SlideShare une entreprise Scribd logo

Sabrina Kirrane INSIGHT Viva Presentation

Sabrina Kirrane
Sabrina Kirrane

Sabrina Kirrane INSIGHT Viva Presentation

Technologie
1  sur  40
Télécharger pour lire hors ligne
Linked Data with Access Control PhD Viva Sabrina Kirrane
Background & Problem Statement 1.1
Publishing and Consuming Linked Data RDB2RDF RDB2RDF RDB2RDF Interface
Research Questions 1. When relational data is exposed as RDF, how can we ensure the original access control policies are applied to the RDF data? 2. Beyond triple level access control, what rules are necessary to support existing access control models and to simplify access control specification and maintenance? 3. What adjustments need to be made to SPARQL queries, to ensure that only authorised data is returned? 4. What components are required to support the specification, enforcement and administration of access control for the Linked Data Web?
Access Control Entities Users e.g. JBloggs, MRyan Roles e.g. manager, supervisor Groups e.g. humanResources, sales Attributes e.g. (employer, NUIG), (policyNumber, 565656) Create, Read, Update, Delete Triples The 28th International Conference on Logic Programming, ICLP 2012. The 2nd Joint International Semantic Technology Conference, JIST 2012.
Associating Permissions with RDF Zimmermann, A., Lopes, N., Polleres, A., Straccia, U. 2012. A general framework for representing, reasoning and querying with annotated semantic web data. Allows domain specific meta data to be attached to triples Fuzzy :joeBloggs :worksFor :westportCars [ 0.5 ] Temporal :joeBloggs :worksFor :westportCars [ 2010, 2012 ] Provenance :joeBloggs :worksFor :westportCars [ :employeeDetails ] Access Control :joeBloggs :worksFor :westportCars [ [Read] [Update] [Delete] ] Supports both merging and inference  domain operator = disjunction ⊗ domain operator = conjunction The 28th International Conference on Logic Programming, ICLP 2012. The 2nd Joint International Semantic Technology Conference, JIST 2012.
Lifting both Data and Policies Employee Permissions EmployeeID Name Salary JBloggs Joe Bloggs 60000 ID Type Entity Access HR Role Employee Read PermissionsForEmployee Use RDB2RDF to Extract details of all employees and the roles that can access their data prefix :<http://urq.deri.org/enterprise#> :JBloggs rdf:type foaf:Person [ [HR] [] [] ]; foaf:name "Joe Bloggs" [ [HR] [] [] ]; :salary 60000 [ [HR] [] [] ]. prefix :<http://urq.deri.org/enterprise#> FOR Id, Name, Salary, Role FROM PermissionsForEmployee CONSTRUCT { :{ $Id } a foaf:Person [{ $Role }][][]] ; foaf:name "{ $Name } " [{ $Role }][][]]; :salary { $Salary } [{ $Role }][][]]. } EmployeeID Name Salary RoleID JBloggs Joe Bloggs 60000 HR The 28th International Conference on Logic Programming, ICLP 2012. The 2nd Joint International Semantic Technology Conference, JIST 2012.
Evaluating Triple Based Access Control Objective Examine the performance overhead associated with access control Dataset Enterprise Software Applications Document Management System Timesheet System Datasets of increasing size 푫푺ퟏ 푫푺ퟐ 푫푺ퟑ 푫푺ퟒ Records 9990 17692 33098 63909 Triples 62296 123920 247160 493648 File size(MB) 7.6 14.9 29.9 59.6 The 28th International Conference on Logic Programming, ICLP 2012. The 2nd Joint International Semantic Technology Conference, JIST 2012.
Evaluation Results and Limitations Overhead associated with access control Performance Improvement for 2+ Triple Patterns The 28th International Conference on Logic Programming, ICLP 2012. The 2nd Joint International Semantic Technology Conference, JIST 2012.
Known Limitations
Research Questions 1. When relational data is exposed as RDF, how can we ensure the original access control policies are applied to the RDF data? 2. Beyond triple level access control, what rules are necessary to support existing access control models and to simplify access control specification and maintenance? 3. What adjustments need to be made to SPARQL queries, to ensure that only authorised data is returned? 4. What components are required to support the specification, enforcement and administration of access control for the Linked Data Web?
What rules are necessary for access control over RDF data? Discretionary Access Control (DAC) • Central access control policy • Users are allowed to override the central policy • Users can pass their access rights on to others (known as delegation) 28th IFIP TC-11 International Information Security and Privacy Conference, SEC 2013. 12th International Semantic Web Conference, ISWC 2013.
