Streamlining governmental processes by putting citizens in control of their personal data

Governments typically store large amounts of personal information on their citizens, such as a home address, marital status, and occupation, to offer public services. Because governments consist of various governmental agencies, multiple copies of this data often exist. This raises concerns regarding data consistency, privacy, and access control, especially under recent legal frameworks such as GDPR. To solve these problems, and to give citizens true control over their data, we explore an approach using the decentralised Solid ecosystem, which enables citizens to maintain their data in personal data pods. We have applied this approach to two high-impact use cases, where citizen information is stored in personal data pods, and both public and private organisations are selectively granted access. Our findings indicate that Solid allows reshaping the relationship between citizens, their personal data, and the applications they use in the public and private sector. We strongly believe that the insights from this Flemish Solid Pilot can speed up the process for public administrations and private organisations that want to put the users in control of their data

The WebID Protocol Enhanced With Group Access, Biometrics, and Access Policies

The WebID protocol solves the challenge of remembering usernames and passwords. We enhance this protocol in three ways. First, we give it the ability to manage groups of agents and control their access to resources on the Web. Second, we add support for biometric access control to enhance security. Finally, we add support for OWL-based policies that may be federated and result in flexible access control

Ubiquitous Semantic Applications

As Semantic Web technology evolves many open areas emerge, which attract more research focus. In addition to quickly expanding Linked Open Data (LOD) cloud, various embeddable metadata formats (e.g. RDFa, microdata) are becoming more common. Corporations are already using existing Web of Data to create new technologies that were not possible before. Watson by IBM an artificial intelligence computer system capable of answering questions posed in natural language can be a great example. On the other hand, ubiquitous devices that have a large number of sensors and integrated devices are becoming increasingly powerful and fully featured computing platforms in our pockets and homes. For many people smartphones and tablet computers have already replaced traditional computers as their window to the Internet and to the Web. Hence, the management and presentation of information that is useful to a user is a main requirement for today’s smartphones. And it is becoming extremely important to provide access to the emerging Web of Data from the ubiquitous devices. In this thesis we investigate how ubiquitous devices can interact with the Semantic Web. We discovered that there are five different approaches for bringing the Semantic Web to ubiquitous devices. We have outlined and discussed in detail existing challenges in implementing this approaches in section 1.2. We have described a conceptual framework for ubiquitous semantic applications in chapter 4. We distinguish three client approaches for accessing semantic data using ubiquitous devices depending on how much of the semantic data processing is performed on the device itself (thin, hybrid and fat clients). These are discussed in chapter 5 along with the solution to every related challenge. Two provider approaches (fat and hybrid) can be distinguished for exposing data from ubiquitous devices on the Semantic Web. These are discussed in chapter 6 along with the solution to every related challenge. We conclude our work with a discussion on each of the contributions of the thesis and propose future work for each of the discussed approach in chapter 7

Social Multimedia Networks Behaviour Model & Architecture

People constantly use social multimedianetworks to communicate with one another, with usersmostly sharing data, such as photos and videos. Weexamine the motivations that drive colluders to formalliances over social networking platforms anddetermine how these groups create coalitions toadvance their interests. We also investigate thenetwork architectures that underlie social multimedianetworks and how these platforms circulate. Sucharchitectures are connected to different protocols,including WebID, Semantic Pingback andPubSubHubbub, to form a logical semantic circulatingsocial multimedia network that delivers a centralisedsocial network structure

Access Control in Linked Data Using WebID A Practical Approach Validated in a Lifelong Learning Use Case

ABSTRACT Linked Data technologies become increasingly important in many domains. Key factors for their breakthrough are security and trust. Classical means for access control lack granularity when parts of the Linked Data graph must be protected. The WebID, combining semantic web concepts with methods from certificate based authentication and authorization, seems promising to fulfill all requirements concerning security and trust in the semantic web. In the PerSemID project, we challenged the WebID technology with a fully implemented proof-of-concept (PoC) addressing a workflow coming from the domain of lifelong learning and student mobility. In our use case of study enrollment, we used WebIDs for authentication and to grant access to parts of triple stores, during cross domain triple store interactions to exchange data between stakeholders

Evaluation of Link Traversal Query Execution over Decentralized Environments with Structural Assumptions

To counter societal and economic problems caused by data silos on the Web, efforts such as Solid strive to reclaim private data by storing it in permissioned documents over a large number of personal vaults across the Web. Building applications on top of such a decentralized Knowledge Graph involves significant technical challenges: centralized aggregation prior to query processing is excluded for legal reasons, and current federated querying techniques cannot handle this large scale of distribution at the expected performance. We propose an extension to Link Traversal Query Processing (LTQP) that incorporates structural properties within decentralized environments to tackle their unprecedented scale. In this article, we analyze the structural properties of the Solid decentralization ecosystem that are relevant for query execution, and provide the SolidBench benchmark to simulate Solid environments representatively. We introduce novel LTQP algorithms leveraging these structural properties, and evaluate their effectiveness. Our experiments indicate that these new algorithms obtain accurate results in the order of seconds for non-complex queries, which existing algorithms cannot achieve. Furthermore, we discuss limitations with respect to more complex queries. This work reveals that a traversal-based querying method using structural assumptions can be effective for large-scale decentralization, but that advances are needed in the area of query planning for LTQP to handle more complex queries. These insights open the door to query-driven decentralized applications, in which declarative queries shield developers from the inherent complexity of a decentralized landscape.Comment: Not peer-reviewe

