My PhD Thesis defence slideshow. The work discusses the influence of mobile context in accessing Linked Data from handheld devices. The work dissects this issue into two research questions: how to enable context-aware adaptation for Linked Data consumption, and how to protect access to RDF stores from context-aware devices.

1. CONTEXT-AWARE
ACCESS CONTROL AND
PRESENTATION OF LINKED DATA
PhD Thesis Defence
Luca COSTABELLO
29 November 2013

2. Mobile Guide
“Is it optimized for my tablet?”
“Does it have a visuallyimpaired mode?”
“Does it provide practical
information when I am on my way?”
Museum triplestore
“Paintings metadata
accessible only to on-site
visitors.”
“Museum Data accessible
this week only”
“Metadata can be edited
by employers only”
2

3. How Does
Mobile Context Influence Linked Data Access?
Mobile Context
Model
Context-Aware
Linked Data
Presentation
Context-Aware
Linked Data
Access control
3

4. Outline
1
Mobile Context Model
2
Presentation Model
3
Error-Tolerant Subgraph Matching
for Context Graphs
4
Access Control Model
5
Enforcing Access Control with
Web Standards
4

5. Outline
1
Mobile Context Model
2
Presentation Model
3
Error-Tolerant Subgraph Matching
for Context Graphs
4
Access Control Model
5
Enforcing Access Control with
Web Standards
5

6. Mobile Context Model
• PRISSMA Ontology
6

7. Domain independence
Coverage
Variable Context
Granularity
Extensibility
Core ontology
approach
Lightweight Ontology
Reuse of Existing
Terms
Availability on the Web
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
PRISSMA
DCO
Hervás
Korpipää
CoDaMoS
CONON
CoOL
SOUPA
Context Ontologies
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
7

8. The PRISSMA vocabulary
http://ns.inria.fr/prissma
8

9. Example: at the museum
:atTheMuseum a prissma:Context ;!
prissma:environment :museumEnv .!
!
prissma:Context
:museumEnv a prissma:Environment ;!
:atTheMuseum
prissma:poi :museumGeo.!
!
prissma:environment
:museumGeo geo:lat "48.86034" ;!
geo:long "2.337599" ;!
prissma:Environment
prissma:radius ”200" .!
:museumEnv
!
prissma:poi
:museumGeo
geo:lat
48.86034
prissma:radius
geo:long
200
2.337599
9

10. Outline
1
Mobile Context Model
2
Presentation Model
3
Error-Tolerant Subgraph Matching
for Context Graphs
4
Access Control Model
5
Enforcing Access Control with
Web Standards
10

11. Presentation Model
• Extending Fresnel with PRISSMA
11

12. ✓
Linked Data
support
Context-awareness
✓ ✓
Standard Languages
✓
✓ ✓
✓
✓ ✓
✓
✓
✓
Runtime adaptation
✓
✓
✓
✓
✓
✓
✓
✓
✓
Multimodality
✓
Client-side only
Evaluation
PRISSMA
CSS Media
Queries
COIN
Adipat
CAMB
MIMOSA
Paternò
Butter
Chamaleon
Zhang
Chen
Laakko
NAC
Adaptive Presentation Frameworks for the Web
✓
✓
✓
✓
✓
✓
✓
✓
✓
12

13. Declarative
approach
Domain
Independence
Standard Languages
Context Awareness
PRISSMA
Fresnel
LDVM
Hide the
Stack
LESS
Tal4Rdf
Xenon
Surrogates
Noadster
Haystack
Presentation Frameworks for the Semantic Web
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
✓
Automatic
stylesheets
✓
Evaluation
✓
Distribution
Multimodality
✓
✓
✓
✓
13

14. Fresnel
[Pietriga et al. 2006]
Content selection
and ordering!
Content formatting
and additional
content!
Styling instructions
for fonts, colors, and
borders!
Retrieved from [Pietriga et al. 2006]
14

15. Fresnel Example
:paintingGroup a fresnel:Group ;!
fresnel:stylesheetLink <http://example.org/style.css> .!
!
!
:paintingLens a fresnel:Lens;!
fresnel:group :paintingGroup ;!
Lens
fresnel:classLensDomain art:Painting ;!
fresnel:showProperties (dc:title!
dc:creator) .!
!
!
:titleFormat a fresnel:Format ;!
!fresnel:group :paintingGroup ;!
Format
!fresnel:propertyFormatDomain dc:title ;!
!fresnel:valueStyle ”title"^^fresnel:styleClass .!
!
!
!
!
!
!
!
!
!
15

