HDT crypt: Compression and Encryption of RDF Datasets

The publication and interchange of RDF datasets online has experienced significant growth in recent years, promoted by different but complementary efforts, such as Linked Open Data, the Web of Things and RDF stream processing systems. However, the current Linked Data infrastructure does not cater for the storage and exchange of sensitive or private data. On the one hand, data publishers need means to limit access to confidential data (e.g. health, financial, personal, or other sensitive data). On the other hand, the infrastructure needs to compress RDF graphs in a manner that minimises the amount of data that is both stored and transferred over the wire. In this paper, we demonstrate how HDT - a compressed serialization format for RDF - can be extended to cater for supporting encryption. We propose a number of different graph partitioning strategies and discuss the benefits and tradeoffs of each approach

Self-Enforcing Access Control for Encrypted RDF

The amount of raw data exchanged via web protocols is steadily increasing. Although the Linked Data infrastructure could potentially be used to selectively share RDF data with different individuals or organisations, the primary focus remains on the unrestricted sharing of public data. In order to extend the Linked Data paradigm to cater for closed data, there is a need to augment the existing infrastructure with robust security mechanisms. At the most basic level both access control and encryption mechanisms are required. In this paper, we propose a flexible and dynamic mechanism for securely storing and efficiently querying RDF datasets. By employing an encryption strategy based on Functional Encryption (FE) in which controlled data access does not require a trusted mediator, but is instead enforced by the cryptographic approach itself, we allow for fine-grained access control over encrypted RDF data while at the same time reducing the administrative overhead associated with access control management

Towards Querying in Decentralized Environments with Privacy-Preserving Aggregation

The Web is a ubiquitous economic, educational, and collaborative space. However, it also serves as a haven for personal information harvesting. Existing decentralised Web-based ecosystems, such as Solid, aim to combat personal data exploitation on the Web by enabling individuals to manage their data in the personal data store of their choice. Since personal data in these decentralised ecosystems are distributed across many sources, there is a need for techniques to support efficient privacy-preserving query execution over personal data stores. Towards this end, in this position paper we present a framework for efficient privacy preserving federated querying, and highlight open research challenges and opportunities. The overarching goal being to provide a means to position future research into privacy-preserving querying within decentralised environments

Application-agnostic Personal Storage for Linked Data

Personaalsete andmete ristkasutuse puudumine veebirakenduste vahel on viinud olukorrani, kus kasutajate identiteet ja andmed on hajutatud eri teenusepakkujate vahel. Sellest tulenevalt on suuremad teenusepakkujad, kel on rohkem teenuseid ja kasutajaid,\n\rväiksematega võrreldes eelisseisus kasutajate andmete pealt lisandväärtuse, sh analüütika, pakkumise seisukohast. Lisaks on sellisel andmete eraldamisel negatiivne mõju lõppkasutajatele, kellel on vaja sarnaseid andmeid korduvalt esitada või uuendada eri teenusepakkujate juures vaid selleks, et kasutada teenust maksimaalselt. Käesolevas töös kirjeldatakse personaalse andmeruumi disaini ja realisatsiooni, mis lihtsustab andmete jagamist rakenduste vahel. Lahenduses kasutatakse AppScale\n\rrakendusemootori identiteedi infrastruktuuri, millele lisatakse personaalse andmeruumi teenus, millele ligipääsu saab hallata kasutaja ise. Andmeruumi kasutatavus eri kasutuslugude jaoks tagatakse läbi linkandmete põhimõtete rakendamise.Recent advances in cloud-based applications and services have led to the continuous replacement of traditional desktop applications with corresponding SaaS solutions. These cloud applications are provided by different service providers, and typically manage identity and personal data, such as user’s contact details, of its users by its own means.\n\rAs a result, the identities and personal data of users have been spread over different applications and servers, each capturing a partial snapshot of user data at certain time moment. This, however, has made maintenance of personal data for service providers difficult and resource-consuming. Furthermore, such kind of data segregation has the overall negative effect on the user experience of end-users who need to repeatedly re-enter and maintain in parallel the same data to gain the maximum benefit out of their applications. Finally, from an integration point of view – sealing of user data has led to the adoption of point-to-point integration models between service providers, which limits the evolution of application ecosystems compared to the models with content aggregators and brokers.\n\rIn this thesis, we will develop an application-agnostic personal storage, which allows sharing user data among applications. This will be achieved by extending AppScale app store identity infrastructure with a personal data storage, which can be easily accessed by any application in the cloud and it will be under the control of a user. Usability of data is leveraged via adoption of linked data principles