A Prospective Analysis of Security Vulnerabilities within Link Traversal-Based Query Processing (Extended Version)

The societal and economical consequences surrounding Big Data-driven platforms have increased the call for decentralized solutions. However, retrieving and querying data in more decentralized environments requires fundamentally different approaches, whose properties are not yet well understood. Link Traversal-based Query Processing (LTQP) is a technique for querying over decentralized data networks, in which a client-side query engine discovers data by traversing links between documents. Since decentralized environments are potentially unsafe due to their non-centrally controlled nature, there is a need for client-side LTQP query engines to be resistant against security threats aimed at the query engine's host machine or the query initiator's personal data. As such, we have performed an analysis of potential security vulnerabilities of LTQP. This article provides an overview of security threats in related domains, which are used as inspiration for the identification of 10 LTQP security threats. Each threat is explained, together with an example, and one or more avenues for mitigations are proposed. We conclude with several concrete recommendations for LTQP query engine developers and data publishers as a first step to mitigate some of these issues. With this work, we start filling the unknowns for enabling querying over decentralized environments. Aside from future work on security, wider research is needed to uncover missing building blocks for enabling true decentralization.Comment: This is an extended version of an article with the same title published in the proceedings of the QuWeDa workshop at ISWC 2022. Next to more details in the related work and conclusions sections, this extension introduces concrete mitigations of each vulnerabilit

Attribute-based Access Control on Solid Pods using Privacy-friendly Credentials

Our demo showcases how a user is granted access to resources stored on a Solid Pod, i. e., a web server that adheres to the Solid Protocol, using Web-based Verifiable Credentials. To protect the privacy of the user, we rely on the BBS+ signatures scheme allowing for selective disclosure of only those attributes necessary. We present a PWA where a user can (a) request a Verifiable Credential from another user, (b) store it on their own Solid Pod, and (c) use it to gain access to a resource on a third user’s Solid Pod

Towards a decentralised common data environment using linked building data and the solid ecosystem

With the emergence of Building Information Modelling (BIM), the construction industry is rapidly catching up with the digital revolution that has boosted productivity in virtually all economic sectors. In current practice, the focus of BIM lies on exchange of documents, often through proprietary formats exchanged using the Industry Foundation Classes (IFC). However, with web technologies such as RDF, OWL and SPARQL, a data- and web-based BIM paradigm becomes within reach. The decentralisation of data and decoupling of information and applications will enhance a more general adoption of Big Open BIM, and is expected to lower the BIM threshold for smaller companies that are active in different phases of the building life cycle. Since one of the promises of the Semantic Web and Linked Data is a highly improved interoperability between different disciplines, it is not necessary to reinvent the wheel for the setup of an infrastructure that supports such a network of decentralised tools and data. In this paper, we evaluate the specifications provided by the Solid project (Inrupt Inc.), a Linked Data-based ecosystem for Social Linked Data. Although the exemplary use case of the Solid ecosystem is decentralisation of data and applications for social network purposes, we notice a considerable overlap with recent ambitions and challenges for a web-based AECO industry (Architecture, Engineering, Construction and Operation). This includes standardised data representations, role- or actor-based authorisation and authentication and the need for modular and extensible applications, dedicated to a specific use case. After a brief introduction to Linked Data and its applications in the building industry, we discuss present solutions for building data management (Common Data Environments, multimodels, etc.). In order to translate these approaches towards a Linked Data context with minimal effort and maximal effect, we then review the Solid specifications for use in a construction-oriented web ecosystem. As a proof of concept, we discuss the setup of a web-service for creation and management of Linked Building Data, generated with the Solid-React generator. This application is envisaged as a bridge between the multiple data stores of different project stakeholders and the end user. It acts as an interface to a distributed Common Data Environment that also allows the generation of multi-models

Security Aspects in Web of Data Based on Trust Principles. A brief of Literature Review

Within scientific community, there is a certain consensus to define "Big Data" as a global set, through a complex integration that embraces several dimensions from using of research data, Open Data, Linked Data, Social Network Data, etc. These data are scattered in different sources, which suppose a mix that respond to diverse philosophies, great diversity of structures, different denominations, etc. Its management faces great technological and methodological challenges: The discovery and selection of data, its extraction and final processing, preservation, visualization, access possibility, greater or lesser structuring, between other aspects, which allow showing a huge domain of study at the level of analysis and implementation in different knowledge domains. However, given the data availability and its possible opening: What problems do the data opening face? This paper shows a literature review about these security aspects