Presentation at the Heterogeneous Recommendation Workshop at the ACM Recommender Systems Conference 2010.
Providing relevant recommendations requires access to user profile data. Current social networking ecosystems allow third party services to request user authorisation for accessing profile data, thus enabling cross-domain recommendation. However these ecosystems create user lock-in and social networking data silos, as the profile data is neither portable nor interoperable. We argue that innovations in reconciling heterogeneous data sources must be also be matched by innovations in architecture design and recommender methodology. We present and qualitatively evaluate an architecture for privacy-enabled user profile portability, which is based on technologies from the emerging Web of Data (FOAF, WebIDs and the Web Access Control vocabulary). The proposed architecture enables the creation of a universal “private by default” ecosystem with interoperability of user profile data. The privacy of the user is protected by allowing multiple data providers to host their part of the user profile. This provides an incentive for more users to make profile data from different domains available for recommendations.
Powerful Google developer tools for immediate impact! (2023-24 C)
An architecture for privacy-enabled user profile portability on the Web of Data
1. Digital Enterprise Research Institute www.deri.ie
An architecture for privacy-enabled user profile
portability on the Web of Data
Benjamin Heitmann, James G. Kim,
Alexandre Passant, Conor Hayes, Hong-Gee Kim
Funded by Science Foundation Ireland under
Grant No. SFI/08/CE/I1380 (Líon-2)
Copyright 2009 Digital Enterprise Research Institute. All rights reserved.
Chapter
2. Motivation
Digital Enterprise Research Institute www.deri.ie
Rec. Systems can
benefit from external
data sources:
e.g. for cold-start
problem
?
New paradigm shifts
require external data:
beyond single site
context
data
recommendations
beyond single domain
sharing
Challenge: sharing of
profile data
Maintain privacy of
user (“public by
default” is not enough)
Benjamin.Heitmann
slide 2 of 11
@deri.org
3. Outline
Digital Enterprise Research Institute www.deri.ie
The challenge: portable and private user profiles
Background: Introducing Linked Data
An architecture to enable portable and private
user profiles
Foundation standards
Roles
Communication pattern
Qualitative evaluation
Related work
Benjamin.Heitmann
slide 3 of 11
@deri.org
4. The challenge:
portable and private user profiles
Digital Enterprise Research Institute www.deri.ie
Current eco-systems:
hub site: centralised
express user profile storage
preference
authentication e.g. Facebook, Twitter
for user action users profiles: secure
and private, but no
web site
interaction portability.
third party services: can
cross domain
data sharing access user profile if
if authorised authorised, e.g.
by user TweetMeme or Flickr
closed system
Users are locked into an
ecosystem, no portability
Challenge: open
recommendations for alternative with portability
external site provided by and privacy!
facebook
(at the same time)
Benjamin.Heitmann
slide 4 of 11
@deri.org
5. Background:
The Web of Data and Linked Data
Digital Enterprise Research Institute www.deri.ie
the Web of Data provides:
structured data, collaboratively
created, about object centred
sociality
domain knowledge through
ontologies (e.g. DBpedia ontology)
cross-domain links between
sources
Linked Data principles:
1. use URIs “for everything”
2. allow HTTP access to all URIs
3. when accessing a URI, provide
relevant data in RDF
4. include links to URIs from third Linking Open Data (LOD) cloud,
as of October 2010
parties (background knowledge)
Benjamin.Heitmann
slide 5 of 11
@deri.org
6. Foundation standards
Digital Enterprise Research Institute www.deri.ie
no logo
WebIDs: WebAccess FOAF profiles:
user Control (WAC) domain
authentication vocabulary: independent user
without passwords profiles
resource access
publish public key authorisation described using
in FOAF profile the Friend-of-a-
defines whitelist
store private key in Friend (FOAF)
for a resource
browser vocabulary
access by third
decentralised parties can contain any
authentication structured data,
can be used for
schema e.g. activity streams
“private by default”
mode
Benjamin.Heitmann
slide 6 of 11
@deri.org
7. Alternative: architecture for private and
portable user profiles
Digital Enterprise Research Institute www.deri.ie
User profile:
Profile data expressed WebID
using RDF (FOAF+SIOC)
WebID provides identity
private key public key
(2 parts)
– private SSL Key in user
agent
– public SSL Key in FOAF user agent
FOAF Profile
profile
Roles: stored
user agents: manage user in
identities
profile storage service:
retrieves user profile
stores 1 or many profiles if user authorises it profile storage site
data consumer
data consumers: provide
services for users
Benjamin.Heitmann
slide 7 of 11
@deri.org
8. Communication pattern of the proposed
architecture
Digital Enterprise Research Institute www.deri.ie
WebID
private key public key
Storage URI
user agent
FOAF Profile
stored
in
profile storage site
Benjamin.Heitmann
slide 8 of 11
@deri.org
9. Communication pattern of the proposed
architecture
Digital Enterprise Research Institute www.deri.ie
Scenario: recommend patients
with similar treatments WebID
Assumption: user is logged into
Openbook
private key public key
Storage URI
user agent
FOAF Profile
stored
in
profile storage site