16. Extending Fresnel with PRISSMA
PRISSMA Context
Context
Context
Description
PRISSMA Prism
Prism
16

17. Extending Fresnel with PRISSMA
[ISWC DC, 2011]
Prism
fresnel:group
fresnel:Group
Prism
owl:equivalentClass
fresnel:group
fresnel:purpose
fresnel:Lens
fresnel:Format
owl:equivalentClass
fresnel:Purpose
Context
17

18. Prism, Example
Prism
:PaintingPrism a prissma:Prism, fresnel:Group ;!
fresnel:stylesheetLink <http://example.org/style.css> ;!
!fresnel:purpose :atTheMuseum .!
!
:foaflens a fresnel:Lens;!
fresnel:group :foafPrism;!
Lens
fresnel:classLensDomain art:Painting ;!
fresnel:showProperties (foaf:name!
dcn:author) .!
!
:depictionFormat a fresnel:Format ;!
!fresnel:group :foafPrism ;!
Format
!fresnel:propertyFormatDomain foaf:name ;!
!fresnel:valueStyle "depiction"^^fresnel:styleClass .!
!
:atTheMuseum a prissma:Context ;!
Context
prissma:environment :museumEnv .!
!
:museumEnv a prissma:Environment ;!
prissma:poi :museumGeo .!
!
:museumGeo geo:lat "48.86034" ;!
geo:long "2.337599" ;!
prissma:radius ”200" .!
18

19. Examples
PRISSMA Browser for Android
Smartphone, user walking
in museum town.
Tablet, user at home.
19

20. Outline
1
Mobile Context Model
2
Presentation Model
3
Error-Tolerant Subgraph
Matching for Context Graphs
4
Access Control Model
5
Enforcing Access Control with
Web Standards
20

21. Error-Tolerant RDF Matching
• Prism Selection Algorithm
21

22. Presentation Metadata Selection
Prism
Prism
:smartphoneMoving
:tabletAtHome
Prism
:maleVisitorAtTheMuseum
:actualContext
22

23. The Problem of Context Imprecision
Ambiguity
Incompleteness
:user1
:user1
prissma:nearbyEntity
foaf:interest
"computers"
:user1
foaf:interest
"computer science"
Sensor Noise
:poi
geo:lat
prissma:radius
geo:long
:John
:Anita
:Karl
10
48.843453
2.32434
:user1
geo:lat
prissma:nearbyEntity
:Karl
:Anita
:poi
prissma:radius
geo:long
5
48.86034
2.337599
23

24. RDF-specific
✓
✓
✓
PRISSMA
Messmer and
Bunke
Zou
Silk
iSPARQL
Error-tolerant matching for RDF Graphs
✓
Data Heterogeneity
✓
Client-side Execution
✓
Incremental index updates
✓
✓
✓
Selective matching cache
24

25. Adapting Messmer to RDF and Mobile Context
Optimal error-tolerant subgraph isomorphism algorithm
based on graph edit distance.
Extensions:
• Atomic element might be
a graph: Context Units
• Core Classes
:poi
• Entities
geo:lat
prissma:radius
• Literals
geo:long
10
• Geo
48.843453
2.32434
• Time
• Customized Cost Functions
• Strings (Monge-Elkan)
• Geographic (Haversine distance + Decay)
• Temporal (Interval Inclusion + Decay)
• Missing nodes
25

26. Prism Selection: Decomposition
:museumGeo
prissma:Context
prissma:Context
:atTheMuseum
0
prissma:radius
geo:lat
geo:lon
200
48.86034
-2.337599
1
prissma:Environment
2
prissma:environment
:museumEnv
prissma:Environment
prissma:poi
:museumGeo
geo:lat
48.86034
{3,1,2,{prissma:poi}}
prissma:radius
geo:long
200
2.337599
:atTheMuseum
{4,0,3,{prissma:environment}}
Context Units
26

27. Prism Selection: Search Algorithm!
1. Compute context units
isomorphisms costs
prissma:environment
:ActualCtx
1
2
3
4
5
6
7
8
9
foreach context unit S in D do!
compute_subgraph_isomorphisms(S,GI)!
!
C=0!
while C(fcheapest)< T { !
if S1 is Prism then!
prissma:Context
R.add(S1)!
0
!
foreach child of S1 do!
fchild= combine(fS1,fS2)!
10
11
prissma:poi
:actualPOI
:actualEnv
geo:lat
prissma:radius
geo:long
10
}!
return R!
48.843453
2.32434
C=0.34
!
C=0!
:museumGeo
prissma:radius
geo:lat
geo:lon
200
48.86034
-2.337599
1
prissma:Environment
2
{3,1,2,{prissma:poi}}
:atTheMuseum
{4,0,3,{prissma:environment}}
27

