This document introduces a privacy preference manager for the social semantic web. It proposes a lightweight vocabulary called PPO for defining fine-grained privacy preferences over RDF data. PPO allows users to specify restrictions on what information is shared, conditions on when it is shared, access control privileges, and SPARQL queries to test requesters. The privacy preference manager applies these preferences to filter a user's FOAF profile when another user requests to view it. Future work aims to extend PPO's expressiveness and the manager's functionality.
A Privacy Preference Manager for the Social Semantic Web
1. Digital Enterprise Research Institute www.deri.ie
A Privacy Preference Manager for
the Social Semantic Web
Owen Sacco and Alexandre Passant
firstname.lastname@deri.org
SPIM 2011 – Bonn, Germany Monday 24th October 2011
Copyright 2011 Digital Enterprise Research Institute. All rights reserved.
Enabling Networked Knowledge
2. Introduction
Digital Enterprise Research Institute www.deri.ie
Increase in shared personal information on the Social
Web raised awareness about privacy
Enabling Networked Knowledge
3. Introduction
Digital Enterprise Research Institute www.deri.ie
Recent Study1 shows:
Privacy became a concern in Social Networks (SN) when private
news was publicly shared
SNs provided third party with user’s information
Most users are aware of privacy settings and have set them at
least since 2009
1Danah Boyd and EszterHargittai. Facebook privacy settings. Who cares? First Monday. August 2010.
Enabling Networked Knowledge
4. Current Limitations
Digital Enterprise Research Institute www.deri.ie
Social Web applications provide system default privacy
settings
Enabling Networked Knowledge
5. Use Case
Digital Enterprise Research Institute www.deri.ie
A FOAF based Social Network Network
Protecting a FOAF based Social
Users feel more confident to publish their information
Users would be in full control
– Which specific information can be shared and to whom
Granting access based on interest and not only to friends in
contact lists
– Eg: Provide my phone number only to DERI colleagues without
being in a friend or group list called DERI
Enabling Networked Knowledge
6. PPO Overview
Digital Enterprise Research Institute www.deri.ie
A light weight vocabulary for defining fine-grained
privacy preferences for RDF data
A privacy preference contains:
Which resource, statement or graph must be restricted
A condition that must be satisfied
The access control privilege (defined using WAC)
A SPARQL query that tests whether a user requesting
information matches a graph pattern
Enabling Networked Knowledge
7. PPO Overview
Digital Enterprise Research Institute www.deri.ie
ppo:PrivacyPreference ppo:hasAccessSpace ppo:AccessSpace ppo:hasAccessQuery
This
rdfs:Literal
rdfs:Literal represents a
SPARQL
query as a
String.
ppo:appliesToResource ppo:appliesToStatement ppo:appliesToNamedGraph ppo:hasCondition
ppo:hasAccess
rdfs:Resource rdf:Statement trix:Graph ppo:Condition
acl:Access
ppo:resourceAsSubject ppo:resourceAsObject ppo:classAsSubject ppo:classAsObject ppo:hasLiteral ppo:hasProperty
rdf:Propert
rdfs:Resource rdfs:Resource rdfs:Class rdfs:Class rdfs:Literal
y
Restrictions Conditions Access Test Queries Access Control Privileges
Enabling Networked Knowledge
8. PPO Overview
Digital Enterprise Research Institute www.deri.ie
Example:
Provide my phone number only to DERI colleagues
PREFIX ppo: <http://vocab.deri.ie/ppo#> .
PREFIX ex: <http://example.org/> .
ex:pp1 a ppo:PrivacyPreference;
ppo:hasCondition
[ ppo:hasPropertyfoaf:phone ];
ppo:hasAccessacl:Read;
ppo:hasAccessSpace
[ ppo:hasAccessQuery
"ASK {?xfoaf:workplaceHomepage<http://www.deri.ie>}"].
Enabling Networked Knowledge
9. PPO Formal Model
Digital Enterprise Research Institute www.deri.ie
Definition 1: Restrictions
Resource
– Identified by its own URI
∀St(AssignAccess(U,A) ∧ (Subject(U,St) ∨ Predicate(U,St) ∨
Object(U,St)) ⇒ AssignAccess(St,A))
Statement
– Consists of <subject, predicate, object>
∀St((AssignAccess(S,A) ∧ AssignAccess(P,A) ∧
AssignAccess(O,A)) ∧ (Subject(S,St) ∧ Predicate(P,St) ∧
Object(O,St)) ⇒ AssignAccess(St,A))
Enabling Networked Knowledge
10. PPO Formal Model
Digital Enterprise Research Institute www.deri.ie
Named Graph
– A name denoted by a URI
– A set of statements mapped to this name
∀St(AssignAccess(NG,A) ∧ RDFGraph(St,NG) ⇒
AssignAccess(St,A))
Enabling Networked Knowledge
11. PPO Formal Model
Digital Enterprise Research Institute www.deri.ie
Definition 2: Conditions
Resource As Subject
– A resource’s URI identified as a statement’s Subject
∀St(AssignAccess(U,A) ∧ Subject(U,St) ⇒ AssignAccess(St,A))
Resource As Object
– A resource’s URI identified as a statement’s Object
∀St(AssignAccess(U,A) ∧ Object(U,St) ⇒ AssignAccess(St,A))
Enabling Networked Knowledge
12. PPO Formal Model
Digital Enterprise Research Institute www.deri.ie
Class As Subject
– An instance of a class defined as a statement’s Subject
