SlideShare ist ein Scribd-Unternehmen logo

Privon'2014 - How To Publish Privately

Nuno Bettencourt
Nuno Bettencourt
1 von 31
Downloaden Sie, um offline zu lesen
How to Publish Privately October 20, 2014 @ Riva Del Garda, Italy Presented at Privacy Online Workshop (PrivOn’2014) Collocated with the 13th International Semantic Web Conference (ISWC’2014) GECAD – Knowledge Engineering and Decision Support Research Group (Polytechnic Institute of Porto – Portugal) http://www.gecad.isep.ipp.pt Nuno Bettencourt http://paginas.isep.ipp.pt/nmb nmb@isep.ipp.pt
Outline • Background and Overview • Objectives • Proposal • Test bed • Related Work • Conclusions • Future Work October 20, 2014 @ Riva Del Garda, Italy 1
Outline • Background and Overview • Objectives • Proposal • Test bed • Related Work • Conclusions • Future Work October 20, 2014 @ Riva Del Garda, Italy 2
Background & Overview (i) • Web domains • Social Networks • User Identities • Accountability • Architecture Overview October 20, 2014 @ Riva Del Garda, Italy 3
upload Background & Overview (ii) watch write/read WebID Authentication and Authorisation download FOAF Profile: http://foafserver.com/profiles/johndoe.rdf#me like October 20, 2014 @ Riva Del Garda, Italy 4
Background & Overview (iii) Access to Resource Decision Web Server Get Resource Get Resource’s Author Data Administration Application Server rules Information resources Enforcement Get Access Policies Access Policies Get extra Data Get Resources (WebId) Get User’s Social Network (WebId) Manage Access Control Policies Ask for Access HTTP Client photo.png ownerOf Resource Author October 20, 2014 @ Riva Del Garda, Italy 5
Background & Overview (iii) Access to Resource Decision Web Server Get Resource Get Resource’s Author Data Administration Application Server rules Information resources Enforcement Get Access Policies Access Policies Get extra Data Get Resources (WebId) Get User’s Social Network (WebId) Manage Access Control Policies Ask for Access HTTP Client photo.png ownerOf Resource Author October 20, 2014 @ Riva Del Garda, Italy 5
Background & Overview (iii) Access to Resource Decision Web Server Get Resource Get Resource’s Author Data Administration Application Server rules Information resources Enforcement Get Access Policies Access Policies Get extra Data Get Resources (WebId) Get User’s Social Network (WebId) Manage Access Control Policies Ask for Access HTTP Client photo.png ownerOf Resource Author October 20, 2014 @ Riva Del Garda, Italy 5
Background & Overview (iii) Access to Resource Decision Web Server Get Resource Get Resource’s Author Data Administration Application Server rules Information resources Enforcement Get Access Policies Access Policies Get extra Data Get Resources (WebId) Get User’s Social Network (WebId) Manage Access Control Policies Ask for Access HTTP Client photo.png ownerOf Resource Author October 20, 2014 @ Riva Del Garda, Italy 5
Background & Overview (iii) Access to Resource Decision Web Server Get Resource Get Resource’s Author Data Administration Application Server rules Information resources Enforcement Get Access Policies Access Policies Get extra Data Get Resources (WebId) Get User’s Social Network (WebId) Manage Access Control Policies Ask for Access HTTP Client photo.png ownerOf Resource Author October 20, 2014 @ Riva Del Garda, Italy 5
Background & Overview (iii) Access to Resource Decision Web Server Get Resource Get Resource’s Author Data Administration Application Server rules Information resources Enforcement Get Access Policies Access Policies Get extra Data Get Resources (WebId) Get User’s Social Network (WebId) Manage Access Control Policies Ask for Access HTTP Client photo.png ownerOf Resource Author October 20, 2014 @ Riva Del Garda, Italy 5
Background & Overview (iii) Access to Resource Decision Web Server Get Resource Get Resource’s Author Data Administration Application Server rules Information resources Enforcement Get Access Policies Access Policies Get extra Data Get Resources (WebId) Get User’s Social Network (WebId) Manage Access Control Policies Ask for Access HTTP Client photo.png ownerOf Resource Author October 20, 2014 @ Riva Del Garda, Italy 5
Background & Overview (iii) Application Server Enforcement HTTP Client photo.png ownerOf October 20, 2014 @ Riva Del Garda, Italy 5 Access to Resource Decision Web Server Get Resource Get Resource’s Author Data Administration rules Information resources Get Access Policies Access Policies Get extra Data Get Resources (WebId) Get User’s Social Network (WebId) Manage Access Control Policies Ask for Access Resource Author
Outline • Background and Overview • Objectives • Proposal • Test bed • Related Work • Conclusions • Future Work October 20, 2014 @ Riva Del Garda, Italy 6
