Your SlideShare is downloading. ×
0
A Privacy Preference Manager for the Social Semantic Web
A Privacy Preference Manager for the Social Semantic Web
A Privacy Preference Manager for the Social Semantic Web
A Privacy Preference Manager for the Social Semantic Web
A Privacy Preference Manager for the Social Semantic Web
A Privacy Preference Manager for the Social Semantic Web
A Privacy Preference Manager for the Social Semantic Web
A Privacy Preference Manager for the Social Semantic Web
A Privacy Preference Manager for the Social Semantic Web
A Privacy Preference Manager for the Social Semantic Web
A Privacy Preference Manager for the Social Semantic Web
A Privacy Preference Manager for the Social Semantic Web
A Privacy Preference Manager for the Social Semantic Web
A Privacy Preference Manager for the Social Semantic Web
A Privacy Preference Manager for the Social Semantic Web
A Privacy Preference Manager for the Social Semantic Web
A Privacy Preference Manager for the Social Semantic Web
A Privacy Preference Manager for the Social Semantic Web
A Privacy Preference Manager for the Social Semantic Web
A Privacy Preference Manager for the Social Semantic Web
A Privacy Preference Manager for the Social Semantic Web
A Privacy Preference Manager for the Social Semantic Web
A Privacy Preference Manager for the Social Semantic Web
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

A Privacy Preference Manager for the Social Semantic Web

702

Published on

Current Social Web applications provide users with means to easily publish their personal information on the Web. However, once published, users cannot control how their data can be accessed apart …

Current Social Web applications provide users with means to easily publish their personal information on the Web. However, once published, users cannot control how their data can be accessed apart from applying generic preferences (such as “friends” or “family”). In this paper, we describe how we enable finer-grained privacy preferences using the Privacy Preference Ontology (PPO); a light-weight vocabulary for defining privacy settings on the Social Web. In particular, we describe the formal semantic model of PPO and also present MyPrivacyManager, a privacy preference manager that let users (1) create privacy preferences using the aforementioned ontology and (2) restrict access to their data to third-party users based on profile features such as interests, relationships and common attributes.

