View
0
Download
0
Category
Preview:
Citation preview
SPECIAL (a Scalable Policy-awarE linked data arChitecturefor prIvacy, trAnsparency and compLiance)Axel Polleres, Vienna University of Economics and Business (WU Wien)
MyData 2017, Tallinn/Helsinki
30/08/2017
ProjectLaunch:
Where I am coming from, collaborators…
§ Privacy & Sustainable Computing Lab§ http://www.privacylab.at/§ Launched September 2016, launch event with various important stakeholders:
technologists, standardization, activists…§ Goal: setting new standards in research, education and practice to address ethical
issues in computing.
Prof. Sarah Spiekermann(co-founder)
Prof. AxelPolleres
(co-founder)
Dr. Sabrina Kirrane(Lab co-Director)
Dr. Benjamin Wagner (Lab co-Director)
Where I am coming from, collaborators…
§ Privacy & Sustainable Computing Lab§ http://www.privacylab.at/§ Launched September 2016, launch event with various important stakeholders:
technologists, standardization, activists…§ Goal: setting new standards in research, education and practice to address ethical
issues in computing.
§ What can we bring in here:§ Web Standards
§ Linked Data
§ Ontologies
§ Scalable Data Processing and Querying
Prof. Sarah Spiekermann(co-founder)
Dr. Sabrina Kirrane
(Lab Director)
Prof. AxelPolleres
(co-founder)
PrivacyintheEU:allabouttheupcomingGDPR,Howcanwesupportittechnically?…
2013 2014 2015 2016 2017 2018
Draftoftheregulation7/22/2012
Revisionsinthedraft3/12/2013
DiscussionsintheEUCouncil5/19/2014
EUCouncilfinalisesthechapters8/6/2015
Trilogue starts6/24/2015
Trilogueagrees12/17/2015
Comesintoforce5/15/2018
Data$&$Data$Driven$Services
Regulators
Companies/Service4Providers
Customers/Service4Users
Privacy4Preferences
LegalPolicies
Contracts/Terms4of4use
2017-2019(3years)
TheSPECIALproject:Objectives
§ Policymanagementframework§ Giveuserscontroloftheirpersonaldata§ Representaccess/usagepoliciesandlegislativerequirementsina
machinereadableformat
§ Transparencyandcomplianceframework§ Provideinformationonhowdataisprocessedand withwhomitissharedina
commonformat(RDF)viastandardinterfaces§ Allowsdatasubjectsaswellasregulatorstocheckcompliance(via
automatedreasoning)
§ Scalablepolicy-awareLinkedDataarchitecture§ Buildontopofthe BigDataEurope(BDE)platformscalabilityandelasticity
mechanisms§ ExtendedBDEwithrobustpolicy,transparencyand complianceprotocols
• BigDataEuropescalabilityandelasticity
• PrimeLife policylanguages,accesscontrolpolicies,releasepoliciesanddatahandlingpolicies
Payload'Data
Permissions
Semantifica
tion
Policy'ingestion
Compressio
n'&'Encryption
Persisting'policies'with''data:
“Sticky”'Policies
Policy>aware'Q
uerrying:Data'Subsets/Filtering'Policies
HDT
SPECIAL
APIs
User'Control
Dashboards
SPECIALTechnicalComponents:
SPECIALUseCases:
Anexamplescenario:
Data$&$Data$Driven$Services
Regulators
Companies/Service4Providers
Customers/Service4Users
Privacy4Preferences
LegalPolicies
Contracts/Terms4of4use
BeFit(ActivityTracking &Advertisement)
Sueusesactivitytrackingand
consentstoAds
Data$&$Data$Driven$Services
Regulators
Companies/Service4Providers
Customers/Service4Users
Privacy4Preferences
LegalPolicies
Contracts/Terms4of4use
Sue’sactivitytrackerismalfunctioning
sendsunwantedadbyalocalGymtoSue
Payload'Data
Permissions
Semantifica
tion
Policy'ingestion
Compressio
n'&'Encryption
Persisting'policies'with''data:
“Sticky”'Policies
Policy>aware'Q
uerrying:Data'Subsets/Filtering'PoliciesHDT
SPECIAL
APIs
User'Control
Dashboards
Transparencyledgerrevealsthatthead
wassentaccordingtoSue’sconsent
Policylayer allowsSuetorevokeherconsent
Allherdatagetsautomatically
deletedfromtheGym’sandtheBeFit’s
database
Scalableduetoadistributed
architecturebasedonencrypted,
compressedLinkedDataBeFit
Anexamplescenario:
SPECIALUseCases:
• 6monthsintotheproject:
• RecentPublications:• Self-EnforcingAccessControlforEncryptedLinkedData. JavierD.Fernández,Sabrina
Kirrane,AxelPolleres,andSimonSteyskal.ExtendedSemanticWebConference(ESWC 2017). May 2017
• TransparentPersonalDataProcessing:TheRoadAhead. Piero Bonatti,SabrinaKirrane,AxelPolleres,andRigo Wenning.TELERISE:3rdInternationalWorkshoponTEchnicalandLEgalaspectsofdatapRIvacyandSecurity. Sep 2017
• Nextdeliverablesforthcoming:• D1.3Policy,transparencyandcomplianceguidelines:RequirementsforanOntology
andPolicyLanguageforformalizingandreasoningaboutPoliciesandConsent• D1.4Technicalrequirements: Firstarchitectureblueprint,basedontheBigData-
Europearchitecture(https://www.big-data-europe.eu/)
• Communitybuilding,commonStandardsandBestPractices:PlannedW3CworkshopandCommunitygrouponLinkeddataVocabulariesforTransparencyandPrivacycontrols(plannedforearlyof2018)– Pleasejoinus!