Objectives (i) • Store a resource in a single place • Share a resource for multiple web domains • Definition of access policies in a single place • A single access policy management system not only for public resources • Corollary – User unique identity – A hyperlinked Web again… October 20, 2014 @ Riva Del Garda, Italy 7
Objectives (ii) • Based on – FOAF Profiles – WebID Authentication + Authorization – Provenance Ontologies – Semantic Rules • Triggers – User’s uploading of resources – User’s sharing of resources – …. October 20, 2014 @ Riva Del Garda, Italy 8
Outline • Background and Overview • Objectives • Proposal • Test bed • Related Work • Conclusions • Future Work October 20, 2014 @ Riva Del Garda, Italy 9
Proposal Access to Resource Decision Web Server Get Resource Get Resource’s Author Data Administration Application Server rules Information resources Enforcement Get Access Policies Access Policies Get extra Data Get Resources (WebId) Get User’s Social Network (WebId) Manage Access Control Policies Ask for Access HTTP Client photo.png ownerOf Resource Author October 20, 2014 @ Riva Del Garda, Italy 10
Distributed Resource Broker Web Server PEP Upload Sensor Authentication Module Authorisation Module Distributed Resource Broker Web Application 1 Web Application 2 Web <uses> <uses> Application n <uses> October 20, 2014 @ Riva Del Garda, Italy 11
Upload Workflow Applicational Web Server PEP Web Application PIP Photo Hosting Server Photo Web Application ownerOf photo.png PEP photo.png FOAF Profiles 3. Upload Server URI 4. Resource Upload 2. Retrieve Resource Upload Domain 5. Resource URI User 6. Link to Resource URI Distributed Resource Broker 1. Resource Upload Resource October 20, 2014 @ Riva Del Garda, Italy 12
User_A User_B User_C raw provenance info Web Server 1 Resource_A Policy Enforcement Point .... Preferred Upload Server Upload Server Web Server 1 Web Server 2 Web Server 3 .... FOAF + SSL uploads Resource_A isFriendOf isFriendOf Resource Repository Authentication & Authorisation Module has read access to Resource A Preferred Upload Server Resource_A User_A uploads Resource_B uploads Resource_A1 Web Server n Distributed Resource Broker action friendship level Publishing WebServer Policy Information Point Provenance Generator structured provenance info message exchange graphed information Publisher Web Application 1 Publishing Server Legend Publishing Agent Metadata Genarator isOwnerOf October 20, 2014 @ Riva Del Garda, Italy 13
Outline • Background and Overview • Objectives • Proposal • Test bed • Related Work • Conclusions • Future Work October 20, 2014 @ Riva Del Garda, Italy 14
Management System foafserver.* • WebID Authentication • Authorisation • Identity Provider • Resource Hosting • Social Relationships • Access Policy Management Test bed (i) Wordpress Instance A wordpress.foafserver.* Wordpress Instance B test.foafserver.* • WebID Authentication +Authorisation • Distributed Resource Broker isFriendOf isFriendOf • WebID Authentication • Authorisation • Distributed Resource Broker User A User B User C October 20, 2014 @ Riva Del Garda, Italy 15
Test bed (ii) • http://foafserver.dei.isep.ipp.pt • http://wordpress.foafserver.dei.isep.ipp.pt/ • http://test.foafserver.dei.isep.ipp.pt/ October 20, 2014 @ Riva Del Garda, Italy 16
Outline • Background and Overview • Objectives • Proposal • Test bed • Related Work • Conclusions • Future Work October 20, 2014 @ Riva Del Garda, Italy 17
Related Work • Priv.ly – Client side approach • Client Browser dependent – Slow adoption • Depends solely on users – Focus only on text data • Presented Approach – Server side approach • Apache web server dependent – Quick adoption • Depends on web domain owners – Focus on indivisible resources October 20, 2014 @ Riva Del Garda, Italy 18
Outline • Background and Overview • Objectives • Proposal • Test bed • Related Work • Conclusions • Future Work October 20, 2014 @ Riva Del Garda, Italy 19
Conclusions • Publish resources privately – Cross-domain perspective – Manage access policies independently of each web domain • Resources can be located anywhere • Different renderings of the same web page, according to each user access permissions • Keeps every resource trustworthy October 20, 2014 @ Riva Del Garda, Italy 20
Outline • Background and Overview • Objectives • Proposal • Test bed • Related Work • Conclusions • Future Work October 20, 2014 @ Riva Del Garda, Italy 21
Future Work • Address parts of resources • Public-key encryption per resource, per identity • Blacklisting resources or certain user resources October 20, 2014 @ Riva Del Garda, Italy 22
? GECAD – Knowledge Engineering and Decision Support Research Group (Polytechnic Institute of Porto – Portugal) http://www.gecad.isep.ipp.pt Nuno Bettencourt http://paginas.isep.ipp.pt/nmb nmb@isep.ipp.pt