DAC for the RDF Data Model Ability to delegate access rights to others grant/revoke Data and Schema based authorisations triple(s), subject, object, property, named graph – RDF Quad Pattern RDFS/OWL, Authorisation hierarchies Access Rights tightly coupled with operations select, construct, ask, describe insert, delete, insert/delete drop, create, copy, move, add Conflict Resolution denial takes precedence explicit over implicit exploit hierarchies Integrity Constrains ensure the create, copy, move, add permissions are assigned to named graphs 28th IFIP TC-11 International Information Security and Privacy Conference, SEC 2013. 12th International Semantic Web Conference, ISWC 2013.
Access Control Entities Users e.g. joeBloggs, johnSmith Roles e.g. manager, supervisor Groups e.g. humanResources, sales Attributes e.g. (employer, NUIG), (policyNumber, 565656) Create, Read, Update, Delete Select, Construct, Ask, Describe, Insert, Delete, Delete/Insert Create, Copy, Move, Add, Drop Triple RDF Quad Patterns Redundant Redundant 28th IFIP TC-11 International Information Security and Privacy Conference, SEC 2013. 12th International Semantic Web Conference, ISWC 2013.
What rules are necessary to support DAC over RDF data? Jajodia, S., Samarati, P., Sapino, M. L., Subrahmanian, V. S. Flexible support for multiple access control policies. 2001. Hierarchical Data System Components 28th IFIP TC-11 International Information Security and Privacy Conference, SEC 2013. 12th International Semantic Web Conference, ISWC 2013.
Hierarchical Data System Components Jajodia, S., Samarati, P., Sapino, M. L., Subrahmanian, V. S. Flexible support for multiple access control policies. 2001. Users/Groups Roles Access Rights Resources 28th IFIP TC-11 International Information Security and Privacy Conference, SEC 2013. 12th International Semantic Web Conference, ISWC 2013.
What rules are necessary to support DAC over RDF data? Jajodia, S., Samarati, P., Sapino, M. L., Subrahmanian, V. S. Flexible support for multiple access control policies. 2001. Graph Based Data System Components 28th IFIP TC-11 International Information Security and Privacy Conference, SEC 2013. 12th International Semantic Web Conference, ISWC 2013.
Graph Based Data System Components 28th IFIP TC-11 International Information Security and Privacy Conference, SEC 2013. 12th International Semantic Web Conference, ISWC 2013. Subjects Access Rights Resources
What rules are necessary to support DAC over RDF data? Jajodia, S., Samarati, P., Sapino, M. L., Subrahmanian, V. S. Flexible support for multiple access control policies. 2001. Authorisations <Sub, AR, Sign, Res, Type, By> Propagation Rules Authx ← Authy ᴧ GraphPattern Conflict Resolution Policies Authx ← Authx > Authy Integrity Constraints Error ← Authx 28th IFIP TC-11 International Information Security and Privacy Conference, SEC 2013. 12th International Semantic Web Conference, ISWC 2013.
Evaluating Graph Based Access Control Objective Overhead associated with access control over increasing: • datasets • authorisations Dataset Berlin SPARQL Benchmark Dataset Query and authorisation generator Datasets of increasing size 푫푺ퟏ 푫푺ퟐ 푫푺ퟑ 푫푺ퟒ 푫푺ퟓ Quads 250223 500258 1000109 2000164 4000936 File size(MB) 24.5 49 98 195 391 푨푺ퟏ 푨푺ퟐ 푨푺ퟑ 푨푺ퟒ 푨푺ퟓ Authorisation sets of increasing size Quads 60000 120000 240000 480000 960000 File size(MB) 6.5 13 26 53 105
Evaluation Results and Limitations Rules over increasing authorisations 60000 – 960000 Select queries over increasing triples 250223 – 4000936 • all quads (?S ?P ?O ?G) • a particular graph (?S ?P ?O G1) • all quads of type (?S rdf:type bsbm:Offer ?G) • all classes (?S rdf:type rdf:Class) • all properties (?S rdf:type rdf:Property) • Classes to all instances of that class • Properties to all instances of that property • Instance to properties associated with that instance 28th IFIP TC-11 International Information Security and Privacy Conference, SEC 2013. 12th International Semantic Web Conference, ISWC 2013.
Known Limitations • Need access to all quad patterns to execute the query • Access Control correctness an open issue
Research Questions 1. When relational data is exposed as RDF, how can we ensure the original access control policies are applied to the RDF data? 2. Beyond triple level access control, what rules are necessary to support existing access control models and to simplify access control specification and maintenance? 3. What adjustments need to be made to SPARQL queries, to ensure that only authorised data is returned? 4. What components are required to support the specification, enforcement and administration of access control for the Linked Data Web?
SPARQL 1.1 Query Categories SPARQL Queries • Basic graph patterns and aggregates • Negation and subqueries SPARQL Updates • Insert/delete • Insert and Delete • Graph based update operations
Rewriting SPARQL BGPs & Aggregates :MRyan :salary ?o :Employee SELECT ?id ?name ?salary WHERE { GRAPH ?g { ?id foaf:name ?name . ?id :salary ?salary } } SELECT ?id ?name ?salary WHERE { GRAPH ?g { ?id foaf:name ?name . ?id :salary ?salary FILTER NOT EXISTS { GRAPH :Employee { ?id foaf:name ?name . ?id :salary ?salary FILTER(?id = :MRyan) } } } }