Engineering a semantic web trust infrastructure

The ability to judge the trustworthiness of information is an important and challenging problem in the field of Semantic Web research. In this thesis, we take an end-to-end look at the challenges posed by trust on the Semantic Web, and present contributions in three areas: a Semantic Web identity vocabulary, a system for bootstrapping trust environments, and a framework for trust aware information management. Typically Semantic Web agents, which consume and produce information, are not described with sufficient information to permit those interacting with them to make good judgements of trustworthiness. A descriptive vocabulary for agent identity is required to enable effective inter agent discourse, and the growth of trust and reputation within the Semantic Web; we therefore present such a foundational identity ontology for describing web-based agents.It is anticipated that the Semantic Web will suffer from a trust network bootstrapping problem. In this thesis, we propose a novel approach which harnesses open data to bootstrap trust in new trust environments. This approach brings together public records published by a range of trusted institutions in order to encourage trust in identities within new environments. Information integrity and provenance are both critical prerequisites for well-founded judgements of information trustworthiness. We propose a modification to the RDF Named Graph data model in order to address serious representational limitations with the named graph proposal, which affect the ability to cleanly represent claims and provenance records. Next, we propose a novel graph based approach for recording the provenance of derived information. This approach offers computational and memory savings while maintaining the ability to answer graph-level provenance questions. In addition, it allows new optimisations such as strategies to avoid needless repeat computation, and a delta-based storage strategy which avoids data duplication.<br/

Developing a RDF4J frontend

Dissertação de mestrado integrado em Engenharia InformáticaA few years ago, data was not shared and kept isolated, preventing communication between datasets. Currently, we have more significant data volumes, and in a world where everything is connected, our data is now also following this trend. Data model focus changed from a square structure like the relational model to a model centered on the relations. Knowledge graphs are the new paradigm to represent and manage this new kind of information structure. Along with the new paradigm, graph databases emerged to support the new requirements. Despite the increasing interest in the field, only a few native solutions are available. Most are under a commercial license, and the open-source options have very basic or outdated interfaces, and because of that, they are a little distant for most end-users. In this thesis, we introduce the Open Web Ontobud and discuss its design and develop ment. Ontobud is a Web Application aimed at improving the interface for one of the most fascinating and influential frameworks in this area: RDF4J. RDF4J is a Java framework to deal with RDF triple storage, management, and query. Open Web Ontobud is an open-source RDF4J web frontend created to reduce the gap between end-users and the RDF4J backend. We created a web interface that enables users with a basic knowledge of OWL and SPARQL to explore ontologies via resource tables or graphs and extract information from them with SPARQL queries. The interface aims to remain intuitive, providing tooltips and help when needed, as well as some statistical data in a readily available form. Despite the frontend being the main focus, a backend and two databases are also used for a total of four components in the framework. For the best deployment experience, Docker was used for its simplicity, allowing deployment in just a few commands. Each component has a dedicated image, following a modular design and allowing them to be executed on separate machines if desired.No passado, dados não era partilhada e permanecia isolada, impedindo comunicação entre datasets. Atualmente, temos maiores volumes de dados e num mundo onde tudo está interligado, os nossos dados também seguem essa tendência. O foco de modelo de dados alterou de uma estrutura quadrada, como o modelo relacional, para um modelo centrado em relações. Grafos de Conhecimento são o novo paradigma para a representação e manipulação desta nova estrutura de dados. Com o novo paradigma, bases de dados de grafos emergiram para suportar as novas necessidades. Apesar do aumento de interesse neste campo, apenas algumas soluções nativas estão disponíveis. A maioria requere uma licença comercial, e as opções open-source são interfaces básicas ou desatualizadas, e por consequência, distantes a muitos utilizadores. Nesta tese introduzimos o Open Web Ontobud e discutimos o seu design e desenvolvi mento. O Ontobud é uma aplicação Web direcionada ao melhoramento da interface de uma das mais fascinantes e influentes frameworks nesta área: o RDF4J. O RDF4J é uma framework em Java para guardar, manipular e inquirir grafos RDF. Open Web Ontobud é um open-source web frontend para o RDF4J criado para diminuir a separação entre os utilizadores e o RDF4J backend. Nós criamos uma interface web que permite utilizadores com conhecimento básico de OWL e SPARQL explorar ontologias através de tabelas de recursos ou grafos, e inquirir informação com queries SPARQL. O objetivo da interface é ser intuitiva, com tooltips e ajuda quando necessário, bem como alguma informação de estatísticas numa forma facilmente acessível. Apesar do frontend ser o foco principal, o backend e duas bases de dados também são utilizadas, para um total de quatro componentes nesta framework. Para a melhor experiência de inicialização utilizamos Docker pela sua simplicidade, permitindo inicialização em poucos comandos. Cada componente tem uma imagem dedicada, seguindo um design modular e permitindo cada componente ser executada em máquinas separadas se necessário