Empfohlen

Job Search in Tough Economy
Job Search in Tough EconomyJob Search in Tough Economy
Job Search in Tough EconomyJason Cascone
 
Docker Casual Talk #2 - Dockerizing newrelic-sysmond
Docker Casual Talk #2 - Dockerizing newrelic-sysmondDocker Casual Talk #2 - Dockerizing newrelic-sysmond
Docker Casual Talk #2 - Dockerizing newrelic-sysmondDaegwon Kim
 
Introductie e-neo
Introductie e-neoIntroductie e-neo
Introductie e-neoRichard Kreeft
 
Green Careers... What are they?
Green Careers... What are they?Green Careers... What are they?
Green Careers... What are they?Jason Cascone
 
Translation memory
Translation memoryTranslation memory
Translation memoryDaegwon Kim
 
Javascript Ks
Javascript KsJavascript Ks
Javascript Ksssetem
 
Design pattern chapter_3_template_pattern
Design pattern chapter_3_template_patternDesign pattern chapter_3_template_pattern
Design pattern chapter_3_template_patternDaegwon Kim
 
Movie explorer - Moplo! Introduction
Movie explorer - Moplo! IntroductionMovie explorer - Moplo! Introduction
Movie explorer - Moplo! IntroductionDaegwon Kim
 

Empfohlen

Job Search in Tough Economy
Job Search in Tough EconomyJob Search in Tough Economy
Job Search in Tough EconomyJason Cascone
 
Docker Casual Talk #2 - Dockerizing newrelic-sysmond
Docker Casual Talk #2 - Dockerizing newrelic-sysmondDocker Casual Talk #2 - Dockerizing newrelic-sysmond
Docker Casual Talk #2 - Dockerizing newrelic-sysmondDaegwon Kim
 
Introductie e-neo
Introductie e-neoIntroductie e-neo
Introductie e-neoRichard Kreeft
 
Green Careers... What are they?
Green Careers... What are they?Green Careers... What are they?
Green Careers... What are they?Jason Cascone
 
Translation memory
Translation memoryTranslation memory
Translation memoryDaegwon Kim
 
Javascript Ks
Javascript KsJavascript Ks
Javascript Ksssetem
 
Design pattern chapter_3_template_pattern
Design pattern chapter_3_template_patternDesign pattern chapter_3_template_pattern
Design pattern chapter_3_template_patternDaegwon Kim
 
Movie explorer - Moplo! Introduction
Movie explorer - Moplo! IntroductionMovie explorer - Moplo! Introduction
Movie explorer - Moplo! IntroductionDaegwon Kim
 
Ruby codemetric automation server - Putne Introduction
Ruby codemetric automation server - Putne IntroductionRuby codemetric automation server - Putne Introduction
Ruby codemetric automation server - Putne IntroductionDaegwon Kim
 
Ruby Enumerator(루비 열거자) 이해하기
Ruby Enumerator(루비 열거자) 이해하기Ruby Enumerator(루비 열거자) 이해하기
Ruby Enumerator(루비 열거자) 이해하기Daegwon Kim
 
Visualization and data mapping
Visualization and data mappingVisualization and data mapping
Visualization and data mappingDaegwon Kim
 
Portlets
PortletsPortlets
Portletsssetem
 
Ruby for biginner - Don't be suprised
Ruby for biginner - Don't be suprisedRuby for biginner - Don't be suprised
Ruby for biginner - Don't be suprisedDaegwon Kim
 
Docker introduction
Docker introductionDocker introduction
Docker introductionDaegwon Kim
 
2015 07 31_yashin_project
2015 07 31_yashin_project2015 07 31_yashin_project
2015 07 31_yashin_projectDaegwon Kim
 
이미지 기반의 배포 패러다임 Immutable infrastructure
이미지 기반의 배포 패러다임 Immutable infrastructure이미지 기반의 배포 패러다임 Immutable infrastructure
이미지 기반의 배포 패러다임 Immutable infrastructureDaegwon Kim
 
Devfair kubernetes 101
Devfair kubernetes 101Devfair kubernetes 101
Devfair kubernetes 101Daegwon Kim
 
도커(Docker) 메트릭스 & 로그 수집
도커(Docker) 메트릭스 & 로그 수집도커(Docker) 메트릭스 & 로그 수집
도커(Docker) 메트릭스 & 로그 수집Daegwon Kim
 