SPECIALResultssofar:
• Self-EnforcingAccessControlforEncryptedLinkedData. JavierD.Fernández,SabrinaKirrane,AxelPolleres,andSimonSteyskal.ExtendedSemanticWebConference(ESWC 2017). May 2017
SPECIALResultssofar:
Payload'Data
Permissions
Semantifica
tion
Policy'ingestion
Compressio
n'&'Encryption
Persisting'policies'with''data:
“Sticky”'Policies
Policy>aware'Q
uerrying:Data'Subsets/Filtering'Policies
HDT
SPECIAL
APIs
User'Control
Dashboards
Securityandencrytionstillmissinginthe
LinkedDatastandardsStoringconsent,transparencyrecordsinRDFrequires technologytoharnessRDFwith:
• Queryable encryption
• Acces control
• Compression(buildontopofHDT)
• 6monthsintotheproject:
• RecentPublications:• Self-EnforcingAccessControlforEncryptedLinkedData. JavierD.Fernández,Sabrina
Kirrane,AxelPolleres,andSimonSteyskal.ExtendedSemanticWebConference(ESWC 2017). May 2017
• TransparentPersonalDataProcessing:TheRoadAhead. Piero Bonatti,SabrinaKirrane,AxelPolleres,andRigo Wenning.TELERISE:3rdInternationalWorkshoponTEchnicalandLEgalaspectsofdatapRIvacyandSecurity. Sep 2017
• Nextdeliverablesforthcoming:• D1.3Policy,transparencyandcomplianceguidelines:RequirementsforanOntology
andPolicyLanguageforformalizingandreasoningaboutPoliciesandConsent• D1.4Technicalrequirements: Firstarchitectureblueprint,basedontheBigData-
Europearchitecture(https://www.big-data-europe.eu/)
• Communitybuilding,commonStandardsandBestPractices:PlannedW3CworkshopandCommunitygrouponLinkeddataVocabulariesforTransparencyandPrivacycontrols(plannedforearlyof2018)– Pleasejoinus!
SPECIALResultssofar:
• TransparentPersonalDataProcessing:TheRoadAhead. Piero Bonatti,SabrinaKirrane,AxelPolleres,andRigo Wenning.TELERISE:3rdInternationalWorkshoponTEchnicalandLEgalaspectsofdatapRIvacyandSecurity. Sep 2017
SPECIALResultssofar:
Bottomline:Blockchain isONE
possibleimplementationofan
immutabletransparencylayer,butnottheonlyoption!
• 6monthsintotheproject:
• RecentPublications:• Self-EnforcingAccessControlforEncryptedLinkedData. JavierD.Fernández,Sabrina
Kirrane,AxelPolleres,andSimonSteyskal.ExtendedSemanticWebConference(ESWC 2017). May 2017
• TransparentPersonalDataProcessing:TheRoadAhead. Piero Bonatti,SabrinaKirrane,AxelPolleres,andRigo Wenning.TELERISE:3rdInternationalWorkshoponTEchnicalandLEgalaspectsofdatapRIvacyandSecurity. Sep 2017
• Nextdeliverablesforthcoming:• D1.3Policy,transparencyandcomplianceguidelines:RequirementsforanOntology
andPolicyLanguageforformalizingandreasoningaboutPoliciesandConsent• D1.4Technicalrequirements: Firstarchitectureblueprint,basedontheBigData-
Europearchitecture(https://www.big-data-europe.eu/)
• Communitybuilding,commonStandardsandBestPractices:PlannedW3CworkshopandCommunitygrouponLinkeddataVocabulariesforTransparencyandPrivacycontrols(plannedforearlyof2018)– Pleasejoinus!
SPECIALResultssofar:
• Nextdeliverablesforthcoming:• D1.3Policy,transparencyandcomplianceguidelines:RequirementsforanOntology
andPolicyLanguageforformalizingandreasoningaboutPoliciesandConsent• D1.4Technicalrequirements: Firstarchitectureblueprint,basedontheBigData-
Europearchitecture(https://www.big-data-europe.eu/)
• Communitybuilding,commonStandardsandBestPractices:PlannedW3CworkshopandCommunitygrouponLinkeddataVocabulariesforTransparencyandPrivacycontrols(plannedforearlyof2018)– Pleasejoinus!
SPECIALResultssofar:
e.g.W3CODRL/POE(2017)W3CPROV(2013)
15
Web:https://www.specialprivacy.eu/
Twitter:@specialprivacy
Privacy/DataProtectionCommunity
(Semantic)Web/LinkedDataCommunity
Lookingfwd tointeresting3dayshereinTallinn/Helsinki… …andhopetoseemanyofyouinVienna(21-25October)forhttp://iswc2017.semanticweb.org/
Last,butnotleast:
Recommended