1,842 research outputs found
Semantic Enforcement of Privacy Protection Policies via the Combination of Ontologies and Rules
We propose that the semantic formal model for P3P and EPAL-based privacy protection policies can be enforced and expressed as a variety of ontologies and rules (ontolo-gies+rules) combinations, such as DLP, SWRL, AL-log, DL-log, DL+log, and MKNF, etc. Based on P3P and EPALâ
Semantic-based policy engineering for autonomic systems
This paper presents some important directions in the use of ontology-based semantics in achieving the vision of Autonomic Communications. We examine the requirements of Autonomic Communication with a focus on the demanding needs of ubiquitous computing environments, with an emphasis on the requirements shared with Autonomic Computing. We observe that ontologies provide a strong mechanism for addressing the heterogeneity in user task requirements, managed resources, services and context. We then present two complimentary approaches that exploit ontology-based knowledge in support of autonomic communications: service-oriented models for policy engineering and dynamic semantic queries using content-based networks. The paper concludes with a discussion of the major research challenges such approaches raise
Understanding Web 3.0 - the Semantic Web : how the evolution to a third generation of the Web will impact upon the Internet and media environment within a global and South African context
Includes bibliographical references (leaves 158-174).This thesis examines the potential evolution of the current version of the Internet, popularly referred to as Web 2.0, to a third generation of the Web, referred to as the Semantic Web or Web 3.0. The paper provides an overview of the change in architecture and structure that the current version of the Web will need to undergo in the form of a standardised ontology development in order for the Web to evolve. The evolution to a third generation of the Web will ultimately improve the overall user experience both within a global and South African online context, through the innovation and development of Semantic Web technologies and capabilities. The thesis also discusses the role of the political economy of media and how this concept needs to be refreshed in terms of dealing with the advent of 'new' or digital media which are characterised by the Internet. The role of traditional media is also discussed and how, due to the advent of the Internet, there has been a movement away from a model of traditional centralised media to one of a more decentralised model. The challenges of intellectual property rights and copyright are analysed in terms of online users developing their own content online in the form of user generated content and how, through the evolution to a Web 3.0 version of the Internet, these challenges can be potentially solved through the use of Semantic Web innovation and technologies. One of the major challenges which Web 2.0 currently faces is that of privacy infringement, but through the adoption of Semantic Web technology these challenges which currently affect all users on the Web can potentially be solved. Finally, the paper looks at the way that South African online users interact with the Internet and how the potential evolution to a third generation of the Web could potentially impact their user behaviour online
The POLIPO Security Framework
Systems of systems are dynamic coalitions of distributed, autonomous and heterogeneous systems that collaborate to achieve a common goal. While offering several advantages in terms of scalability and flexibility, the systems of systems paradigm has a significant impact on systems interoperability and on the security requirements of the collaborating systems. In this chapter we introduce POLIPO, a security framework that protects the information exchanged among the systems in a system of systems, while preserving systemsâ autonomy and interoperability. Information is protected from unauthorized access and improper modification by combining context-aware access control with trust management. Autonomy and interoperability are enabled by the use of ontology-based services. More precisely, each authority may refer to different ontologies to define the semantics of the terms used in the security policy of the system it governs and to describe domain knowledge and context information. A semantic alignment technique is then employed to map concepts from different ontologies and align the systemsâ vocabularies. We demonstrate the applicability of our solution with a prototype implementation of the framework for a scenario in the maritime safety and security domain
Features for Killer Apps from a Semantic Web Perspective
There are certain features that that distinguish killer apps from other ordinary applications. This chapter examines those features in the context of the semantic web, in the hope that a better understanding of the characteristics of killer apps might encourage their consideration when developing semantic web applications. Killer apps are highly tranformative technologies that create new e-commerce venues and widespread patterns of behaviour. Information technology, generally, and the Web, in particular, have benefited from killer apps to create new networks of users and increase its value. The semantic web community on the other hand is still awaiting a killer app that proves the superiority of its technologies. The authors hope that this chapter will help to highlight some of the common ingredients of killer apps in e-commerce, and discuss how such applications might emerge in the semantic web
Ontology-based Access Control in Open Scenarios: Applications to Social Networks and the Cloud
La integraciĂł d'Internet a la societat actual ha fet possible compartir fĂ cilment grans quantitats d'informaciĂł electrĂČnica i recursos informĂ tics (que inclouen maquinari, serveis informĂ tics, etc.) en entorns distribuĂŻts oberts. Aquests entorns serveixen de plataforma comuna per a usuaris heterogenis (per exemple, empreses, individus, etc.) on es proporciona allotjament d'aplicacions i sistemes d'usuari personalitzades; i on s'ofereix un accĂ©s als recursos compartits des de qualsevol lloc i amb menys esforços administratius. El resultat Ă©s un entorn que permet a individus i empreses augmentar significativament la seva productivitat.
Com ja s'ha dit, l'intercanvi de recursos en entorns oberts proporciona importants avantatges per als diferents usuaris, perĂČ, tambĂ© augmenta significativament les amenaces a la seva privacitat. Les dades electrĂČniques compartides poden ser explotades per tercers (per exemple, entitats conegudes com "Data Brokers"). MĂ©s concretament, aquestes organitzacions poden agregar la informaciĂł compartida i inferir certes caracterĂstiques personals sensibles dels usuaris, la qual cosa pot afectar la seva privacitat.
Una manera de del.liar aquest problema consisteix a controlar l'accés dels usuaris als recursos potencialment sensibles. En concret, la gestió de control d'accés regula l'accés als recursos compartits d'acord amb les credencials dels usuaris, el tipus de recurs i les preferÚncies de privacitat dels propietaris dels recursos/dades.