Rioxx 2 repository fringe
Rioxx 2 repository fringeRioxx 2 repository fringe
Rioxx 2 repository fringePaul Walk
 
Kurento: a media server architecture and API for WebRTC
Kurento: a media server architecture and API for WebRTCKurento: a media server architecture and API for WebRTC
Kurento: a media server architecture and API for WebRTCLuis Lopez
 
Making your Repository or Open Access Journal OpenAIRE compatible with OA Hor...
Making your Repository or Open Access Journal OpenAIRE compatible with OA Hor...Making your Repository or Open Access Journal OpenAIRE compatible with OA Hor...
Making your Repository or Open Access Journal OpenAIRE compatible with OA Hor...OpenAIRE
 
Caching Patterns
Caching PatternsCaching Patterns
Caching Patternstomi vanek
 
2014 Ceph NYLUG Talk
2014 Ceph NYLUG Talk2014 Ceph NYLUG Talk
2014 Ceph NYLUG TalkPatrick McGarry
 
TriHUG October: Apache Ranger
TriHUG October: Apache RangerTriHUG October: Apache Ranger
TriHUG October: Apache Rangertrihug
 
Scholarly archive-of-the-future
Scholarly archive-of-the-futureScholarly archive-of-the-future
Scholarly archive-of-the-futureAndrew Treloar
 
PageSpeed and SPDY
PageSpeed and SPDYPageSpeed and SPDY
PageSpeed and SPDYBlake Crosby
 
The Avalon Media System: Implementation and Community
The Avalon Media System: Implementation and CommunityThe Avalon Media System: Implementation and Community
The Avalon Media System: Implementation and CommunityAvalon Media System
 
2010 CLARA Nijmegen - Data Seal of Approval tutorial
2010 CLARA Nijmegen - Data Seal of Approval tutorial2010 CLARA Nijmegen - Data Seal of Approval tutorial
2010 CLARA Nijmegen - Data Seal of Approval tutorialDirk Roorda
 
The workflows for the ingest of digital objects into a repository/digital l...
The workflows for the ingest of digital objects into a repository/digital l...The workflows for the ingest of digital objects into a repository/digital l...
The workflows for the ingest of digital objects into a repository/digital l...Hong (Jenny) Jing
 
Southwickc lampert lodlam_training
Southwickc lampert lodlam_trainingSouthwickc lampert lodlam_training
Southwickc lampert lodlam_trainingssouthwick
 

Weitere ähnliche Inhalte

Andere mochten auch

Ruby codemetric automation server - Putne Introduction
Ruby codemetric automation server - Putne IntroductionRuby codemetric automation server - Putne Introduction
Ruby codemetric automation server - Putne IntroductionDaegwon Kim
 
Ruby Enumerator(루비 열거자) 이해하기
Ruby Enumerator(루비 열거자) 이해하기Ruby Enumerator(루비 열거자) 이해하기
Ruby Enumerator(루비 열거자) 이해하기Daegwon Kim
 
Visualization and data mapping
Visualization and data mappingVisualization and data mapping
Visualization and data mappingDaegwon Kim
 
Portlets
PortletsPortlets
Portletsssetem
 
Ruby for biginner - Don't be suprised
Ruby for biginner - Don't be suprisedRuby for biginner - Don't be suprised
Ruby for biginner - Don't be suprisedDaegwon Kim
 
Docker introduction
Docker introductionDocker introduction
Docker introductionDaegwon Kim
 
2015 07 31_yashin_project
2015 07 31_yashin_project2015 07 31_yashin_project
2015 07 31_yashin_projectDaegwon Kim
 
이미지 기반의 배포 패러다임 Immutable infrastructure
이미지 기반의 배포 패러다임 Immutable infrastructure이미지 기반의 배포 패러다임 Immutable infrastructure
이미지 기반의 배포 패러다임 Immutable infrastructureDaegwon Kim
 
Devfair kubernetes 101
Devfair kubernetes 101Devfair kubernetes 101
Devfair kubernetes 101Daegwon Kim
 
도커(Docker) 메트릭스 & 로그 수집
도커(Docker) 메트릭스 & 로그 수집도커(Docker) 메트릭스 & 로그 수집
도커(Docker) 메트릭스 & 로그 수집Daegwon Kim
 

Andere mochten auch (10)

Ruby codemetric automation server - Putne Introduction
Ruby codemetric automation server - Putne IntroductionRuby codemetric automation server - Putne Introduction
Ruby codemetric automation server - Putne Introduction
 
Ruby Enumerator(루비 열거자) 이해하기
Ruby Enumerator(루비 열거자) 이해하기Ruby Enumerator(루비 열거자) 이해하기
Ruby Enumerator(루비 열거자) 이해하기
 