28. Prism Selection: Search Algorithm!
prissma:environment
:ActualCtx
1
2
3
4
5
6
7
8
9
foreach context unit S in D do!
compute_subgraph_isomorphisms(S,GI)!
!
C=0!✓
while C(fcheapest)< T { !
if S1 is Prism then!
prissma:Context
R.add(S1)!
0
!
foreach child of S1 do!
fchild= combine(fS1,fS2)!
10
11
prissma:poi
:actualPOI
:actualEnv
geo:lat
prissma:radius
geo:long
10
}!
return R!
48.843453
2.32434
C=0.34
!
C=0!✓
✓
:museumGeo
prissma:radius
geo:lat
geo:lon
200
48.86034
-2.337599
1
prissma:Environment
2
C=0.17! ✓
{3,1,2,{prissma:poi}}
T=0.6!
C=0.09! ✓
2. Combine costs
:atTheMuseum
{4,0,3,{prissma:environment}}
28

29. Evaluation: Memory Consumption
250
20
Memory [KB]
25
Decomposition Items
300
200
150
100
50
0
0.1
0.3
0.5
0.7
0.9
Percentage of common context units
Total decomposition Items
Context Units (decomposition)
Context Units (raw prisms)
15
10
5
0
0.1
0.3
0.5
0.7
0.9
Percentage of common context units
PRISSMA decomposition
Jena Models
29

30. Evaluation: Response Time
→
If prisms are completely different
if prisms are highly
similar
30

31. Outline
1
Mobile Context Model
2
Presentation Model
3
Error-Tolerant Subgraph Matching
for Context Graphs
4
Access Control Model
5
Enforcing Access Control with
Web Standards
31

32. Access Control Model
32

33. SPARQL
✓
✓
Policies in RDF/
SPARQL
✓
✓
Context Awareness
✓
✓
✓
✓
✓
✓
Resource-level
Granularity
Shi3ld
ubiCosm
PPO
✓
✓
Attribute-Based AC
Model
Flouris
Abel
✓
✓
Finin
HTTP Operations
Proteus
WAC
Access Control Frameworks
✓
✓
✓
✓
✓
✓
✓
✓
✓
Conflict Verification
✓
✓
✓
Evaluation
✓
✓
✓
✓
✓
33

34. Context-Aware Access Control Model
[ECAI 2012]
s4ac:[Villata 2011]
DisjunctiveACS
subClassOf
hasAccessPrivilege
hasAccessConditionSet
subClassOf
ConjunctiveACS
appliesTo
AccessPolicy
AccessPrivilege
AccessConditionSet
hasAccessCondition
AccessCondition
hasQueryAsk
Device
device
hasContext
Context
User
user
environment
Environment
34

35. Sample Access Policy
:policy1 a s4ac:AccessPolicy; !
Protected resource
s4ac:appliesTo :resource; !
s4ac:hasAccessPrivilege s4ac:Read;!
s4ac:hasAccessConditionSet :acs1.!
!
Access Condition to be verified:
:acs1 a s4ac:AccessConditionSet; !
«User must be John and request must
s4ac:hasAccessCondition :ac1.!
come from a specific location»
!
:ac1 a s4ac:AccessCondition;!
! s4ac:hasQueryAsk !
!"""ASK !
!
!{?ctx a prissma:Context; !
!
!
prissma:environment ?env;!
!
!
prissma:user <http://example.org/john.rdf#me>. !
!
!?env prissma:currentPOI ?poi. !
!
!?poi prissma:based_near ?p.!
!
!?p geo:lat ?lat;geo:lon ?lon.!
!
!FILTER(((?lat-45.8483) > 0 && (?lat-45.8483) < 0.5!
!
!|| (?lat-45.8483) < 0 && (?lat-45.8483) > -0.5)!
!
!&& ((?lon-7.3263) > 0 && (?lon-7.3263) < 0.5 !
!
!|| (?lon-7.3263) < 0 && (?lon-7.3263) > -0.5 ))}""".!
35

36. Policy Manager
New Named Graph
creation
Access Privileges assignment
36

37. Policy Manager
Location-based access condition
Time-based access condition
37

38. Outline
1
Mobile Context Model
2
Presentation Model
3
Error-Tolerant Subgraph Matching
for Context Graphs
4
Access Control Model
5
Enforcing Access Control
38