Rewriting SPARQL Subqueries and Filters :MRyan :worksFor ?o :OrgStructure SELECT DISTINCT ?employee ?manager WHERE { GRAPH ?g { ?x foaf:name ?employee . ?y foaf:name ?manager { SELECT ?x ?y WHERE { GRAPH :OrgStructure { ?x :worksFor ?y } } } } } SELECT DISTINCT ?employee ?manager WHERE { GRAPH ?g { ?x foaf:name ?employee . ?y foaf:name ?manager { SELECT ?x ?y WHERE { GRAPH :OrgStructure { ?x :worksFor ?y FILTER NOT EXISTS { GRAPH :OrgStructure { ?x :worksFor ?y FILTER ( ?x = :MRyan ) } } } } } } }
Rewriting SPARQL Update Queries DELETE/INSERT • Apply SELECT query rewriting strategy DELETE DATA and INSERT DATA. • Remove unauthorised quads from the query CLEAR and DROP. • DELETE from target graph ADD and LOAD. • INSERT into target graph COPY. • DELETE from the destination graph • INSERT into destination graph MOVE. • DELETE from the destination graph • INSERT into destination graph • DELETE from the source graph
Access Control Correctness Correctness criteria for fine-grained access control in relational databases. 2007. Wang, Q., Yu, T., Li, N., Lobo, J., Bertino, E., Irwin, K., Byun, J.-W. Secure - does not return information which has not been authorised Sound - does not return invalid results Maximum - returns as much information as possible without violating the secure and sound constraints State 1 State 2
Access Control Correctness
Evaluating Query Rewriting Correctness Objective Compare the results returned by our query rewriting algorithm to the results returned by a standard SPARQL query over a filtered dataset • Basic graph patterns and aggregates • Negation and subqueries • Insert/delete • Insert and delete • Graph based update operations Dataset  Automatically generate a set of authorisations from all 2^4 possible combinations (of constants and variables) for each quad in the BSBM dataset  Systematically generate queries for each of the 19104 RDF quad patterns As SPARQL queries are based on basic graph pattern matching, if we can prove correctness for all possible authorisations over the different query types, the data itself is irrelevant
Evaluating Query Rewriting Correctness Results The proposed query rewriting algorithm is secure, sound and maximum for: • Basic graph patterns and aggregates • Negation and subqueries • Insert/delete • Insert and delete • Graph based update operations Exception In the case of property paths the query rewriting algorithm is not maximum Example FILTER NOT EXISTS { GRAPH ?g { ?employee :worksFor+ ?manager FILTER ( ?employee = :MRyan ) } }
Performance Evaluation Triple Updates Graph Updates Queries Negation Time in milliseconds Time in milliseconds Time in milliseconds Time in milliseconds
Known Limitations
Research Questions 1. When relational data is exposed as RDF, how can we ensure the original access control policies are applied to the RDF data? 2. Beyond triple level access control, what rules are necessary to support existing access control models and to simplify access control specification and maintenance? 3. What adjustments need to be made to SPARQL queries, to ensure that only authorised data is returned? 4. What components are required to support the specification, enforcement and administration of access control for the LDW?
Publishing and Consuming Linked Data RDB2RDF RDB2RDF
Linked Data Authorisation Architecture RDB2RDF RDB2RDF
Enforce access control policies Extract both data and permissions Source the individual PDFs
Conclusions 1. When relational data is exposed as RDF, how can we ensure the original access control policies are applied to the RDF data? Use RDB2RDF to extract and associate permissions with triples 2. Beyond triple level access control, what rules are necessary to support existing access control models and to simplify access control specification and maintenance? The graph based authorisation flexible framework • Authorisations • Propagation rules • Conflict resolution policies • Integrity constraints
Conclusions 3. What adjustments need to be made to SPARQL queries, to ensure that only authorised data is returned? Query rewriting strategy • FILTER NOT EXISTS expressions • Remove triples from insert and delete data queries • Rewrite update queries as INSERT/DELETE queries 4. What components are required to support the specification, enforcement and administration of access control for the LDW? The Linked Data Authorisation Architecture includes: • Authorisation Interface • Query Engine • Authorisation Framework
Linked Data with Access Control Next Steps Privacy • Reasoning over privacy policies Context Awareness • Reasoning over contextual data • Efficient reasoning over streaming data Usability & Understandability • Graph based data clustering and visualisation techniques o examine the interplay between authorisations and rules o determine the impact of new authorisations Explanations & Negotiation • Potential security impact associated with explanations