Visualization and data mapping
Visualization and data mappingVisualization and data mapping
Visualization and data mapping
 
Portlets
PortletsPortlets
Portlets
 
Ruby for biginner - Don't be suprised
Ruby for biginner - Don't be suprisedRuby for biginner - Don't be suprised
Ruby for biginner - Don't be suprised
 
Docker introduction
Docker introductionDocker introduction
Docker introduction
 
2015 07 31_yashin_project
2015 07 31_yashin_project2015 07 31_yashin_project
2015 07 31_yashin_project
 
이미지 기반의 배포 패러다임 Immutable infrastructure
이미지 기반의 배포 패러다임 Immutable infrastructure이미지 기반의 배포 패러다임 Immutable infrastructure
이미지 기반의 배포 패러다임 Immutable infrastructure
 
Devfair kubernetes 101
Devfair kubernetes 101Devfair kubernetes 101
Devfair kubernetes 101
 
도커(Docker) 메트릭스 & 로그 수집
도커(Docker) 메트릭스 & 로그 수집도커(Docker) 메트릭스 & 로그 수집
도커(Docker) 메트릭스 & 로그 수집
 

Ähnlich wie Privon'2014 - How To Publish Privately

Rioxx 2 repository fringe
Rioxx 2 repository fringeRioxx 2 repository fringe
Rioxx 2 repository fringePaul Walk
 
Kurento: a media server architecture and API for WebRTC
Kurento: a media server architecture and API for WebRTCKurento: a media server architecture and API for WebRTC
Kurento: a media server architecture and API for WebRTCLuis Lopez
 
Making your Repository or Open Access Journal OpenAIRE compatible with OA Hor...
Making your Repository or Open Access Journal OpenAIRE compatible with OA Hor...Making your Repository or Open Access Journal OpenAIRE compatible with OA Hor...
Making your Repository or Open Access Journal OpenAIRE compatible with OA Hor...OpenAIRE
 
Caching Patterns
Caching PatternsCaching Patterns
Caching Patternstomi vanek
 
TriHUG October: Apache Ranger
TriHUG October: Apache RangerTriHUG October: Apache Ranger
TriHUG October: Apache Rangertrihug
 
Scholarly archive-of-the-future
Scholarly archive-of-the-futureScholarly archive-of-the-future
Scholarly archive-of-the-futureAndrew Treloar
 
PageSpeed and SPDY
PageSpeed and SPDYPageSpeed and SPDY
PageSpeed and SPDYBlake Crosby
 
The Avalon Media System: Implementation and Community
The Avalon Media System: Implementation and CommunityThe Avalon Media System: Implementation and Community
The Avalon Media System: Implementation and CommunityAvalon Media System
 
2010 CLARA Nijmegen - Data Seal of Approval tutorial
2010 CLARA Nijmegen - Data Seal of Approval tutorial2010 CLARA Nijmegen - Data Seal of Approval tutorial
2010 CLARA Nijmegen - Data Seal of Approval tutorialDirk Roorda
 
The workflows for the ingest of digital objects into a repository/digital l...
The workflows for the ingest of digital objects into a repository/digital l...The workflows for the ingest of digital objects into a repository/digital l...
The workflows for the ingest of digital objects into a repository/digital l...Hong (Jenny) Jing
 
Southwickc lampert lodlam_training
Southwickc lampert lodlam_trainingSouthwickc lampert lodlam_training
Southwickc lampert lodlam_trainingssouthwick
 
Research Data Management at the University of Salford
Research Data Management at the University of SalfordResearch Data Management at the University of Salford
Research Data Management at the University of SalfordDavid Clay
 
Facebook & OAuth
Facebook & OAuthFacebook & OAuth
Facebook & OAuthDanny Deng
 
Developing rich multimedia applications with Kurento: a tutorial for Java Dev...
Developing rich multimedia applications with Kurento: a tutorial for Java Dev...Developing rich multimedia applications with Kurento: a tutorial for Java Dev...
Developing rich multimedia applications with Kurento: a tutorial for Java Dev...Luis Lopez
 
iRODS 4.0 and Beyond (DDN UK User Group Meeting, September 2014)
iRODS 4.0 and Beyond (DDN UK User Group Meeting, September 2014)iRODS 4.0 and Beyond (DDN UK User Group Meeting, September 2014)
iRODS 4.0 and Beyond (DDN UK User Group Meeting, September 2014)Daniel Bedard
 
Introduction to the COAR Notify project
Introduction to the COAR Notify projectIntroduction to the COAR Notify project
Introduction to the COAR Notify projectPaul Walk
 
Capture All the URLs: First Steps in Web Archiving
Capture All the URLs: First Steps in Web ArchivingCapture All the URLs: First Steps in Web Archiving
Capture All the URLs: First Steps in Web ArchivingKristen Yarmey
 
