc:title "Restricting access to my personal information”;dc:created "2011-06-01T13:32:59+02:00”;
ppo:appliesToStatement :Statement1; :Statement1
rdf:subject <http://vmuss13.deri.ie/foafprofiles/terraces#me>;rdf:predicate <http://xmlns.com/foaf/0.1/name>;rdf:object "Alexandre Passant”;
ppo:appliesToStatement :Statement2; :Statement2
rdf:subject <http://vmuss13.deri.ie/foafprofiles/terraces#me>;rdf:predicate <http://xmlns.com/foaf/0.1/nick>;rdf:object "terraces”;
ppo:assignAccess acl:Read;
ppo:hasAccessSpace [ppo:hasAccessQuery "ASK { ?x foaf:workplaceHomepage <http://www.deri.ie>
}"].
Provenance Information
Restrictions
Access Control PrivilegeAccess Space
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
MyPrivacyManager
WebID Authenticato
r
RDF Data Retriever & Parser
Privacy Preferences
Enforcer
Privacy Preferences
Creator
User Interface
Privacy Preferences
WebID Authentication Service
foafssl.org
User B
SSL Certificate Confirmation
ConfirmationSSL Certificate
Request
Request RDF DATA
Logs In
Filtered FOAF Profile
User B
MyPrivacyManager
User A
Query
PrivacyPreference
Filtered FOAF Data
Query RDF Data
User A
AccessQuery Result
Request RDF DATA
FOAF Profiles
(Requester)
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
Future Work
Extending PPO: Conjunctive and disjunctive properties for Conditions Specify the type of environment, i.e. closed or open
environment Cater for more fuzziness in privacy preferences
– Example: Allow access to my party invite to all those that live (have coordinates) around Galway
Extending MyPrivacyManager: Grouping of interests under categories Assert trustworthiness of source and requester’s data
Digital Enterprise Research Institute www.deri.ie
Enabling Networked Knowledge
Links
PPO Namespace URI: http://vocab.deri.ie/ppo#
Screencasts Creating Privacy Preferences: http://bit.ly/p0N1Vi Viewing Filtered FOAF Profiles: http://bit.ly/qiAdxT