Link Before You Share: Managing Privacy Policies through Blockchain

With the advent of numerous online content providers, utilities and applications, each with their own specific version of privacy policies and its associated overhead, it is becoming increasingly difficult for concerned users to manage and track the confidential information that they share with the providers. Users consent to providers to gather and share their Personally Identifiable Information (PII). We have developed a novel framework to automatically track details about how a users' PII data is stored, used and shared by the provider. We have integrated our Data Privacy ontology with the properties of blockchain, to develop an automated access control and audit mechanism that enforces users' data privacy policies when sharing their data across third parties. We have also validated this framework by implementing a working system LinkShare. In this paper, we describe our framework on detail along with the LinkShare system. Our approach can be adopted by Big Data users to automatically apply their privacy policy on data operations and track the flow of that data across various stakeholders.Comment: 10 pages, 6 figures, Published in: 4th International Workshop on Privacy and Security of Big Data (PSBD 2017) in conjunction with 2017 IEEE International Conference on Big Data (IEEE BigData 2017) December 14, 2017, Boston, MA, US

Towards a Semantic-based Approach for Modeling Regulatory Documents in Building Industry

Regulations in the Building Industry are becoming increasingly complex and involve more than one technical area. They cover products, components and project implementation. They also play an important role to ensure the quality of a building, and to minimize its environmental impact. In this paper, we are particularly interested in the modeling of the regulatory constraints derived from the Technical Guides issued by CSTB and used to validate Technical Assessments. We first describe our approach for modeling regulatory constraints in the SBVR language, and formalizing them in the SPARQL language. Second, we describe how we model the processes of compliance checking described in the CSTB Technical Guides. Third, we show how we implement these processes to assist industrials in drafting Technical Documents in order to acquire a Technical Assessment; a compliance report is automatically generated to explain the compliance or noncompliance of this Technical Documents

Unlocking the potential of public sector information with Semantic Web technology

Governments often hold very rich data and whilst much of this information is published and available for re-use by others, it is often trapped by poor data structures, locked up in legacy data formats or in fragmented databases. One of the great benefits that Semantic Web (SW) technology offers is facilitating the large scale integration and sharing of distributed data sources. At the heart of information policy in the UK, the Office of Public Sector Information (OPSI) is the part of the UK government charged with enabling the greater re-use of public sector information. This paper describes the actions, findings, and lessons learnt from a pilot study, involving several parts of government and the public sector. The aim was to show to government how they can adopt SW technology for the dissemination, sharing and use of its data

Towards personalization in digital libraries through ontologies

In this paper we describe a browsing and searching personalization system for digital libraries based on the use of ontologies for describing the relationships between all the elements which take part in a digital library scenario of use. The main goal of this project is to help the users of a digital library to improve their experience of use by means of two complementary strategies: first, by maintaining a complete history record of his or her browsing and searching activities, which is part of a navigational user profile which includes preferences and all the aspects related to community involvement; and second, by reusing all the knowledge which has been extracted from previous usage from other users with similar profiles. This can be accomplished in terms of narrowing and focusing the search results and browsing options through the use of a recommendation system which organizes such results in the most appropriate manner, using ontologies and concepts drawn from the semantic web field. The complete integration of the experience of use of a digital library in the learning process is also pursued. Both the usage and information organization can be also exploited to extract useful knowledge from the way users interact with a digital library, knowledge that can be used to improve several design aspects of the library, ranging from internal organization aspects to human factors and user interfaces. Although this project is still on an early development stage, it is possible to identify all the desired functionalities and requirements that are necessary to fully integrate the use of a digital library in an e-learning environment

Pattern-driven security, privacy, dependability and interoperability management of iot environments

Achieving Security, Privacy, Dependability and Interoperability (SPDI) is of paramount importance for the ubiquitous deployment and impact maximization of Internet of Things (IoT) applications. Nevertheless, said requirements are not only difficult to achieve at system initialization, but also hard to prove and maintain at run-time. This paper highlights an approach to tackling the above challenges, through the definition of pattern language and a framework that can guarantee SPDI in IoT orchestrations. By integrating pattern reasoning engines at the various layers of the IoT infrastructure, and a machine-processable representation of said pattern through Drools rules, the proposed framework can provide ways to fulfill SPDI requirements at design time, and also provide the means to guarantee those SPDI properties and manage the orchestrations accordingly. Moreover, an application example of the framework is presented in an Industrial IoT monitoring environment

Secure data sharing and processing in heterogeneous clouds

The extensive cloud adoption among the European Public Sector Players empowered them to own and operate a range of cloud infrastructures. These deployments vary both in the size and capabilities, as well as in the range of employed technologies and processes. The public sector, however, lacks the necessary technology to enable effective, interoperable and secure integration of a multitude of its computing clouds and services. In this work we focus on the federation of private clouds and the approaches that enable secure data sharing and processing among the collaborating infrastructures and services of public entities. We investigate the aspects of access control, data and security policy languages, as well as cryptographic approaches that enable fine-grained security and data processing in semi-trusted environments. We identify the main challenges and frame the future work that serve as an enabler of interoperability among heterogeneous infrastructures and services. Our goal is to enable both security and legal conformance as well as to facilitate transparency, privacy and effectivity of private cloud federations for the public sector needs. © 2015 The Authors