Linked Energy Data Generation
Linked Energy Data GenerationLinked Energy Data Generation
Linked Energy Data GenerationFilip Radulovic
 
NISO-STM RA21 Project Update
NISO-STM RA21 Project UpdateNISO-STM RA21 Project Update
NISO-STM RA21 Project UpdateTACNISO
 

Ähnlich wie Privon'2014 - How To Publish Privately (20)

Rioxx 2 repository fringe
Rioxx 2 repository fringeRioxx 2 repository fringe
Rioxx 2 repository fringe
 
Kurento: a media server architecture and API for WebRTC
Kurento: a media server architecture and API for WebRTCKurento: a media server architecture and API for WebRTC
Kurento: a media server architecture and API for WebRTC
 
Making your Repository or Open Access Journal OpenAIRE compatible with OA Hor...
Making your Repository or Open Access Journal OpenAIRE compatible with OA Hor...Making your Repository or Open Access Journal OpenAIRE compatible with OA Hor...
Making your Repository or Open Access Journal OpenAIRE compatible with OA Hor...
 
Caching Patterns
Caching PatternsCaching Patterns
Caching Patterns
 
2014 Ceph NYLUG Talk
2014 Ceph NYLUG Talk2014 Ceph NYLUG Talk
2014 Ceph NYLUG Talk
 
TriHUG October: Apache Ranger
TriHUG October: Apache RangerTriHUG October: Apache Ranger
TriHUG October: Apache Ranger
 
Scholarly archive-of-the-future
Scholarly archive-of-the-futureScholarly archive-of-the-future
Scholarly archive-of-the-future
 
PageSpeed and SPDY
PageSpeed and SPDYPageSpeed and SPDY
PageSpeed and SPDY
 
The Avalon Media System: Implementation and Community
The Avalon Media System: Implementation and CommunityThe Avalon Media System: Implementation and Community
The Avalon Media System: Implementation and Community
 
2010 CLARA Nijmegen - Data Seal of Approval tutorial
2010 CLARA Nijmegen - Data Seal of Approval tutorial2010 CLARA Nijmegen - Data Seal of Approval tutorial
2010 CLARA Nijmegen - Data Seal of Approval tutorial
 
The workflows for the ingest of digital objects into a repository/digital l...
The workflows for the ingest of digital objects into a repository/digital l...The workflows for the ingest of digital objects into a repository/digital l...
The workflows for the ingest of digital objects into a repository/digital l...
 
Southwickc lampert lodlam_training
Southwickc lampert lodlam_trainingSouthwickc lampert lodlam_training
Southwickc lampert lodlam_training
 
Research Data Management at the University of Salford
Research Data Management at the University of SalfordResearch Data Management at the University of Salford
Research Data Management at the University of Salford
 
Facebook & OAuth
Facebook & OAuthFacebook & OAuth
Facebook & OAuth
 
Developing rich multimedia applications with Kurento: a tutorial for Java Dev...
Developing rich multimedia applications with Kurento: a tutorial for Java Dev...Developing rich multimedia applications with Kurento: a tutorial for Java Dev...
Developing rich multimedia applications with Kurento: a tutorial for Java Dev...
 
iRODS 4.0 and Beyond (DDN UK User Group Meeting, September 2014)
iRODS 4.0 and Beyond (DDN UK User Group Meeting, September 2014)iRODS 4.0 and Beyond (DDN UK User Group Meeting, September 2014)
iRODS 4.0 and Beyond (DDN UK User Group Meeting, September 2014)
 
Introduction to the COAR Notify project
Introduction to the COAR Notify projectIntroduction to the COAR Notify project
Introduction to the COAR Notify project
 
Capture All the URLs: First Steps in Web Archiving
Capture All the URLs: First Steps in Web ArchivingCapture All the URLs: First Steps in Web Archiving
Capture All the URLs: First Steps in Web Archiving
 
Linked Energy Data Generation
Linked Energy Data GenerationLinked Energy Data Generation
Linked Energy Data Generation
 
NISO-STM RA21 Project Update
NISO-STM RA21 Project UpdateNISO-STM RA21 Project Update
NISO-STM RA21 Project Update
 

