Secrecy-preserving Query Answering for Instance Checking in EL

We consider the problem of answering queries against a knowledge base (KB) using secrets, whenever it is possible to do so without compromising secrets. We study query answering against EL knowledge bases. We provide a polynomial time algorithm that, given an EL KB Sigma, a set S of secrets to be protected and a query q or the form C(a) or r(a,b), outputs ``Yes\u27\u27 whenever Sigma entails q and the answer to q, together with the answers to any previous queries answered by the KB, does not allow the querying agent to deduce any of the secrets in S. This approach allows more flexible information sharing than is possible with traditional access control mechanisms

Secrecy-Preserving Reasoning Over Entailment Systems: Theory and Applications

Privacy, copyright, security and other concerns make it essential for many distributed web applications to support selective sharing of information while, at the same time, protecting sensitive knowledge. Secrecypreserving reasoning refers to the answering of queries against a knowledge base involving inference that uses sensitive knowledge without revealing it. We present a general framework for secrecy-preserving reasoning over arbitrary entailment systems. This framework enables reasoning with hierarchical ontologies, propositional logic knowledge bases (over arbitrary logics) and RDFS knowledge bases containing sensitive information that needs to be protected. We provide an algorithm that, given a knowledge base over an effectively enumerable entailment system, and a secrecy set over it, defines a maximally informative secrecypreserving reasoner. Secrecy-preserving mappings between knowledge bases that allow reusing reasoners across knowledge bases are introduced

Topics in Knowledge Bases: Epistemic Ontologies and Secrecy-preserving Reasoning

Applications of ontologies/knowledge bases (KBs) in many domains (healthcare, national security, intelligence) have become increasingly important. In this dissertation, we focus on developing techniques for answering queries posed to KBs under the open world assumption (OWA). In the first part of this dissertation, we study the problem of query answering in KBs that contain epistemic information, i.e., knowledge of different experts. We study ALCKm, which extends the description logic ALC by adding modal operators of the basic multi-modal logic Km. We develop a sound and complete tableau algorithm for answering ALCKm queries w.r.t. an ALCKm knowledge base with an acyclic TBox. We then consider answering ALCKm queries w.r.t. an ALCKm knowledge base in which the epistemic operators correspond to those of classical multi-modal logic S4m and provide a sound and complete tableau algorithm. Both algorithms can be implemented in PSpace. In the second part, we study problems that allow autonomous entities or organizations (collectively called querying agents) to be able to selectively share information. In this scenario, the KB must make sure its answers are informative but do not disclose sensitive information. Most of the work in this area has focused on access control mechanisms that prohibit access to sensitive information (secrets). However, such an approach can be too restrictive in that it prohibits the use of sensitive information in answering queries against knowledge bases even when it is possible to do so without compromising secrets. We investigate techniques for secrecy-preserving query answering (SPQA) against KBs under the OWA. We consider two scenarios of increasing difficulty: (a) a KB queried by a single agent; and (b) a KB queried by multiple agents where the secrecy policies can differ across the different agents and the agents can selectively communicate the answers that they receive from the KB with each other subject to the applicable answer sharing policies. We consider classes of KBs that are of interest from the standpoint of practical applications (e.g., description logics and Horn KBs). Given a KB and secrets that need to be protected against the querying agent(s), the SPQA problem aims at designing a secrecy-preserving reasoner that answers queries without compromising secrecy under OWA. Whenever truthfully answering a query risks compromising secrets, the reasoner is allowed to hide the answer to the query by feigning ignorance, i.e., answering the query as Unknown . Under the OWA, the querying agent is not able to infer whether an Unknown answer to a query is obtained because of the incomplete information in the KB or because secrecy protection mechanism is being applied. In each scenario, we provide a general framework for the problem. In the single-agent case, we apply the general framework to the description logic EL and provide algorithms for answering queries as informatively as possible without compromising secrecy. In the multiagent case, we extend the general framework for the single-agent case. To model the communication between querying agents, we use a communication graph, a directed acyclic graph (DAG) with self-loops, where each node represents an agent and each edge represents the possibility of information sharing in the direction of the edge. We discuss the relationship between secrecy-preserving reasoners and envelopes (used to protect secrets) and present a special case of the communication graph that helps construct tight envelopes in the sense that removing any information from them will leave some secrets vulnerable. To illustrate our general idea of constructing envelopes, Horn KBs are considered

Secrecy-Preserving Reasoning using Secrecy Envelopes

Inmany applications of networked information systems, the need to share information often has to be balanced against the need to protect secret information from unintended disclosure, e.g., due to copyright, privacy, security, or commercial considerations. We study the problem of secrecy-preserving reasoning, that is, answering queries using secret information, whenever it is possible to do so, without compromising secret information. In the case of a knowledge base that is queried by a single querying agent, we introduce the notion of a secrecy envelope. This is a superset of the secret part of the knowledge base that needs to be concealed from the querying agent in order to ensure that the secret information is not compromised. We establish several important properties of secrecy envelopes and present an algorithm for computing minimal secrecy envelopes. We extend our analysis of secrecy preserving reasoning to the setting where different parts of the knowledge base need to be protected from different querying agents that are subject to certain restrictions on the sharing of answers supplied to them by the knowledge base

Secrecy-preserving reasoning in simple description logic knowledge bases

In this dissertation, we study the problem of secrecy-preserving query answering (SPQA) against knowledge bases (KBs) under the open world assumption (OWA) - the assumption that typical KBs are incomplete. Protection of secret information is a critical requirement for the design of information systems in semantic web applications. Recently, semantic web technolo- gies are widely used in many application domains like healthcare, bioinformatics, intelligence and national security. So, there is a pressing need for developing robust secret protection mech- anisms suitable for ontology-based information systems. In our work, we use a logical approach to enforce secrecy where the domain knowledge is represented in an appropriate description logic (DL). In particular, to protect secret information we take advantage of OWA. Under OWA, a querying agent cannot distinguish whether a query is being protected or it cannot be inferred from the KB. The central idea in our approach to protect the secret information is to build a logical shield called “envelope” around the confidential information and answers queries correctly as much as possible without compromising the secrecy. We have chosen lightweight DL languages like DL-LiteR and ELH for studying SPQA problem with single querying agent in the first half of this dissertation. We have considered DL-LiteR KB with acyclic TBox and the secrecy set containing both assertional queries and Boolean Conjunctive Queries (BCQs). By computing a suitable envelope, we protect the secrets in the secrecy set. We have used Kleenes 3-valued semantics to prove the correctness of the query answering procedure. We have also performed a detailed analysis of computational complexities of various algorithms used in this dissertation. In ELH logic, we define a secrecy set that contains both assertional and general concept inclusion queries. A new strategy has been employed to construct the SPQA system for the given ELH KB. This includes designing efficient query answering algorithms based on recursive decomposition of queries and have shown that the query answering algorithms are sound and complete, thus providing correctness proof. In the second half of this dissertation, we have studied the SPQA problem in ELH♦ (ELH augmented with modal operator ♦). Given a ELH♦ KB and a finite secrecy set, we compute a SPQA system in the form of a tree, called secrecy-preserving tree. In this case the secrecy set contains only assertions. Since the information available in secrecy-preserving tree is not sufficient to answer all the queries, we further augment the query answering procedure with a recursive procedure. The recursive procedure is based on th idea of breaking the query into smaller assertions all the way until the information in the secrecy-preserving tree can be used