39. Enforcing Access Control
• The Shi3ld Framework
39

40. Shi3ld Framework
SPARQL (Shi3ld-SPARQL)
[ECAI 2012]
SELECT … !
WHERE {…}!
GET /data/resource HTTP/1.1!
HTTP Operations (Shi3ld-HTTP)
[ESWC 2013]
• SPARQL Graph Store Protocol (GSP)
• Linked Data Platform (SPARQL-less)
40

41. Authorization Procedure
1. Adding Client Attributes to the Query (SPARQL)
SELECT … !
WHERE {…}!
+
INSERT DATA { !
GRAPH :ctx1{…}
}!
:ctx_AC1
p:user p:environment
Context
user
device environment
Device
Environment
:env_AC1
<http://carl-johnson.org#me>
p:nearbyEntity
User
p:nearbyEntity
"male"
foaf:gender
<http://alice.org#me>
41

42. Authorization Procedure
1. Adding Client Attributes to the Query (HTTP)
GET /data/resource HTTP/1.1!
Host: example.org!
!
Authorization: Shi3ld <...>!
:ctx_AC1
Context
p:user p:environment
user
device environment
User
Device
Environment
:env_AC1
<http://carl-johnson.org#me>
p:nearbyEntity
p:nearbyEntity
"male"
foaf:gender
<http://alice.org#me>
42

43. Authorization Procedure
2. Access Conditions Execution
=
ASK {?context a prissma:Context; !
prissma:user ?u;!
prissma:environment ?e.!
?u rel:employedBy :Louvre_Museum.!
?e prissma:nearbyEntity :Director. !
} !
VALUES (?context) {(:client_attributes)}!
GET /data/resource HTTP/1.1!
Host: example.org!
Authorization: Shi3ld <...>!
"false"
INSERT DATA { !
GRAPH :ctx1{…}
}!
43

44. Authorization Procedure
3. Response Construction (SPARQL)
:ng1!
:ng3!
:ng2!
SELECT … !
WHERE {…}!
SELECT …!
FROM :ng2,:ng3!
WHERE {…}!
44

45. Authorization Procedure
3. Response Construction (HTTP)
401 Unauthorized!
45

46. Response Time Evaluation (Shi3ld-SPARQL)
Corese-KGRAM SPARQL Engine 3.0.14 with Berlin SPARQL Benchmark Dataset 3.1
Dataset size still predominant
Small fraction access granted → Faster
More context updates, more consumers → Slower
46

47. Response Time Evaluation (Shi3ld-HTTP)
Jena Fuseki 0.2.6 (Shi3ld-GSP), Corese-KGRAM 3.0.14 (Shi3ld-LDP)
• Response time linear w/ AC number
• Shi3ld-HTTP SPARQL-less: 25% faster
• AC complexity does not affect
response time
47

48. Conclusions
48

49. How Does
Mobile Context Influence Linked Data Access?
1
Mobile Context Model
2
Presentation Model
3
Error-Tolerant Subgraph Matching
for Context Graphs
4
Access Control Model
5
Enforcing Access Control with
Web Standards
49

50. Limitations and Open Issues
1
Mobile Context Model
2
Presentation Model
3
Prisms Distribution: Linked
Presentation-level Metadata.
Machine learning to optimize cost
functions parameterization.
Error-Tolerant Subgraph Matching
for Context Graphs
User acceptability evaluation
campaign.
4
5
Access Control Model
Enforcing Access Control with
Web Standards
Explanation mechanism for
“access denied” responses.
Trustworthiness of Client
Context
Deeper privacy-preserving
mechanism.
50

51. Perspectives
Context-based Linked Data Discovery
Enhanced Information Retrieval for mobile users
Web of Data interlinking
51

52. • L. Costabello. PRISSMA, Towards Mobile Adaptive Presentation of the Web of Data.
Doctoral Consortium, ISWC 2011.
• L. Costabello, S. Villata, N. Delaforge and F. Gandon. Linked Data Access Goes Mobile:
Context-Aware Authorization for Graph Stores, LDOW 2012.
• L. Costabello, S. Villata and F. Gandon. Context-Aware Access Control for RDF Graph
Stores. ECAI 2012.
• S. Villata, L. Costabello, N. Delaforge and F. Gandon. A Social Semantic Web Access
Control Model. Journal on Data Semantics, Springer, 2013.
• L. Costabello, S. Villata. O. Rodriguez-Rocha and F. Gandon. Access Control for HTTP
Operations on Linked Data, ESWC 2013.
PRISSMA
wimmics.inria.fr/projects/prissma
Shi3ld
wimmics.inria.fr/projects/shi3ld
http://luca.costabello.info
Thanks
52