A novel approach to controlled query evaluation in DL-Lite

In Controlled Query Evaluation (CQE) confidential data are protected through a declarative policy and a (optimal) censor, which guarantees that answers to queries are maximized without disclosing secrets. In this paper we consider CQE over Description Logic ontologies and study query answering over all optimal censors. We establish data complexity of the problem for ontologies specified in DL-LiteR and for variants of the censor language, which is the language used by the censor to enforce the policy. In our investigation we also analyze the relationship between CQE and the problem of Consistent Query Answering

CHORUS Deliverable 2.2: Second report - identification of multi-disciplinary key issues for gap analysis toward EU multimedia search engines roadmap

After addressing the state-of-the-art during the first year of Chorus and establishing the existing landscape in multimedia search engines, we have identified and analyzed gaps within European research effort during our second year. In this period we focused on three directions, notably technological issues, user-centred issues and use-cases and socio- economic and legal aspects. These were assessed by two central studies: firstly, a concerted vision of functional breakdown of generic multimedia search engine, and secondly, a representative use-cases descriptions with the related discussion on requirement for technological challenges. Both studies have been carried out in cooperation and consultation with the community at large through EC concertation meetings (multimedia search engines cluster), several meetings with our Think-Tank, presentations in international conferences, and surveys addressed to EU projects coordinators as well as National initiatives coordinators. Based on the obtained feedback we identified two types of gaps, namely core technological gaps that involve research challenges, and “enablers”, which are not necessarily technical research challenges, but have impact on innovation progress. New socio-economic trends are presented as well as emerging legal challenges

Toward Secure Services from Untrusted Developers

We present a secure service prototype built from untrusted,contributed code.The service manages private data for a variety of different users, anduser programs frequently require access to other users' private data.However, aside from covert timing channels, no part of the service cancorrupt private data or leak it between users or outside the systemwithout permission from the data's owners.Instead, owners may choose to reveal their data in a controlled manner.This application model is demonstrated by Muenster, a job searchwebsite that protects both the integrity and secrecy of each user's data.In spite of running untrusted code, Muenster and other services canprevent overt leaks because the untrusted modules are constrained bythe operating system to follow pre-specified security policies, whichare nevertheless flexible enough for programmers to do useful work.We build Muenster atop Asbestos, a recently described operating systembased on a form of decentralized information flowcontrol