Presentation
advertisement
Using Social Semantic Web Data for Privacy Policies Presentation of the Bachelor Thesis Emily Kigel Overview • Motivation: Privacy on the Social Web Why Privacy Protection? How It is Now How It could be • Contributions • Social Semantic Web Data for Policy Reasoning Policy-Based Access Control Policy Specification using Social Semantic Web Data • Implementation The Policy Framework Protune Including Social Semantic Web Data into Protune SPoX- a Use Case • Conclusions 2 Social Web Why Privacy Protection? 3 Unintended Dislosure 4 Information Overload chat messages received poked Private message s Comment s on personal data Posts on the Wall Tagged in photos Updates in groups Blog posts 5 Why Privacy Protection? • • • • Uncontrolled information disclosure Personal and sensitive data Invisible audience Different parts of the social environment of user dissolve Employers, job recruiters, collegues, family, etc. • Information overload 6 Privacy Protection How It is Now 7 Privacy Protection How It is Now • • • • Checkboxes Pre-defined Static Binary options 8 Privacy Protection How It is Now • Social Web applications – like islands • No external data integration in privacy settings possible hence, no usage of distributed (personal) Social data possible 9 Privacy Protection How It could be 10 Privacy Protection How It could be • Family pictures accessible by family and close friends (-> Flickr and Facebook) • Landscape pictures additionally accessible by Flickr group „France landscape“ Family.jpg Bob Landscape.jpg 11 Contributions of this thesis • Analysis of privacy settings of nowadays Social Web applications • Fine-grained privacy protection: Arbitrary access control decisions based on user preferences • Crossing boundaries of nowadays Social Web applications Exploiting Social Semantic Web data from various web information sources • Implementation using a policy language and integration into SPoX 12 Policy-Based Access Control 13 Privacy Policy for acces control allow(access(File, User)) isFamilyOrFriend(User), familyPicture(File). • Facts: isFamilyOrFriend(Tom), familyPicture(Dinner.jpg) • Goal: allow(access(File, User)) • Evaluation of goal successful/ unsuccessful -> access allowed/ denied 14 Policy-Based Access Control What are policies? • • • • • • Define behaviour of a system Base decisions on specific conditions Well-defined statements Typically declarative rules Formal syntax Different Types: Business rules Security and privacy rules 15 Policy Specification using Social Semantic Web Data 16 Policy Specification using Social Semantic Web Data • Extending policy specification process • Using external information sources • Incorporation of Social Semantic Web data; Retrieving data Including and combining data for privacy policies • Definition of social relationships and properties of requester • Conditions for access: Information beyond one Social Web application 17 Data Sources for Policy Decisions 1. Proprietary Social Web data Social Web applications Personal information provided by user User‘s social network User- generated content Data produced through active participation Open interfaces 2. Semantic Web data SPARQL endpoints Social Semantic Web data FOAF profiles Exporters of Social data from Social Web applications 18 The Definition of Concepts 19 The Definition of Concepts • • • • Categorize people Create appropriate groups Using concepts as conditions in policies A concept in Protune policy: MyFriendsFromUniversity(Person) 20 Example of a Concept isMyFriend(Person) isFriendOnFacebook(Person). isMyFriend(Person) isFriendOnFlickr(Person). isMyFriend(Person) isFriendOnTwitter(Person). 21 Bob‘s policy for holiday photos allow(access(Photo, User)) isTagged(Photo, `private´), familyAndCloseFriends(User). allow(access(Photo, User)) isTagged(Photo, `France´), isMyFriend(User). allow(access(Photo, User)) isTagged(Photo; `France´), isMemberInFlickrGroup(User, ``France Landscape´´). 22 Implementation The Policy Framework Protune 23 Protune Framework • Automates the policy evaluation and decision process • Communicates with environment • Enforces policies • Checks whether policy is satisfied • Permits / denies access 24 Protune Framework Architecture Social Semantic Web data Execution Handler: In charge of handling packages for external data. packages Wrappers 25 Implementation The IN- Predicate Using external information in policies: isFriendOnTwitter(Person) in([Person], twitterquery: isTwitterFriend("user_name")). 26 Including Social Semantic Web Data into Protune • Twitter API – Social Web data • Sparql endpoints (DBpedia, DBLP) – Semantic Web data • FOAF files (Flickr exporter) – Social Semantic Web data 27 SPARQL Endpoint Wrapper • • • • • Import of data in RDF format Access via SPARQL endpoints Processes SELECT queries DBpedia Wrapper DBLP Wrapper Is requester co-author of resource provider? Example policy isCoAuthor(Person) in([Person], dblpEndpoint: areCoAuthorsByRealName(``Won Kim´´, ``William Kelley´´)). 28 RDF Wrapper • Queries RDF files • Needs URL of FOAF profile • Example policy: isMyFOAFfriend(Person) in([Person], foafQuery: isPersonFriend(``John Smith´´, ``http://website.com/public/foaf.rdf´´)). • Flickr Wrapper Uses the Flickr exporter 29 Twitter Wrapper Queries Twitter Twitter API Protune needs access to Twitter account Authentication on Twitter- OAuth Example policy isMyTwitterFriend(Person) in([Person], twitterquery: isMemberOfFriendsList("user_name")). 30 SPoX- a Use Case • Integration of Protune into SPoX • Enforces policies upon Skype • Incorporates Social Semantic Web data • Privacy settings beyond boundaries of Skype • E.g. Only Flickr and Twitter friends can call on weekends 31 SPoX- a Use Case 32 Conclusion • Insufficient privacy settings of nowadays Social Web applications • Introduction of policy-based access control • Extending policy specification with Social Semantic Web data • Result: fine-grained privacy protection • Implementation using Protune and integration into SPoX Thank you for your attention. 33