Recommandé

Access Control for Linked Data: Past, Present and Future
Access Control for Linked Data: Past, Present and FutureAccess Control for Linked Data: Past, Present and Future
Access Control for Linked Data: Past, Present and FutureSabrina Kirrane
 
Scalable policy-aware Linked Data architecture for prIvacy, transparency and ...
Scalable policy-aware Linked Data architecture for prIvacy, transparency and ...Scalable policy-aware Linked Data architecture for prIvacy, transparency and ...
Scalable policy-aware Linked Data architecture for prIvacy, transparency and ...Sabrina Kirrane
 
Signed metadata : method and application
Signed metadata : method and applicationSigned metadata : method and application
Signed metadata : method and applicationJulie Allinson
 
Architecture authorization-constrained
Architecture authorization-constrainedArchitecture authorization-constrained
Architecture authorization-constrainedAhmed Sabeeh
 
香港六合彩
香港六合彩香港六合彩
香港六合彩shujia
 
Natural Language Search with Knowledge Graphs (Activate 2019)
Natural Language Search with Knowledge Graphs (Activate 2019)Natural Language Search with Knowledge Graphs (Activate 2019)
Natural Language Search with Knowledge Graphs (Activate 2019)Trey Grainger
 
Lucene solrrev documentlevelsecurity_rajanimaski_final
Lucene solrrev documentlevelsecurity_rajanimaski_finalLucene solrrev documentlevelsecurity_rajanimaski_final
Lucene solrrev documentlevelsecurity_rajanimaski_finalRajani Maski
 
Searching for Meaning
Searching for MeaningSearching for Meaning
Searching for MeaningTrey Grainger
 

Recommandé

Access Control for Linked Data: Past, Present and Future
Access Control for Linked Data: Past, Present and FutureAccess Control for Linked Data: Past, Present and Future
Access Control for Linked Data: Past, Present and FutureSabrina Kirrane
 
Scalable policy-aware Linked Data architecture for prIvacy, transparency and ...
Scalable policy-aware Linked Data architecture for prIvacy, transparency and ...Scalable policy-aware Linked Data architecture for prIvacy, transparency and ...
Scalable policy-aware Linked Data architecture for prIvacy, transparency and ...Sabrina Kirrane
 
Signed metadata : method and application
Signed metadata : method and applicationSigned metadata : method and application
Signed metadata : method and applicationJulie Allinson
 
Architecture authorization-constrained
Architecture authorization-constrainedArchitecture authorization-constrained
Architecture authorization-constrainedAhmed Sabeeh
 
香港六合彩
香港六合彩香港六合彩
香港六合彩shujia
 
Natural Language Search with Knowledge Graphs (Activate 2019)
Natural Language Search with Knowledge Graphs (Activate 2019)Natural Language Search with Knowledge Graphs (Activate 2019)
Natural Language Search with Knowledge Graphs (Activate 2019)Trey Grainger
 
Lucene solrrev documentlevelsecurity_rajanimaski_final
Lucene solrrev documentlevelsecurity_rajanimaski_finalLucene solrrev documentlevelsecurity_rajanimaski_final
Lucene solrrev documentlevelsecurity_rajanimaski_finalRajani Maski
 
Searching for Meaning
Searching for MeaningSearching for Meaning
Searching for MeaningTrey Grainger
 
Linked Data Quality Assessment: A Survey
Linked Data Quality Assessment: A SurveyLinked Data Quality Assessment: A Survey
Linked Data Quality Assessment: A SurveyAmrapali Zaveri, PhD
 
Deploying Linked Open Data: Methodologies and Software Tools
Deploying Linked Open Data: Methodologies and Software ToolsDeploying Linked Open Data: Methodologies and Software Tools
Deploying Linked Open Data: Methodologies and Software ToolsNikolaos Konstantinou
 