Privon'2014 - How To Publish Privately

  • 1. How to Publish Privately October 20, 2014 @ Riva Del Garda, Italy Presented at Privacy Online Workshop (PrivOn’2014) Collocated with the 13th International Semantic Web Conference (ISWC’2014) GECAD – Knowledge Engineering and Decision Support Research Group (Polytechnic Institute of Porto – Portugal) http://www.gecad.isep.ipp.pt Nuno Bettencourt http://paginas.isep.ipp.pt/nmb nmb@isep.ipp.pt
  • 2. Outline • Background and Overview • Objectives • Proposal • Test bed • Related Work • Conclusions • Future Work October 20, 2014 @ Riva Del Garda, Italy 1
  • 3. Outline • Background and Overview • Objectives • Proposal • Test bed • Related Work • Conclusions • Future Work October 20, 2014 @ Riva Del Garda, Italy 2
  • 4. Background & Overview (i) • Web domains • Social Networks • User Identities • Accountability • Architecture Overview October 20, 2014 @ Riva Del Garda, Italy 3
  • 5. upload Background & Overview (ii) watch write/read WebID Authentication and Authorisation download FOAF Profile: http://foafserver.com/profiles/johndoe.rdf#me like October 20, 2014 @ Riva Del Garda, Italy 4
  • 6. Background & Overview (iii) Access to Resource Decision Web Server Get Resource Get Resource’s Author Data Administration Application Server rules Information resources Enforcement Get Access Policies Access Policies Get extra Data Get Resources (WebId) Get User’s Social Network (WebId) Manage Access Control Policies Ask for Access HTTP Client photo.png ownerOf Resource Author October 20, 2014 @ Riva Del Garda, Italy 5
  • 7. Background & Overview (iii) Access to Resource Decision Web Server Get Resource Get Resource’s Author Data Administration Application Server rules Information resources Enforcement Get Access Policies Access Policies Get extra Data Get Resources (WebId) Get User’s Social Network (WebId) Manage Access Control Policies Ask for Access HTTP Client photo.png ownerOf Resource Author October 20, 2014 @ Riva Del Garda, Italy 5
  • 8. Background & Overview (iii) Access to Resource Decision Web Server Get Resource Get Resource’s Author Data Administration Application Server rules Information resources Enforcement Get Access Policies Access Policies Get extra Data Get Resources (WebId) Get User’s Social Network (WebId) Manage Access Control Policies Ask for Access HTTP Client photo.png ownerOf Resource Author October 20, 2014 @ Riva Del Garda, Italy 5
  • 9. Background & Overview (iii) Access to Resource Decision Web Server Get Resource Get Resource’s Author Data Administration Application Server rules Information resources Enforcement Get Access Policies Access Policies Get extra Data Get Resources (WebId) Get User’s Social Network (WebId) Manage Access Control Policies Ask for Access HTTP Client photo.png ownerOf Resource Author October 20, 2014 @ Riva Del Garda, Italy 5
  • 10. Background & Overview (iii) Access to Resource Decision Web Server Get Resource Get Resource’s Author Data Administration Application Server rules Information resources Enforcement Get Access Policies Access Policies Get extra Data Get Resources (WebId) Get User’s Social Network (WebId) Manage Access Control Policies Ask for Access HTTP Client photo.png ownerOf Resource Author October 20, 2014 @ Riva Del Garda, Italy 5
  • 11. Background & Overview (iii) Access to Resource Decision Web Server Get Resource Get Resource’s Author Data Administration Application Server rules Information resources Enforcement Get Access Policies Access Policies Get extra Data Get Resources (WebId) Get User’s Social Network (WebId) Manage Access Control Policies Ask for Access HTTP Client photo.png ownerOf Resource Author October 20, 2014 @ Riva Del Garda, Italy 5
  • 12. Background & Overview (iii) Access to Resource Decision Web Server Get Resource Get Resource’s Author Data Administration Application Server rules Information resources Enforcement Get Access Policies Access Policies Get extra Data Get Resources (WebId) Get User’s Social Network (WebId) Manage Access Control Policies Ask for Access HTTP Client photo.png ownerOf Resource Author October 20, 2014 @ Riva Del Garda, Italy 5
  • 13. Background & Overview (iii) Application Server Enforcement HTTP Client photo.png ownerOf October 20, 2014 @ Riva Del Garda, Italy 5 Access to Resource Decision Web Server Get Resource Get Resource’s Author Data Administration rules Information resources Get Access Policies Access Policies Get extra Data Get Resources (WebId) Get User’s Social Network (WebId) Manage Access Control Policies Ask for Access Resource Author
  • 14. Outline • Background and Overview • Objectives • Proposal • Test bed • Related Work • Conclusions • Future Work October 20, 2014 @ Riva Del Garda, Italy 6