Benjamin.Heitmann
slide 8 of 11
@deri.org
10. Communication pattern of the proposed
architecture
Digital Enterprise Research Institute www.deri.ie
Scenario: recommend patients
with similar treatments WebID
Assumption: user is logged into
Openbook
private key public key
1. User searches for PatiensLikeMe Storage URI
user agent
FOAF Profile
Any patients stored
like me? in
profile storage site
data consumer
Benjamin.Heitmann
slide 8 of 11
@deri.org
11. Communication pattern of the proposed
architecture
Digital Enterprise Research Institute www.deri.ie
Scenario: recommend patients
with similar treatments WebID
Assumption: user is logged into
Openbook
private key public key
1. User searches for PatiensLikeMe Storage URI
2. PatientsLikeMe (PLM) gets
profile storage URI via Firefox
user agent
FOAF Profile
Firefox stored
provides in
storage URI
profile storage site
data consumer
Benjamin.Heitmann
slide 8 of 11
@deri.org
12. Communication pattern of the proposed
architecture
Digital Enterprise Research Institute www.deri.ie
Scenario: recommend patients
with similar treatments WebID
Assumption: user is logged into
Openbook
private key public key
1. User searches for PatiensLikeMe Storage URI
2. PatientsLikeMe (PLM) gets
profile storage URI via Firefox
user agent
3. PLM redirects Firefox to FOAF Profile
Openbook for authorisation
redirect to stored
openbook in
for authorisation
profile storage site
data consumer
Benjamin.Heitmann
slide 8 of 11
@deri.org
13. Communication pattern of the proposed
architecture
Digital Enterprise Research Institute www.deri.ie
Scenario: recommend patients
with similar treatments WebID
Assumption: user is logged into
Openbook
private key public key
1. User searches for PatiensLikeMe Storage URI
2. PatientsLikeMe (PLM) gets
profile storage URI via Firefox
user agent
3. PLM redirects Firefox to FOAF Profile
Openbook for authorisation User authorises stored
4. User authorises Openbook to Openbook to in
show parts of
show some profile parts to PLM profile to PLM
(new WAC entry gets created)
profile storage site
data consumer
Benjamin.Heitmann
slide 8 of 11
@deri.org
14. Communication pattern of the proposed
architecture
Digital Enterprise Research Institute www.deri.ie
Scenario: recommend patients
with similar treatments WebID
Assumption: user is logged into
Openbook
private key public key
1. User searches for PatiensLikeMe Storage URI
2. PatientsLikeMe (PLM) gets
profile storage URI via Firefox
user agent
3. PLM redirects Firefox to FOAF Profile
Openbook for authorisation
stored
4. User authorises Openbook to in
show some profile parts to PLM
(new WAC entry gets created)
5.Openbook redirects to PLM
redirect back to profile storage site
PatientsLikeMe
data consumer
Benjamin.Heitmann
slide 8 of 11
@deri.org
15. Communication pattern of the proposed
architecture
Digital Enterprise Research Institute www.deri.ie
Scenario: recommend patients
with similar treatments WebID
Assumption: user is logged into
Openbook
private key public key
1. User searches for PatiensLikeMe Storage URI
2. PatientsLikeMe (PLM) gets
profile storage URI via Firefox
user agent
3. PLM redirects Firefox to FOAF Profile
Openbook for authorisation
stored
4. User authorises Openbook to in
show some profile parts to PLM PatientsLikeMe retrieves profile
(new WAC entry gets created) parts now
5.Openbook redirects to PLM
profile storage site
6.Now PLM accesses parts of
profile data on openbook data consumer
Benjamin.Heitmann
slide 8 of 11
@deri.org
16. Qualitative evaluation
Digital Enterprise Research Institute www.deri.ie
Based on evaluation framework for privacy enhanced
technologies by Wang+Kobsa [20,15]
Protection of identity:
user can create and choose identities without constraints
allows pseudonymity, unobservability, deniability, anonymity
alternatively identities can be assigned by organisations
Control over user data:
profile data can be optionally self-hosted
open standards allow portability, no lock-in to any ecosystem
Non-functional requirements:
Universality: one universal, standards based eco-system
Scalability: no bottlenecks or central points of failure
Reuse of infrastructure: standards from WWW and Web of Data
are reused
Benjamin.Heitmann
slide 9 of 11
@deri.org
17. Related work (“the competition”)
Digital Enterprise Research Institute www.deri.ie
no logo
OpenID: OAuth: OpenID attribute
user authentication resource access exchange:
without passwords authorisation protocol for
1 billion accounts, 9 defines protocol for exchanging profile
million sites 3rd parties to access data
requires user resources very limited
interaction manages access via vocabulary
not scalable, due to tokens inflexible and hard to
number of HTTP high HTTP extend
connections required connection overhead has not reached
fragmentation industry adoption
(Twitter vs Facebook)
Benjamin.Heitmann
slide 10 of 11
@deri.org
18. Summary
Digital Enterprise Research Institute www.deri.ie
coming paradigm shifts towards
social eco-systems:
recommendations in a multi-site and cross-domain context
current eco-systems are built around centralised
and closed hub sites
alternative: eco-systems centred around secure
and portable user profiles (“private by default”)
foundation: WebIDs and FOAF profiles
provides incentives for users to share their profile data
can enable a universal, decentralised social eco-system
Future work: implement and evaluate prototype
with all parties in a cross-domain setting
Benjamin.Heitmann
slide 11 of 11
@deri.org