Preservation Metadata
Preservation MetadataPreservation Metadata
Preservation MetadataDigitalPreservationEurope
 
Materializing the Web of Linked Data
Materializing the Web of Linked DataMaterializing the Web of Linked Data
Materializing the Web of Linked DataNikolaos Konstantinou
 
A Framework for Self-descriptive RESTful Services
A Framework for Self-descriptive RESTful ServicesA Framework for Self-descriptive RESTful Services
A Framework for Self-descriptive RESTful Servicesruyalarcon
 
2016 BE Final year Projects in chennai - 1 Crore Projects
2016 BE Final year Projects in chennai - 1 Crore Projects 2016 BE Final year Projects in chennai - 1 Crore Projects
2016 BE Final year Projects in chennai - 1 Crore Projects 1crore projects
 
Introduction: Linked Data and the Semantic Web
Introduction: Linked Data and the Semantic WebIntroduction: Linked Data and the Semantic Web
Introduction: Linked Data and the Semantic WebNikolaos Konstantinou
 
Semantic search
Semantic searchSemantic search
Semantic searchAndreas Blumauer
 
Secure Syntactic key Ranked Search over Encrypted Cloud in Data
Secure Syntactic key Ranked Search over Encrypted Cloud in DataSecure Syntactic key Ranked Search over Encrypted Cloud in Data
Secure Syntactic key Ranked Search over Encrypted Cloud in DataIJERA Editor
 
An efficeient privacy preserving ranked keyword search
An efficeient privacy preserving ranked keyword searchAn efficeient privacy preserving ranked keyword search
An efficeient privacy preserving ranked keyword searchredpel dot com
 
The Relevance of the Apache Solr Semantic Knowledge Graph
The Relevance of the Apache Solr Semantic Knowledge GraphThe Relevance of the Apache Solr Semantic Knowledge Graph
The Relevance of the Apache Solr Semantic Knowledge GraphTrey Grainger
 
SemTech 2011 Semantic Search tutorial
SemTech 2011 Semantic Search tutorialSemTech 2011 Semantic Search tutorial
SemTech 2011 Semantic Search tutorialPeter Mika
 
Svcc services presentation (Silicon Valley code camp 2011)
Svcc services presentation (Silicon Valley code camp 2011)Svcc services presentation (Silicon Valley code camp 2011)
Svcc services presentation (Silicon Valley code camp 2011)Jen Wong
 
Machine Learned Relevance at A Large Scale Search Engine
Machine Learned Relevance at A Large Scale Search EngineMachine Learned Relevance at A Large Scale Search Engine
Machine Learned Relevance at A Large Scale Search EngineSalford Systems
 
Fedora
FedoraFedora
FedoraChammika Gunathilake
 
Lighting a Beacon: training for (future) implementers
Lighting a Beacon: training for (future) implementersLighting a Beacon: training for (future) implementers
Lighting a Beacon: training for (future) implementersCINECAProject
 
An Ontology-based Decision Support Framework for Personalized Quality of Life...
An Ontology-based Decision Support Framework for Personalized Quality of Life...An Ontology-based Decision Support Framework for Personalized Quality of Life...
An Ontology-based Decision Support Framework for Personalized Quality of Life...Marina Riga
 
Self-Enforcing Access Control for Encrypted RDF
Self-Enforcing Access Control for Encrypted RDFSelf-Enforcing Access Control for Encrypted RDF
Self-Enforcing Access Control for Encrypted RDFSabrina Kirrane
 
Modelling the General Data Protection Regulation
Modelling the General Data Protection RegulationModelling the General Data Protection Regulation
Modelling the General Data Protection RegulationSabrina Kirrane
 
Society, Privacy and the Semantic Web - Policy and Technology PrivOn 2017
Society, Privacy and the Semantic Web - Policy and Technology PrivOn 2017Society, Privacy and the Semantic Web - Policy and Technology PrivOn 2017
Society, Privacy and the Semantic Web - Policy and Technology PrivOn 2017Sabrina Kirrane
 
Transparent Personal Data Processing: The Road Ahead
Transparent Personal Data Processing: The Road AheadTransparent Personal Data Processing: The Road Ahead
Transparent Personal Data Processing: The Road AheadSabrina Kirrane
 
Data License Clearance Center
Data License Clearance Center Data License Clearance Center
Data License Clearance Center Sabrina Kirrane
 

Contenu connexe

Tendances

Linked Data Quality Assessment: A Survey
Linked Data Quality Assessment: A SurveyLinked Data Quality Assessment: A Survey
Linked Data Quality Assessment: A SurveyAmrapali Zaveri, PhD
 