La gestiĂł eficient de control d'accĂ©s Ă©s crucial en entorns grans i dinĂ mics. D'altra banda, per tal de proposar una soluciĂł viable i escalable, cal eliminar la gestiĂł manual de regles i restriccions (en la qual, la majoria de les solucions disponibles depenen), atĂšs que aquesta constitueix una pesada cĂ rrega per a usuaris i administradors . Finalment, la gestiĂł del control d'accĂ©s ha de ser intuĂŻtiu per als usuaris finals, que en general no tenen grans coneixements tĂšcnics.La integraciĂłn de Internet en la sociedad actual ha hecho posible compartir fĂĄcilmente grandes cantidades de informaciĂłn electrĂłnica y recursos informĂĄticos (que incluyen hardware, servicios informĂĄticos, etc.) en entornos distribuidos abiertos. Estos entornos sirven de plataforma comĂșn para usuarios heterogĂ©neos (por ejemplo, empresas, individuos, etc.) donde se proporciona alojamiento de aplicaciones y sistemas de usuario personalizadas; y donde se ofrece un acceso ubicuo y con menos esfuerzos administrativos a los recursos compartidos. El resultado es un entorno que permite a individuos y empresas aumentar significativamente su productividad.
Como ya se ha dicho, el intercambio de recursos en entornos abiertos proporciona importantes ventajas para los distintos usuarios, no obstante, tambiĂ©n aumenta significativamente las amenazas a su privacidad. Los datos electrĂłnicos compartidos pueden ser explotados por terceros (por ejemplo, entidades conocidas como âData Brokersâ). MĂĄs concretamente, estas organizaciones pueden agregar la informaciĂłn compartida e inferir ciertas caracterĂsticas personales sensibles de los usuarios, lo cual puede afectar a su privacidad.
Una manera de paliar este problema consiste en controlar el acceso de los usuarios a los recursos potencialmente sensibles. En concreto, la gestiĂłn de control de acceso regula el acceso a los recursos compartidos de acuerdo con las credenciales de los usuarios, el tipo de recurso y las preferencias de privacidad de los propietarios de los recursos/datos.
La gestiĂłn eficiente de control de acceso es crucial en entornos grandes y dinĂĄmicos. Por otra parte, con el fin de proponer una soluciĂłn viable y escalable, es necesario eliminar la gestiĂłn manual de reglas y restricciones (en la cual, la mayorĂa de las soluciones disponibles dependen), dado que Ă©sta constituye una pesada carga para usuarios y administradores. Por Ășltimo, la gestiĂłn del control de acceso debe ser intuitivo para los usuarios finales, que por lo general carecen de grandes conocimientos tĂ©cnicos.Thanks to the advent of the Internet, it is now possible to easily share vast amounts of electronic information and computer resources (which include hardware, computer services, etc.) in open distributed environments. These environments serve as a common platform for heterogeneous users (e.g., corporate, individuals etc.) by hosting customized user applications and systems, providing ubiquitous access to the shared resources and requiring less administrative efforts; as a result, they enable users and companies to increase their productivity.
Unfortunately, sharing of resources in open environments has significantly increased the privacy threats to the users. Indeed, shared electronic data may be exploited by third parties, such as Data Brokers, which may aggregate, infer and redistribute (sensitive) personal features, thus potentially impairing the privacy of the individuals.
A way to palliate this problem consists on controlling the access of users over the potentially sensitive resources. Specifically, access control management regulates the access to the shared resources according to the credentials of the users, the type of resource and the privacy preferences of the resource/data owners.
The efficient management of access control is crucial in large and dynamic environments such as the ones described above. Moreover, in order to propose a feasible and scalable solution, we need to get rid of manual management of rules/constraints (in which most available solutions rely) that constitutes a serious burden for the users and the administrators. Finally, access control management should be intuitive for the end users, who usually lack technical expertise, and they may find access control mechanism more difficult to understand and rigid to apply due to its complex configuration settings
An Approach for Managing Access to Personal Information Using Ontology-Based Chains
The importance of electronic healthcare has caused numerous
changes in both substantive and procedural aspects of healthcare
processes. These changes have produced new challenges to patient
privacy and information secrecy. Traditional privacy policies cannot
respond to rapidly increased privacy needs of patients in electronic
healthcare. Technically enforceable privacy policies are needed in
order to protect patient privacy in modern healthcare with its cross
organisational information sharing and decision making.
This thesis proposes a personal information flow model that specifies
a limited number of acts on this type of information. Ontology
classified Chains of these acts can be used instead of the
"intended/business purposes" used in privacy access control to
seamlessly imbuing current healthcare applications and their
supporting infrastructure with security and privacy functionality. In
this thesis, we first introduce an integrated basic architecture, design
principles, and implementation techniques for privacy-preserving
data mining systems. We then discuss the key methods of privacypreserving
data mining systems which include four main methods:
Role based access control (RBAC), Hippocratic database, Chain
method and eXtensible Access Control Markup Language (XACML).
We found out that the traditional methods suffer from two main
problems: complexity of privacy policy design and the lack of context
flexibility that is needed while working in critical situations such as the
one we find in hospitals. We present and compare strategies for
realising these methods. Theoretical analysis and experimental
evaluation show that our new method can generate accurate data
mining models and safe data access management while protecting
the privacy of the data being mined. The experiments followed
comparative kind of experiments, to show the ease of the design first
and then follow real scenarios to show the context flexibility in saving
personal information privacy of our investigated method
- âŠ