Published in: Education, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
702
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
11
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Digital Enterprise Research Institute www.deri.ie A Privacy Preference Manager for the Social Semantic Web Owen Sacco and Alexandre Passant firstname.lastname@deri.org SPIM 2011 – Bonn, Germany Monday 24th October 2011 Copyright 2011 Digital Enterprise Research Institute. All rights reserved. Enabling Networked Knowledge
  • 2. IntroductionDigital Enterprise Research Institute www.deri.ie  Increase in shared personal information on the Social Web raised awareness about privacy Enabling Networked Knowledge
  • 3. IntroductionDigital Enterprise Research Institute www.deri.ie  Recent Study1 shows:  Privacy became a concern in Social Networks (SN) when private news was publicly shared  SNs provided third party with user’s information  Most users are aware of privacy settings and have set them at least since 2009 1Danah Boyd and EszterHargittai. Facebook privacy settings. Who cares? First Monday. August 2010. Enabling Networked Knowledge
  • 4. Current LimitationsDigital Enterprise Research Institute www.deri.ie  Social Web applications provide system default privacy settings Enabling Networked Knowledge
  • 5. Use CaseDigital Enterprise Research Institute www.deri.ie  A FOAF based Social Network Network Protecting a FOAF based Social  Users feel more confident to publish their information  Users would be in full control – Which specific information can be shared and to whom  Granting access based on interest and not only to friends in contact lists – Eg: Provide my phone number only to DERI colleagues without being in a friend or group list called DERI Enabling Networked Knowledge
  • 6. PPO OverviewDigital Enterprise Research Institute www.deri.ie  A light weight vocabulary for defining fine-grained privacy preferences for RDF data  A privacy preference contains:  Which resource, statement or graph must be restricted  A condition that must be satisfied  The access control privilege (defined using WAC)  A SPARQL query that tests whether a user requesting information matches a graph pattern Enabling Networked Knowledge
  • 7. PPO OverviewDigital Enterprise Research Institute www.deri.ie ppo:PrivacyPreference ppo:hasAccessSpace ppo:AccessSpace ppo:hasAccessQuery This rdfs:Literal rdfs:Literal represents a SPARQL query as a String.ppo:appliesToResource ppo:appliesToStatement ppo:appliesToNamedGraph ppo:hasCondition ppo:hasAccess rdfs:Resource rdf:Statement trix:Graph ppo:Condition acl:Accessppo:resourceAsSubject ppo:resourceAsObject ppo:classAsSubject ppo:classAsObject ppo:hasLiteral ppo:hasProperty rdf:Propert rdfs:Resource rdfs:Resource rdfs:Class rdfs:Class rdfs:Literal yRestrictions Conditions Access Test Queries Access Control Privileges Enabling Networked Knowledge
  • 8. PPO OverviewDigital Enterprise Research Institute www.deri.ie  Example:  Provide my phone number only to DERI colleagues PREFIX ppo: <http://vocab.deri.ie/ppo#> . PREFIX ex: <http://example.org/> . ex:pp1 a ppo:PrivacyPreference; ppo:hasCondition [ ppo:hasPropertyfoaf:phone ]; ppo:hasAccessacl:Read; ppo:hasAccessSpace [ ppo:hasAccessQuery "ASK {?xfoaf:workplaceHomepage<http://www.deri.ie>}"]. Enabling Networked Knowledge
  • 9. PPO Formal ModelDigital Enterprise Research Institute www.deri.ie  Definition 1: Restrictions  Resource – Identified by its own URI ∀St(AssignAccess(U,A) ∧ (Subject(U,St) ∨ Predicate(U,St) ∨ Object(U,St)) ⇒ AssignAccess(St,A))  Statement – Consists of <subject, predicate, object> ∀St((AssignAccess(S,A) ∧ AssignAccess(P,A) ∧ AssignAccess(O,A)) ∧ (Subject(S,St) ∧ Predicate(P,St) ∧ Object(O,St)) ⇒ AssignAccess(St,A)) Enabling Networked Knowledge
  • 10. PPO Formal ModelDigital Enterprise Research Institute www.deri.ie  Named Graph – A name denoted by a URI – A set of statements mapped to this name ∀St(AssignAccess(NG,A) ∧ RDFGraph(St,NG) ⇒ AssignAccess(St,A)) Enabling Networked Knowledge
  • 11. PPO Formal ModelDigital Enterprise Research Institute www.deri.ie  Definition 2: Conditions  Resource As Subject – A resource’s URI identified as a statement’s Subject ∀St(AssignAccess(U,A) ∧ Subject(U,St) ⇒ AssignAccess(St,A))  Resource As Object – A resource’s URI identified as a statement’s Object ∀St(AssignAccess(U,A) ∧ Object(U,St) ⇒ AssignAccess(St,A)) Enabling Networked Knowledge
  • 12. PPO Formal ModelDigital Enterprise Research Institute www.deri.ie  Class As Subject – An instance of a class defined as a statement’s Subject ∀St(AssignAccess(C,A) ∧ RDFType(U,C) ∧ Subject(U,St) ⇒ AssignAccess(St,A))  Class As Object – An instance of a class defined as a statement’s Object ∀St(AssignAccess(C,A) ∧ RDFType(U,C) ∧ Object(U,St) ⇒ AssignAccess(St,A)) Enabling Networked Knowledge