Deploying Linked Open Data: Methodologies and Software Tools
Deploying Linked Open Data: Methodologies and Software ToolsDeploying Linked Open Data: Methodologies and Software Tools
Deploying Linked Open Data: Methodologies and Software ToolsNikolaos Konstantinou
 
Materializing the Web of Linked Data
Materializing the Web of Linked DataMaterializing the Web of Linked Data
Materializing the Web of Linked DataNikolaos Konstantinou
 
A Framework for Self-descriptive RESTful Services
A Framework for Self-descriptive RESTful ServicesA Framework for Self-descriptive RESTful Services
A Framework for Self-descriptive RESTful Servicesruyalarcon
 
2016 BE Final year Projects in chennai - 1 Crore Projects
2016 BE Final year Projects in chennai - 1 Crore Projects 2016 BE Final year Projects in chennai - 1 Crore Projects
2016 BE Final year Projects in chennai - 1 Crore Projects 1crore projects
 
Introduction: Linked Data and the Semantic Web
Introduction: Linked Data and the Semantic WebIntroduction: Linked Data and the Semantic Web
Introduction: Linked Data and the Semantic WebNikolaos Konstantinou
 
Secure Syntactic key Ranked Search over Encrypted Cloud in Data
Secure Syntactic key Ranked Search over Encrypted Cloud in DataSecure Syntactic key Ranked Search over Encrypted Cloud in Data
Secure Syntactic key Ranked Search over Encrypted Cloud in DataIJERA Editor
 
An efficeient privacy preserving ranked keyword search
An efficeient privacy preserving ranked keyword searchAn efficeient privacy preserving ranked keyword search
An efficeient privacy preserving ranked keyword searchredpel dot com
 
The Relevance of the Apache Solr Semantic Knowledge Graph
The Relevance of the Apache Solr Semantic Knowledge GraphThe Relevance of the Apache Solr Semantic Knowledge Graph
The Relevance of the Apache Solr Semantic Knowledge GraphTrey Grainger
 
SemTech 2011 Semantic Search tutorial
SemTech 2011 Semantic Search tutorialSemTech 2011 Semantic Search tutorial
SemTech 2011 Semantic Search tutorialPeter Mika
 
Svcc services presentation (Silicon Valley code camp 2011)
Svcc services presentation (Silicon Valley code camp 2011)Svcc services presentation (Silicon Valley code camp 2011)
Svcc services presentation (Silicon Valley code camp 2011)Jen Wong
 
Machine Learned Relevance at A Large Scale Search Engine
Machine Learned Relevance at A Large Scale Search EngineMachine Learned Relevance at A Large Scale Search Engine
Machine Learned Relevance at A Large Scale Search EngineSalford Systems
 
Lighting a Beacon: training for (future) implementers
Lighting a Beacon: training for (future) implementersLighting a Beacon: training for (future) implementers
Lighting a Beacon: training for (future) implementersCINECAProject
 
An Ontology-based Decision Support Framework for Personalized Quality of Life...
An Ontology-based Decision Support Framework for Personalized Quality of Life...An Ontology-based Decision Support Framework for Personalized Quality of Life...
An Ontology-based Decision Support Framework for Personalized Quality of Life...Marina Riga
 

Tendances (17)

Linked Data Quality Assessment: A Survey
Linked Data Quality Assessment: A SurveyLinked Data Quality Assessment: A Survey
Linked Data Quality Assessment: A Survey
 
Deploying Linked Open Data: Methodologies and Software Tools
Deploying Linked Open Data: Methodologies and Software ToolsDeploying Linked Open Data: Methodologies and Software Tools
Deploying Linked Open Data: Methodologies and Software Tools
 
Preservation Metadata
Preservation MetadataPreservation Metadata
Preservation Metadata
 
Materializing the Web of Linked Data
Materializing the Web of Linked DataMaterializing the Web of Linked Data
Materializing the Web of Linked Data
 
A Framework for Self-descriptive RESTful Services
A Framework for Self-descriptive RESTful ServicesA Framework for Self-descriptive RESTful Services
A Framework for Self-descriptive RESTful Services
 
2016 BE Final year Projects in chennai - 1 Crore Projects
2016 BE Final year Projects in chennai - 1 Crore Projects 2016 BE Final year Projects in chennai - 1 Crore Projects
2016 BE Final year Projects in chennai - 1 Crore Projects
 
Introduction: Linked Data and the Semantic Web
Introduction: Linked Data and the Semantic WebIntroduction: Linked Data and the Semantic Web
Introduction: Linked Data and the Semantic Web
 
