240 likes | 324 Views
Semantic Web Technologies to Reconcile Privacy and Context Awareness. Norman M. Sadeh ISRI- School of Computer Science Carnegie Mellon University Pittsburgh, PA - USA. Mobility Challenge. Can no longer assume the user’s undivided attention Time critical nature of many tasks
E N D
Semantic Web Technologies to Reconcile Privacy and Context Awareness Norman M. Sadeh ISRI- School of Computer Science Carnegie Mellon University Pittsburgh, PA - USA
Mobility Challenge • Can no longer assume the user’s undivided attention • Time critical nature of many tasks • Limited input/output functionality
Context Awareness • …All this argues for: • Higher levels of automation • Context awareness • …True also in fixed Internet scenarios
Sources of Contextual Information • A user’s context information is distributed across a number of disparate resources • Calendar • Location tracking • Address book • Buddy lists • Weather • Available resources vary from one user to another • …and over time • e.g. roaming across different networks
Vision • A growing collection of context-aware agents that users can buy or subscribe to • Personal resources modeled as Semantic Web services • Service profile • Each user has a Semantic eWallet • Automated identification and access of a user’s personal resources subject to privacy preferences
Semantic Web Approach • Ontologies to explicitly represent and reason about: • Personal/Contextual Resources • Location tracking, calendar, organizational resources, messaging resources, preferences, etc. • Contextual attributes • e.g. location, calendar activities, social or organizational context, etc. • Preferences, incl. privacy preferences: • Access control preferences • “Obfuscation” rules • Web services • Automated service identification and access
Personal Resource Ontology: An Example Personal Resource IS-A Location Information Resource Activity Information Resource List of Friends INSTANCE CMU Location Tracking Microsoft Outlook Calendar Sprint PCS Location Tracking
MyCampus Project • Motivation: • Campus as “everyday life microcosm” • Objective: • Enhance campus life through context-aware services accessible over the WLAN • Methodology: • Involve stakeholders in the design • Students and other members of the community • Evaluate and extrapolate to other environments • Mobile Commerce, Mobile Enterprise, etc.
Overall Architecture Personal Preference Ontologies Personal Resource Ontologies Contextual Ontologies Service Ontologies Semantic Web-enabled Context Resources Internet and Intranet Semantic Web-enabled Services User’s Personal Environment Calendar e-Wallet Personal Resource Directory (incl. Privacy Pref.) Location Tracking Semantic Web Service Directory Wireless LAN Social Context Preferences Task-Specific Agents
Semantic eWallet • Context-independent knowledge • Name, email address, context-independent preferences • Context-dependent knowledge • “When driving, I don’t want to receive instant messages” • Service invocation rules • Automated service identification and access • Map contextual attributes onto different resources (personal and public) • Privacy rules • Access control rules • “Only my classmates can see my location” • Obfuscation rules • “My classmates can only see the building I am in but not the actual room”
Location Tracking as Web Service Location Tracking as a Web Service
Example : Query from John inquiring about Mary’s location the sender of the query is John John’s query requires accessing Mary’s location Is John allowed to see Mary’s location given what we know about the context of the query? Mary said she only allows colleagues to see her location when she is on campus John is a colleague of Mary Access location tracking functionality or Mary’s calendar Is Mary on campus? Mary is willing to disclose the building but not the room she is in Mary is in Smith Hall Query context assertion Asserting elementary needs for authorized information Pre-check access rights Query Fetch usefulstatic knowledge Call relevant external services Post-checkaccess rights Result Application of obfuscation rules Assertion ofauthorized knowledge e-
User Interaction Agent FIPA ACL messages and OWL Content Directory Facilitator Agent (FIPA) Agent Management Agent (FIPA) e-Wallet Manager Agent Ontologist Agent Task-Specific Agents JADE platform
HTTP Request User Interaction Agent FIPA ACL messages and OWL Content Directory Facilitator Agent (FIPA) Agent Management Agent (FIPA) e-Wallet Manager Agent Ontologist Agent Task-Specific Agents JADE platform
privacy query service Core Know-ledge answer Design of an e-Wallet • Three-layer architecture: security through typing • Core knowledge: User static & context-sensitive knowledge • Service Layer: Automatic identification and invocation of external sourcesof knowledge (e.g. public web services and and personal resources) • Privacy layer: Enforces privacy rulesaccess control & obfuscation • All facts represented in OWL • Backward chaining migration rules: privacy rules, service rules, static migration rules
privacy query service Core Know-ledge answer Query context assertion Asserting elementary needs for authorized information Pre-check access rights Query Fetch usefulstatic knowledge Call relevant external services Post-checkaccess rights Result Application of obfuscation rules Assertion ofauthorized knowledge Design of an e-Wallet • Three-layer architecture: security through typing • Core knowledge: user static & context-sensitive knowledge • Service Layer: automatic identification and invocation of personal and public semantic web services • Privacy layer: enforces privacy rulesaccess control obfuscation rules e-
Ontology in OWL Ontology stylesheet Ontology in CLIPS & Annotation in OWL Annotation stylesheet Annotation in CLIPS & Rule in (R)OWL Rule stylesheet Rule in CLIPS & Services in (W)OWL Service stylesheet Service rule in CLIPS & Privacy in (S)OWL Privacy stylesheet Privacy rule in CLIPS & Query in (Q)OWL Query stylesheet Query rules in CLIPS Result in OWL & XSLT Engine JESS Implementation Details OWL Meta-model in CLIPS
Visualizing & Editing Preferences Visualizing & editing a privacy rule
Obfuscation Example • User location finder City level level City block level
Empirical Evaluation • Initial prototype working on Carnegie Mellon’s campus • Restaurant concierge agent, message filtering agent, etc. • Integration with calendar, location tracking, user profile, etc. • Evaluation • Context awareness adds value • Requires access to a broad range of resources/attributes • Privacy concerns have to be addressed • Additional validation on context-aware enterprise and DoD applications
Concluding Remarks • Context awareness helps overcome the limitations of mobile devices and the time criticality of mobile scenarios • Context awareness makes privacy even more critical • Our experiments indicate that user preferences are often complex • Incl. context-sensitive preferences • Capturing these preferences is far from trivial • Default profiles, learning, dialogs, • How far can we go? • Semantic Web approach • Allows for policies that refer to concepts introduced in any number of domain-specific ontologies • Opportunities for reconciliation with P3P/APPEL
Q&A Source:http://www.firstmonday.org/issues/issue4_9/odlyzko/index.html