  • 15. Objectives (i) • Store a resource in a single place • Share a resource for multiple web domains • Definition of access policies in a single place • A single access policy management system not only for public resources • Corollary – User unique identity – A hyperlinked Web again… October 20, 2014 @ Riva Del Garda, Italy 7
  • 16. Objectives (ii) • Based on – FOAF Profiles – WebID Authentication + Authorization – Provenance Ontologies – Semantic Rules • Triggers – User’s uploading of resources – User’s sharing of resources – …. October 20, 2014 @ Riva Del Garda, Italy 8
  • 17. Outline • Background and Overview • Objectives • Proposal • Test bed • Related Work • Conclusions • Future Work October 20, 2014 @ Riva Del Garda, Italy 9
  • 18. Proposal Access to Resource Decision Web Server Get Resource Get Resource’s Author Data Administration Application Server rules Information resources Enforcement Get Access Policies Access Policies Get extra Data Get Resources (WebId) Get User’s Social Network (WebId) Manage Access Control Policies Ask for Access HTTP Client photo.png ownerOf Resource Author October 20, 2014 @ Riva Del Garda, Italy 10
  • 19. Distributed Resource Broker Web Server PEP Upload Sensor Authentication Module Authorisation Module Distributed Resource Broker Web Application 1 Web Application 2 Web <uses> <uses> Application n <uses> October 20, 2014 @ Riva Del Garda, Italy 11
  • 20. Upload Workflow Applicational Web Server PEP Web Application PIP Photo Hosting Server Photo Web Application ownerOf photo.png PEP photo.png FOAF Profiles 3. Upload Server URI 4. Resource Upload 2. Retrieve Resource Upload Domain 5. Resource URI User 6. Link to Resource URI Distributed Resource Broker 1. Resource Upload Resource October 20, 2014 @ Riva Del Garda, Italy 12
  • 21. User_A User_B User_C raw provenance info Web Server 1 Resource_A Policy Enforcement Point .... Preferred Upload Server Upload Server Web Server 1 Web Server 2 Web Server 3 .... FOAF + SSL uploads Resource_A isFriendOf isFriendOf Resource Repository Authentication & Authorisation Module has read access to Resource A Preferred Upload Server Resource_A User_A uploads Resource_B uploads Resource_A1 Web Server n Distributed Resource Broker action friendship level Publishing WebServer Policy Information Point Provenance Generator structured provenance info message exchange graphed information Publisher Web Application 1 Publishing Server Legend Publishing Agent Metadata Genarator isOwnerOf October 20, 2014 @ Riva Del Garda, Italy 13
  • 22. Outline • Background and Overview • Objectives • Proposal • Test bed • Related Work • Conclusions • Future Work October 20, 2014 @ Riva Del Garda, Italy 14
  • 23. Management System foafserver.* • WebID Authentication • Authorisation • Identity Provider • Resource Hosting • Social Relationships • Access Policy Management Test bed (i) Wordpress Instance A wordpress.foafserver.* Wordpress Instance B test.foafserver.* • WebID Authentication +Authorisation • Distributed Resource Broker isFriendOf isFriendOf • WebID Authentication • Authorisation • Distributed Resource Broker User A User B User C October 20, 2014 @ Riva Del Garda, Italy 15
  • 24. Test bed (ii) • http://foafserver.dei.isep.ipp.pt • http://wordpress.foafserver.dei.isep.ipp.pt/ • http://test.foafserver.dei.isep.ipp.pt/ October 20, 2014 @ Riva Del Garda, Italy 16
  • 25. Outline • Background and Overview • Objectives • Proposal • Test bed • Related Work • Conclusions • Future Work October 20, 2014 @ Riva Del Garda, Italy 17
  • 26. Related Work • Priv.ly – Client side approach • Client Browser dependent – Slow adoption • Depends solely on users – Focus only on text data • Presented Approach – Server side approach • Apache web server dependent – Quick adoption • Depends on web domain owners – Focus on indivisible resources October 20, 2014 @ Riva Del Garda, Italy 18
  • 27. Outline • Background and Overview • Objectives • Proposal • Test bed • Related Work • Conclusions • Future Work October 20, 2014 @ Riva Del Garda, Italy 19
  • 28. Conclusions • Publish resources privately – Cross-domain perspective – Manage access policies independently of each web domain • Resources can be located anywhere • Different renderings of the same web page, according to each user access permissions • Keeps every resource trustworthy October 20, 2014 @ Riva Del Garda, Italy 20
  • 29. Outline • Background and Overview • Objectives • Proposal • Test bed • Related Work • Conclusions • Future Work October 20, 2014 @ Riva Del Garda, Italy 21
  • 30. Future Work • Address parts of resources • Public-key encryption per resource, per identity • Blacklisting resources or certain user resources October 20, 2014 @ Riva Del Garda, Italy 22
  • 31. ? GECAD – Knowledge Engineering and Decision Support Research Group (Polytechnic Institute of Porto – Portugal) http://www.gecad.isep.ipp.pt Nuno Bettencourt http://paginas.isep.ipp.pt/nmb nmb@isep.ipp.pt