Semantic search
Semantic searchSemantic search
Semantic search
 
Secure Syntactic key Ranked Search over Encrypted Cloud in Data
Secure Syntactic key Ranked Search over Encrypted Cloud in DataSecure Syntactic key Ranked Search over Encrypted Cloud in Data
Secure Syntactic key Ranked Search over Encrypted Cloud in Data
 
An efficeient privacy preserving ranked keyword search
An efficeient privacy preserving ranked keyword searchAn efficeient privacy preserving ranked keyword search
An efficeient privacy preserving ranked keyword search
 
The Relevance of the Apache Solr Semantic Knowledge Graph
The Relevance of the Apache Solr Semantic Knowledge GraphThe Relevance of the Apache Solr Semantic Knowledge Graph
The Relevance of the Apache Solr Semantic Knowledge Graph
 
SemTech 2011 Semantic Search tutorial
SemTech 2011 Semantic Search tutorialSemTech 2011 Semantic Search tutorial
SemTech 2011 Semantic Search tutorial
 
Svcc services presentation (Silicon Valley code camp 2011)
Svcc services presentation (Silicon Valley code camp 2011)Svcc services presentation (Silicon Valley code camp 2011)
Svcc services presentation (Silicon Valley code camp 2011)
 
Machine Learned Relevance at A Large Scale Search Engine
Machine Learned Relevance at A Large Scale Search EngineMachine Learned Relevance at A Large Scale Search Engine
Machine Learned Relevance at A Large Scale Search Engine
 
Fedora
FedoraFedora
Fedora
 
Lighting a Beacon: training for (future) implementers
Lighting a Beacon: training for (future) implementersLighting a Beacon: training for (future) implementers
Lighting a Beacon: training for (future) implementers
 
An Ontology-based Decision Support Framework for Personalized Quality of Life...
An Ontology-based Decision Support Framework for Personalized Quality of Life...An Ontology-based Decision Support Framework for Personalized Quality of Life...
An Ontology-based Decision Support Framework for Personalized Quality of Life...
 

En vedette

Self-Enforcing Access Control for Encrypted RDF
Self-Enforcing Access Control for Encrypted RDFSelf-Enforcing Access Control for Encrypted RDF
Self-Enforcing Access Control for Encrypted RDFSabrina Kirrane
 
Modelling the General Data Protection Regulation
Modelling the General Data Protection RegulationModelling the General Data Protection Regulation
Modelling the General Data Protection RegulationSabrina Kirrane
 
Society, Privacy and the Semantic Web - Policy and Technology PrivOn 2017
Society, Privacy and the Semantic Web - Policy and Technology PrivOn 2017Society, Privacy and the Semantic Web - Policy and Technology PrivOn 2017
Society, Privacy and the Semantic Web - Policy and Technology PrivOn 2017Sabrina Kirrane
 
Transparent Personal Data Processing: The Road Ahead
Transparent Personal Data Processing: The Road AheadTransparent Personal Data Processing: The Road Ahead
Transparent Personal Data Processing: The Road AheadSabrina Kirrane
 
Data License Clearance Center
Data License Clearance Center Data License Clearance Center
Data License Clearance Center Sabrina Kirrane
 
Privacy & innovation digital enterprise
Privacy & innovation digital enterprisePrivacy & innovation digital enterprise
Privacy & innovation digital enterpriseSabrina Kirrane
 

En vedette (6)

Self-Enforcing Access Control for Encrypted RDF
Self-Enforcing Access Control for Encrypted RDFSelf-Enforcing Access Control for Encrypted RDF
Self-Enforcing Access Control for Encrypted RDF
 
Modelling the General Data Protection Regulation
Modelling the General Data Protection RegulationModelling the General Data Protection Regulation
Modelling the General Data Protection Regulation
 
Society, Privacy and the Semantic Web - Policy and Technology PrivOn 2017
Society, Privacy and the Semantic Web - Policy and Technology PrivOn 2017Society, Privacy and the Semantic Web - Policy and Technology PrivOn 2017
Society, Privacy and the Semantic Web - Policy and Technology PrivOn 2017
 
Transparent Personal Data Processing: The Road Ahead
Transparent Personal Data Processing: The Road AheadTransparent Personal Data Processing: The Road Ahead
Transparent Personal Data Processing: The Road Ahead
 
Data License Clearance Center
Data License Clearance Center Data License Clearance Center
Data License Clearance Center
 
Privacy & innovation digital enterprise
Privacy & innovation digital enterprisePrivacy & innovation digital enterprise
Privacy & innovation digital enterprise
 

