1 / 21

Social Networks For Dummies Or some clues about Distributed Knowledge Base with Privacy

Serge Abiteboul, Alban Galland and a bunch of different people Webdam, INRIA Saclay-Ile-de-France. Social Networks For Dummies Or some clues about Distributed Knowledge Base with Privacy. Summary. Introduction Definitions Goal Related works Distributed Knowledge Base with Privacy

oona
Download Presentation

Social Networks For Dummies Or some clues about Distributed Knowledge Base with Privacy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Serge Abiteboul, Alban Galland and a bunch of different people Webdam, INRIA Saclay-Ile-de-France Social Networks For DummiesOr some clues about Distributed Knowledge Base with Privacy

  2. Summary • Introduction • Definitions • Goal • Related works • Distributed Knowledge Base with Privacy • Ask-owner implementation • Indexed-DHT implementation • Friendly-Gossip Implementation • Declarative Expression of Privacy • Social Knowledge Mining • Demonstration • Conclusion

  3. My definition of Social Network • Social Network: a (web) application where users store and consult data and interact with data of other users following explicit relationships • Some important notions • Users : people • Data : graph of XML documents, AXML • Data-management : storage, replication, query • Relationship

  4. My definition of Privacy • Privacy: the fact that a user keeps control over her data and activity • Some important notions • Read and write permissions • Delegation of permissions • (Anonymity of activity) • (Anonymity of aggregated data)

  5. Goal • Define and implement the basis for a distributed social network that guarantees access control • More precisely • Distributed knowledge base with access control • Declarative high level access control specification • Also • Social network application • Social knowledge mining

  6. Related works • Social network • Some typically centralized SN systems with limited access control management • Some SN-specific applications • Some works on knowledge mining in SN • Distribution • Distributed Hash Table and indexing (KadoP) • Friend based P2P • Privacy • Access control and logic • Cryptography

  7. Distributed Knowledge Base with Privacy • Access control lists at the principal level • A principal corresponds to a set of access rights and documents – e.g., a user or a group • Rights : read (query), append, write (delete), own (grant, revoke) • Some languages (logics) to speak about cryptography and communications • Signature, encryption • Time • Messages

  8. Distributed Knowledge Base with Privacy • One can consider different architectures/ implementations • We focus on (1+) 3 • (Centralized system) • Ask-owner implementation • Indexed-DHT implementation • Friendly-Gossip implementation

  9. Ask-owner implementation • Basic semantic Ownership Signed Instructions Results

  10. Indexed-DHT implementation 2 1 Index Ownership 1 Signed Instructions Encrypted Results Access Access

  11. Indexed-DHT implementation • Principals are no more physically hosted by one machine but data are distributed as posts on a P2P system with a DHT • Each post is signed and encrypted. Hosts : • Understand some meta-data • Do not understand the content they store • Three key kinds of posts : update (write or append), access and index

  12. Indexed-DHT implementation • Update posts • q says (doc@q, tapply , T, C for q) where : • q : principal id • doc : document id • tapply : update timestamp • T : write or append • C for q : content encrypted by a reader public key • Write/Append right = signature private key • A host can easily check it get a valid post 1 1

  13. Indexed-DHT implementation • Update posts • Read right = reader private key • A reader can check she gets a valid version, or otherwise ask another host • In the general case, hosts exchange signatures on list of posts • If you forget about append, replication can be replaced by time of validity and refresh 1 1

  14. Indexed-DHT implementation • Access posts • q says tapply,(key for u), (u,R for q) where : • q : principal id • u : another principal • key : cryptographic key (explicit delegation) • R : access right (read, write, append, own) • Revocation : add time to post + full (or lazy) regeneration of dirty keys Access

  15. Indexed-DHT implementation • Index posts • Balance between leak of information and efficiency of queries • May need more meta-data, like an encryption schema • Could be managed as regular update Index

  16. Indexed-DHT implementation • Other versions depending of • Hierarchy of rights • Who can access the list of access controls of a principal • Some reasons to use a logic language for access control • Need a clear way to express the exchange of knowledge • Need to make some proof

  17. Friendly-Gossip Implementation Ownership Signed Instructions Encrypted Results

  18. Declarative Expression of Privacy • Example • People who are tagged on one of my photos can see this photo • People who are friends of two of my friends can read my Wall • People who are best friends of mine can write on my Wall • Problems • Uncontrolled deduction • Fix-point semantic

  19. Social Knowledge Mining • Previous works • Recommendation: previous works at Yahoo! Research with Sihem Amer-Yahia • Corroboration (with Serge, Amelie and Pierre S.) • What remains in a distributed system with access control? • Introducing higher level of semantic (belief…)

  20. Demonstration • Some functionalities already implemented during Marilena Oita internship • A user interface and global logic • Some part of Distributed Knowledge Base with Privacy • Declarative Privacy is missing

  21. Conclusion • This is work in progress • We are currently focusing on distributed knowledge base with access control, wondering if there is any link with knowledge management • Hidden behind trendy Social Networks, we believe there are real topics of research, in particular in distributed systems

More Related