Integrity Proofs for RDF Graphs

Representing open datasets with the RDF model is becoming increasingly popular. An important aspect of this data model is that it can utilize the methods of computing cryptographic hashes to verify the integrity of RDF graphs. In this paper, we first develop a number of metrics to compare the state-of-the-art integrity proof methods and then present two new approaches to generate an integrity proof of RDF datasets: (i) semantic-based and (ii) structure-based. The semantic-based approach leverages timestamps (or other inherent notions of ordering) as an indexing key to construct a sorted Merkle tree variation, where timestamps are semantically extractable from the dataset. The structure-based approach utilizes the redundant structure of large RDF datasets to compress the dataset statements prior to generating a variation of a Merkle tree. We provide a theoretical analysis and an experimental evaluation of our two proposed methods. Compared to the Merkle and sorted Merkle tree, the semantic-based approach achieves faster querying performance for large datasets. The structure-based approach is well suited when RDF datasets contain large amounts of semantic redundancies. We also evaluate our methods' resistance to adversarial threats

Accountability by design in technology research

What does research look like in practice? Aside from popular assumptions of how researchers are lonely isolated individuals sitting disconnected from the rest of the world enmeshed in thought, a considerable part of research involves working with data. Whether this data is quantitative, qualitative, gathered through experiments or involves writing code, all of this data is not just magically ‘invented’ out of thin air, but instead develops in a process of interaction with both human beings and technical systems. However only a small fragment of this process is presented to outside reviewers, the outputs and the framing often specifically designed to make a specific point. How the author got there, and which assumptions were made on the way and how these assumptions developed over time is seldom included in the final write-up. The following article argues that rather than just providing output data to be considered in research – or providing explanations for technical outcomes as is frequently proposed in computer science, accountability can only be developed by better understanding the research process. In order to do this, we suggest a series of mechanisms that can be built into existing research practices to make them more intelligible to outside reviewers and scholars. These mechanisms are designed to develop the accountability principle of the GDPR and ensure more accountable scientific research. As the GDPR recitals also explicitly references scientific research, an accountability by design approach to technology research is grounded both in the articles and recitals of the GDPR. By documenting the key elements of a narrative research story which explains not just what you believe to have discovered but also how researchers got there, it may also be possible to create better accountability mechanisms

Segurança de informação para serviços de apoio social

Over the years, more people want their information available digitally, since it is more convenient, economical and faster to access than the physical format. However, there may be consequences in taking this action. How do we prevent certain people from gaining access to more sensitive data, or how do we ensure that there is no unauthorized manipulation of certain information? When developing a program that deals with private data transmissions, these are one of the many concerns of any programmer and should be well thought out and resolved. In this document we will analyze one possible solution for one of the most important components of any platform, the logging/auditing and respective access control, where one presents a technology that is not yet widely present outside its main area of application. The goal is to make it clear that it is feasible to use a technology that has been created for a specific purpose and to apply it in totally different scenarios. The platform that will be used as a basis for applying these ideas and concepts will be an application whose purpose is to assist its users and allowing them to communicate quickly and directly between them and their respective caregivers and that also will handle electronic health records.Cada vez mais, as pessoas querem a sua informação disponível digitalmente, visto que é mais cómodo, económico e rápido aceder do que o formato físico. No entanto, podem existir consequências ao adoptar esta medida. Como prevenimos que certas pessoas não consigam aceder a dados mais sensíveis ou como conseguimos garantir que não houve manipulações não autorizadas sobre certa informação? Ao desenvolver um programa que lida com transmissões de dados privados, estas são umas das várias preocupações de qualquer programador e devem ser bem pensadas e resolvidas. Neste documento iremos analisar uma solução possível para um dos mais importantes componentes de qualquer plataforma, o logging/auditoria e respectivo controlo de acesso, que apresenta uma tecnologia que ainda não se encontra muito presente fora da sua principal área de aplicação. O objetivo é que se dê a entender que é possível usar como base uma tecnologia que foi criada para um propósito específico e aplicá-la em cenários totalmente diferentes. A plataforma que será usada como base para aplicar estas ideias e conceitos será uma aplicação cujo propósito é prestar auxílio aos seus utilizadores e permitir a comunicação rápida e direta entre estes e os seus respetivos cuidadores e que também lidará com registos de saúde electrónicos.Mestrado em Engenharia de Computadores e Telemátic

Modeling and Preserving Greek Government Decisions using Semantic Web Technologies and Permissionless Blockchains

Σε αυτή τη διπλωματική εργασία παρουσιάζουμε έναν ανασχεδιασμό της Διαύγειας, του ελληνικού κυβερνητικού προγράμματος για ανοικτή και διαφανή δημόσια διακυβέρνηση. Μελετάμε τον τρόπο με τον οποίο οι αποφάσεις των δημόσιων φορέων μπορούν να μοντελοποιηθούν χρησιμοποιώντας OWL οντολογίες και εξετάζουμε τον τρόπο με τον οποίο μπορούν να τεθούν SPARQL ερωτήματα πάνω σε αυτές. Με τη χρήση του bitcoin blockchain, αναγκάζουμε τις κυβερνητικές αποφάσεις να παραμείνουν αμετάβλητες. Παρέχουμε μια υλοποίηση ανοικτού λογισμικού, με ονομασία DiavgeiaRedefined, η οποία επιτρέπει τη δημιουργία και την οπτικοποίηση των αποφάσεων σε περιηγητή διαδικτύου, προσφέρει ένα SPARQL τερματικό για τη δημιουργία ερωτημάτων και παρέχει στους πολίτες ένα αυτοματοποιημένο λογισμικό επαλήθευσης ορθότητας των αποφάσεων, ανιχνεύοντας πιθανές ατιμίες ενός κακόβουλου χρήστη. Τέλος, παραθέτουμε πειραματικά αποτέλεσματα, καταλήγοντας ότι οι μηχανισμοί που χρησιμοποιούμε είναι αποτελεσματικοί.We present a re-engineering of Diavgeia, the Greek government portal for open and transparent public administration. We study how decisions of Greek government institutions can be modeled using ontologies expressed in OWL and queried using SPARQL. We also discuss how to use the bitcoin blockchain, to enable government decisions to remain immutable. We provide an open source implementation, called DiavgeiaRedefined, that generates and visualizes the decisions inside a web browser, offers a SPARQL endpoint for retrieving and querying these decisions and provides citizens an automated tool for verifying correctness and detecting possible foul play by an adversary. We conclude with experimental results illustrating that our scheme is efficient and feasible