  • 13. PPO Formal ModelDigital Enterprise Research Institute www.deri.ie  Definition 3: Access Control Privilege  An access control privilege defines the read and/or write privilege AccessControl = {read,write}  Definition 4: Access Space  Contains an access query that checks if a requester satisfies specific attributes AccessSpace = {accessquery1, ..., accessqueryn} Enabling Networked Knowledge
  • 14. PPO Formal ModelDigital Enterprise Research Institute www.deri.ie  Definition 5: A Privacy Preference  The set of all: Restrictions, Conditions, AccessControl and AccessSpace PrivacyPreference ⊆ Restrictions ∪ Conditions ∪ AccessControl ∪ AccessSpace Enabling Networked Knowledge
  • 15. PPO Formal ModelDigital Enterprise Research Institute www.deri.ie  Definition 6: Applying Privacy Preferences  A requester requests personal information  This request is matched to the correct privacy preference – i.e. the restrictions ∀P((Statement(St,P) ∨ Resource(R,P) ∨ NamedGraph(NG,P)) ⇒ ApplyPrivacyPreference(P))  A mapping is done between the restricted statements (RS) and the condition statements (CS) M : RestrictedStatements(RS) →ConditionStatements(CS) Enabling Networked Knowledge
  • 16. PPO Formal ModelDigital Enterprise Research Institute www.deri.ie  If M = false THEN ¬ApplyPrivacyPreference(P)  If ApplyPrivacyPreference(P), AccessSpace(Q) is executed on the requester’s information  If AccessSpace(Q) = true THEN AccessControl(A) is granted to the requester Enabling Networked Knowledge
  • 17. MyPrivacyManagerDigital Enterprise Research Institute www.deri.ie  MyPrivacyManager provides two main tasks:  A user creates his/her privacy preferences  A requester logs in to the other user’s MyPrivacyManager which in turn will view a faceted profile – filtered based on the privacy preferences User A MyPrivacy Manager WebID Private FOAF Profile User B Privacy Requester Preferences Enabling Networked Knowledge
  • 18. MyPrivacyManagerDigital Enterprise Research Institute www.deri.ie foafssl.org WebID Authentication Service Social Semantic Data SSL Certificate Confirmation Request RDF DATA MyPrivacyManager WebID FOAF URI RDF Data Retriever & Authenticator Parser SSL Certificate Confirmation FOAF Privacy Preferences Privacy Privacy Enforcer Logs In Preferences Preferences User Interface Created Created User Privacy Preferences Privacy Created Privacy Privacy Creator Preferences Preferences Privacy Preferences Preferences Enabling Networked Knowledge
  • 19. MyPrivacyManagerDigital Enterprise Research Institute Attributes www.deri.ie which aFOAF requester must satisfy (AccessQuery ) Enabling Networked Knowledge
  • 20. MyPrivacyManagerDigital Enterprise Research Institute www.deri.ie PREFIX ppo: <http://vocab.deri.ie/ppo#> . PREFIX ex: <http://vmuss13.deri.ie/> . Provenance ex:preference1 a ppo:PrivacyPreference; Information foaf:maker<http://foaf.me/ppm_usera#me>; Restrictions dc:title "Restricting access to my personal information”; dc:created "2011-06-01T13:32:59+02:00”; ppo:appliesToStatement :Statement1; :Statement1 rdf:subject<http://vmuss13.deri.ie/foafprofiles/terraces#me>; rdf:predicate<http://xmlns.com/foaf/0.1/name>; rdf:object "Alexandre Passant”; ppo:appliesToStatement :Statement2; :Statement2 rdf:subject<http://vmuss13.deri.ie/foafprofiles/terraces#me>; rdf:predicate<http://xmlns.com/foaf/0.1/nick>; rdf:object "terraces”; Access Space Access Control Privilege ppo:assignAccess acl:Read; ppo:hasAccessSpace [ ppo:hasAccessQuery "ASK { ?xfoaf:workplaceHomepage<http://www.deri.ie> }"]. Enabling Networked Knowledge
  • 21. MyPrivacyManagerDigital Enterprise Research Institute www.deri.ie FOAF Profiles foafssl.org WebID Authentication Service User B User A User A SSL Certificate Confirmation Request RDF DATA Request RDF DATA MyPrivacyManager WebID RDF Data Retriever & Authenticator Parser SSL Certificate Confirmation Query AccessQuery Result RDF Data Request Query Privacy Preferences Privacy Enforcer(Requester) Filtered Privacy Preferences Logs In User FOAF Data Preference Interface Filtered User B Privacy Preferences FOAF Creator Profile Enabling Networked Knowledge
  • 22. Future WorkDigital Enterprise Research Institute www.deri.ie  Extending PPO:  Conjunctive and disjunctive properties for Conditions  Specify the type of environment, i.e. closed or open environment  Cater for more fuzziness in privacy preferences – Example: Allow access to my party invite to all those that live (have coordinates) around Galway  Extending MyPrivacyManager:  Grouping of interests under categories  Assert trustworthiness of source and requester’s data Enabling Networked Knowledge
  • 23. LinksDigital Enterprise Research Institute www.deri.ie  PPO Namespace URI: http://vocab.deri.ie/ppo#  Screencasts  Creating Privacy Preferences: http://bit.ly/p0N1Vi  Viewing Filtered FOAF Profiles: http://bit.ly/qiAdxT Enabling Networked Knowledge

×