∀St(AssignAccess(C,A) ∧ RDFType(U,C) ∧ Subject(U,St) ⇒
AssignAccess(St,A))
Class As Object
– An instance of a class defined as a statement’s Object
∀St(AssignAccess(C,A) ∧ RDFType(U,C) ∧ Object(U,St) ⇒
AssignAccess(St,A))
Enabling Networked Knowledge
13. PPO Formal Model
Digital Enterprise Research Institute www.deri.ie
Definition 3: Access Control Privilege
An access control privilege defines the read and/or write
privilege
AccessControl = {read,write}
Definition 4: Access Space
Contains an access query that checks if a requester satisfies
specific attributes
AccessSpace = {accessquery1, ..., accessqueryn}
Enabling Networked Knowledge
14. PPO Formal Model
Digital Enterprise Research Institute www.deri.ie
Definition 5: A Privacy Preference
The set of all: Restrictions, Conditions, AccessControl and
AccessSpace
PrivacyPreference ⊆ Restrictions ∪ Conditions ∪
AccessControl ∪ AccessSpace
Enabling Networked Knowledge
15. PPO Formal Model
Digital Enterprise Research Institute www.deri.ie
Definition 6: Applying Privacy Preferences
A requester requests personal information
This request is matched to the correct privacy preference
– i.e. the restrictions
∀P((Statement(St,P) ∨ Resource(R,P) ∨ NamedGraph(NG,P)) ⇒
ApplyPrivacyPreference(P))
A mapping is done between the restricted statements (RS) and
the condition statements (CS)
M : RestrictedStatements(RS) →ConditionStatements(CS)
Enabling Networked Knowledge
16. PPO Formal Model
Digital Enterprise Research Institute www.deri.ie
If M = false THEN ¬ApplyPrivacyPreference(P)
If ApplyPrivacyPreference(P), AccessSpace(Q) is executed on
the requester’s information
If AccessSpace(Q) = true THEN AccessControl(A) is granted to
the requester
Enabling Networked Knowledge
17. MyPrivacyManager
Digital Enterprise Research Institute www.deri.ie
MyPrivacyManager provides two main tasks:
A user creates his/her privacy preferences
A requester logs in to the other user’s MyPrivacyManager which
in turn will view a faceted profile
– filtered based on the privacy preferences
User A
MyPrivacy Manager
WebID
Private FOAF Profile
User B
Privacy
Requester
Preferences
Enabling Networked Knowledge
18. MyPrivacyManager
Digital Enterprise Research Institute www.deri.ie
foafssl.org
WebID Authentication Service
Social Semantic Data
SSL Certificate Confirmation Request RDF DATA
MyPrivacyManager
WebID FOAF URI RDF Data Retriever &
Authenticator Parser
SSL Certificate Confirmation FOAF
Privacy Preferences
Privacy
Privacy Enforcer
Logs In Preferences
Preferences
User
Interface
Created Created
User Privacy Preferences
Privacy Created
Privacy Privacy
Creator
Preferences Preferences
Privacy Preferences
Preferences
Enabling Networked Knowledge
20. MyPrivacyManager
Digital Enterprise Research Institute www.deri.ie
PREFIX ppo: <http://vocab.deri.ie/ppo#> .
PREFIX ex: <http://vmuss13.deri.ie/> . Provenance
ex:preference1 a ppo:PrivacyPreference; Information
foaf:maker<http://foaf.me/ppm_usera#me>; Restrictions
dc:title "Restricting access to my personal information”;
dc:created "2011-06-01T13:32:59+02:00”;
ppo:appliesToStatement :Statement1;
:Statement1
rdf:subject<http://vmuss13.deri.ie/foafprofiles/terraces#me>;
rdf:predicate<http://xmlns.com/foaf/0.1/name>;
rdf:object "Alexandre Passant”;
ppo:appliesToStatement :Statement2;
:Statement2
rdf:subject<http://vmuss13.deri.ie/foafprofiles/terraces#me>;
rdf:predicate<http://xmlns.com/foaf/0.1/nick>;
rdf:object "terraces”;
Access Space
Access Control Privilege
ppo:assignAccess acl:Read;
ppo:hasAccessSpace [
ppo:hasAccessQuery "ASK { ?xfoaf:workplaceHomepage<http://www.deri.ie> }"].
Enabling Networked Knowledge
21. MyPrivacyManager
Digital Enterprise Research Institute www.deri.ie
FOAF Profiles
foafssl.org
WebID Authentication Service
User B
User A
User A
SSL Certificate Confirmation Request RDF DATA
Request RDF DATA
MyPrivacyManager
WebID RDF Data Retriever &
Authenticator Parser
SSL Certificate Confirmation Query AccessQuery Result
RDF Data
Request Query
Privacy Preferences
Privacy
Enforcer
(Requester) Filtered Privacy Preferences
Logs In
User FOAF Data Preference
Interface
Filtered
User B Privacy Preferences
FOAF
Creator
Profile
Enabling Networked Knowledge
22. Future Work
Digital Enterprise Research Institute www.deri.ie
Extending PPO:
Conjunctive and disjunctive properties for Conditions
Specify the type of environment, i.e. closed or open environment
Cater for more fuzziness in privacy preferences
– Example: Allow access to my party invite to all those that live (have
coordinates) around Galway
Extending MyPrivacyManager:
Grouping of interests under categories
Assert trustworthiness of source and requester’s data
Enabling Networked Knowledge
23. Links
Digital Enterprise Research Institute www.deri.ie
PPO Namespace URI: http://vocab.deri.ie/ppo#
Screencasts
Creating Privacy Preferences: http://bit.ly/p0N1Vi
Viewing Filtered FOAF Profiles: http://bit.ly/qiAdxT
Enabling Networked Knowledge