vini p3

8/2/2019 vini p3

1/24

Copyright 2001-2004 Norman Sadeh

Semantic Web Technologies to

Reconcile Privacy and Context

Awareness

Norman M. SadehISRI- School of Computer Science

Carnegie Mellon University

Pittsburgh, PA - USA

8/2/2019 vini p3

2/24


Mobility Challenge

Can no longer assume the users undivided

attention

Time critical nature of many tasks

Limited input/output functionality

8/2/2019 vini p3

3/24


Context Awareness

All this argues for:

Higher levels of automation

Context awareness

True also in fixed Internet scenarios

8/2/2019 vini p3

4/24


Sources of Contextual Information A users context information is distributed across

a number of disparate resources

Calendar

Location tracking Address book

Buddy lists

Weather

Available resources vary from one user to another

and over time

e.g. roaming across different networks

8/2/2019 vini p3

5/24


Vision A growing collection of context-aware agents that

users can buy or subscribe to

Personal resources modeled as Semantic Web

services

Service profile

Each user has a Semantic eWallet Automated identification and access of a users

personal resources subject to privacy preferences

8/2/2019 vini p3

6/24


Semantic Web Approach

Ontologies to explicitly represent and reason about: Personal/Contextual Resources

Location tracking, calendar, organizationalresources, messaging resources, preferences, etc.

Contextual attributes

e.g. location, calendar activities, social ororganizational context, etc.

Preferences, incl. privacy preferences:

Access control preferences

Obfuscation rules

Web services

Automated service identification and access

8/2/2019 vini p3

7/24Copyright 2001-2004 Norman Sadeh

Personal Resource Ontology:

An ExamplePersonal

Resource

ActivityInformation

Resource

LocationInformation

ResourceList of Friends

Sprint PCS

Location Tracking

CMU LocationTracking

Microsoft OutlookCalendar

IS-A

INSTANCE

8/2/2019 vini p3


MyCampusProject

Motivation:

Campus as everyday life microcosm

Objective:

Enhance campus life through context-awareservices accessible over the WLAN

Methodology:

Involve stakeholders in the design Students and other members of the community

Evaluate and extrapolate to other environments

Mobile Commerce, Mobile Enterprise, etc.

8/2/2019 vini p3


Overall Architecture

Wireless

LAN

Calendar

LocationTracking

Internet and

Intranet Semantic

Web-enabled

Services

Task-Specific

Agents

e-Wallet

Users Personal

Environment

Social Context

Preferences

SemanticWeb-enabled

Context Resources

Personal ResourceDirectory

(incl. Privacy Pref.)

PersonalResource

Ontologies

Contextual

Ontologies

PersonalPreferenceOntologies

Service

Ontologies

Semantic Web

Service Directory

8/2/2019 vini p3


Semantic eWallet

Context-independent knowledge Name, email address, context-independent preferences

Context-dependent knowledge

When driving, I dont want to receive instant messages

Service invocation rules

Automated service identification and access

Map contextual attributes onto different resources (personaland public)

Privacy rules

Access control rules Only my classmates can see my location

Obfuscation rules

My classmates can only see the building I am in butnot the actual room

8/2/2019 vini p3


Location Tracking as Web Service

Location Tracking

as a Web Service

8/2/2019 vini p3


e-

Asserting elementary needs forauthorized information

Pre-checkaccess rights

Post-checkaccess rights

Fetch usefulstatic knowledge

Application ofobfuscation rules

Query contextassertionQuery

Assertion ofauthorized knowledge

Result

Call relevantexternal services

Example : Query from John inquiring about Marys location

the sender of the query is John

Johns query requires accessing Marys location

1.Is John allowed to see Marys location given what we knowabout the context of the query?

2.Mary said she only allows colleagues to see her location when

she is on campus3.John is a colleague of Mary

Access location tracking functionality or Marys calendar

Is Mary on campus?

Mary is willing to disclose the building but not the room she is in

Mary is in Smith Hall

8/2/2019 vini p3


FI

PAACLmessagesandOWLC

ontent

JADE platform

User InteractionAgent

Directory FacilitatorAgent (FIPA)

Agent ManagementAgent (FIPA)

e-Wallet ManagerAgent

OntologistAgent

Task-SpecificAgents

8/2/2019 vini p3


Directory FacilitatorAgent (FIPA)

Agent ManagementAgent (FIPA)

FI

PAACLmessagesandOWLC

ontent

User InteractionAgent

HTTP Request

e-Wallet ManagerAgent

OntologistAgent

Task-SpecificAgents JADE platform

8/2/2019 vini p3


privacyquery

answer

Design of an e-Wallet Three-layer architecture: security through

typing Core knowledge: User static & context-

sensitive knowledge

Service Layer: Automatic identification

and invocation of external sourcesof knowledge (e.g. public web services

and and personal resources)

Privacy layer: Enforces privacy rules

access control & obfuscation All facts represented in OWL

Backward chaining migration rules: privacyrules, service rules, static migration rules

serviceCore

Know-ledge

8/2/2019 vini p3


privacyquery

answer

e-

Design of an e-Wallet Three-layer architecture: security through

typing Core knowledge: user static & context-

sensitive knowledge

Service Layer: automatic identification

and invocation of personal and publicsemantic web services

Privacy layer: enforces privacy rules

access control obfuscation rules

Asserting elementary needs forauthorized information

Pre-checkaccess rights

Post-checkaccess rights

Fetch usefulstatic knowledge

Application ofobfuscation rules

Query contextassertionQuery

Assertion ofauthorized knowledge

Result

Call relevantexternal services

serviceCore

Know-

ledge

8/2/2019 vini p3


Implementation DetailsOWL

Meta-model

in CLIPSOntologyin OWL

Annotationin OWL

Rulein (R)OWL

Servicesin (W)OWL

Privacyin (S)OWL

Queryin (Q)OWL

Ontologystylesheet&Annotationstylesheet&

Rulestylesheet&

Servicestylesheet&

Privacystylesheet&

Querystylesheet&

Ontologyin CLIPS

Annotationin CLIPS

Rulein CLIPS

Service rulein CLIPS

Privacy rulein CLIPS

Query rulesin CLIPS

XSLT Engine

Resultin OWL

JESS

8/2/2019 vini p3


Visualizing & Editing Preferences

Visualizing & editing a privacy rule

8/2/2019 vini p3


Editing Based on Existing Ontologies

8/2/2019 vini p3


Obfuscation Example

User location finder

City block levelCity level level

8/2/2019 vini p3


Slide Projector Agent

8/2/2019 vini p3

22/24


Empirical Evaluation

Initial prototype working on Carnegie Mellons campus

Restaurant concierge agent, message filtering agent,etc.

Integration with calendar, location tracking, userprofile, etc.

Evaluation

Context awareness adds value

Requires access to a broad range of resources/attributes

Privacy concerns have to be addressed Additional validation on context-aware enterprise and DoD

applications

8/2/2019 vini p3

23/24


Concluding Remarks Context awareness helps overcome the limitations of

mobile devices and the time criticality of mobile

scenarios Context awareness makes privacy even more critical

Our experiments indicate that user preferences areoften complex

Incl. context-sensitive preferences Capturing these preferences is far from trivial

Default profiles, learning, dialogs,

How far can we go?

Semantic Web approach Allows for policies that refer to concepts

introduced in any number of domain-specificontologies

Opportunities for reconciliation with P3P/APPEL

8/2/2019 vini p3

24/24

C i h 2001 2004 S d h

Q&A

Source:http://www.firstmonday.org/issues/issue

4_9/odlyzko/index.html

Documents

vini p3