Similaire à Sabrina Kirrane INSIGHT Viva Presentation

Wed roman tut_open_datapub
Wed roman tut_open_datapubWed roman tut_open_datapub
Wed roman tut_open_datapubeswcsummerschool
 
MAZZ -Bob Towards BIG DATA-RA-AlloyCloud-NIST_BD.pdf
MAZZ -Bob Towards BIG DATA-RA-AlloyCloud-NIST_BD.pdfMAZZ -Bob Towards BIG DATA-RA-AlloyCloud-NIST_BD.pdf
MAZZ -Bob Towards BIG DATA-RA-AlloyCloud-NIST_BD.pdfGary Mazzaferro
 
(R17A0528) BIG DATA ANALYTICS.pdf
(R17A0528) BIG DATA ANALYTICS.pdf(R17A0528) BIG DATA ANALYTICS.pdf
(R17A0528) BIG DATA ANALYTICS.pdfSreenivasa Harish
 
(R17A0528) BIG DATA ANALYTICS.pdf
(R17A0528) BIG DATA ANALYTICS.pdf(R17A0528) BIG DATA ANALYTICS.pdf
(R17A0528) BIG DATA ANALYTICS.pdfPoornimaShetty27
 
Unleashing the power of apache atlas with apache - virtual dataconnector
Unleashing the power of apache atlas with apache - virtual dataconnectorUnleashing the power of apache atlas with apache - virtual dataconnector
Unleashing the power of apache atlas with apache - virtual dataconnectorNigel Jones
 
ING- CoreIntel- Collect and Process Network Logs Across Data Centers in Real ...
ING- CoreIntel- Collect and Process Network Logs Across Data Centers in Real ...ING- CoreIntel- Collect and Process Network Logs Across Data Centers in Real ...
ING- CoreIntel- Collect and Process Network Logs Across Data Centers in Real ...DataWorks Summit/Hadoop Summit
 
Modified query roles based access
Modified query roles based access Modified query roles based access
Modified query roles based accessAlexander Decker
 
Data Services and the Modern Data Ecosystem (ASEAN)
Data Services and the Modern Data Ecosystem (ASEAN)Data Services and the Modern Data Ecosystem (ASEAN)
Data Services and the Modern Data Ecosystem (ASEAN)Denodo
 
Secrets of Enterprise Data Mining: SQL Saturday Oregon 201411
Secrets of Enterprise Data Mining: SQL Saturday Oregon 201411Secrets of Enterprise Data Mining: SQL Saturday Oregon 201411
Secrets of Enterprise Data Mining: SQL Saturday Oregon 201411Mark Tabladillo
 
Updates on the FAIR Data Maturity Model RDA Working Group & the DG RTD FAIR i...
Updates on the FAIR Data Maturity Model RDA Working Group & the DG RTD FAIR i...Updates on the FAIR Data Maturity Model RDA Working Group & the DG RTD FAIR i...
Updates on the FAIR Data Maturity Model RDA Working Group & the DG RTD FAIR i...EOSC-hub project
 
Seminario eMadrid sobre "Nuevas experiencias en laboratorios remotos". Estand...
Seminario eMadrid sobre "Nuevas experiencias en laboratorios remotos". Estand...Seminario eMadrid sobre "Nuevas experiencias en laboratorios remotos". Estand...
Seminario eMadrid sobre "Nuevas experiencias en laboratorios remotos". Estand...eMadrid network
 
RDA FAIR Data Maturity Model
RDA FAIR Data Maturity ModelRDA FAIR Data Maturity Model
RDA FAIR Data Maturity ModelOpenAIRE
 
THOR Workshop - Persistent Identifier Linking
THOR Workshop - Persistent Identifier LinkingTHOR Workshop - Persistent Identifier Linking
THOR Workshop - Persistent Identifier LinkingMaaike Duine
 

Similaire à Sabrina Kirrane INSIGHT Viva Presentation (20)

Wed roman tut_open_datapub
Wed roman tut_open_datapubWed roman tut_open_datapub
Wed roman tut_open_datapub
 
MAZZ -Bob Towards BIG DATA-RA-AlloyCloud-NIST_BD.pdf
MAZZ -Bob Towards BIG DATA-RA-AlloyCloud-NIST_BD.pdfMAZZ -Bob Towards BIG DATA-RA-AlloyCloud-NIST_BD.pdf
MAZZ -Bob Towards BIG DATA-RA-AlloyCloud-NIST_BD.pdf
 
(R17A0528) BIG DATA ANALYTICS.pdf
(R17A0528) BIG DATA ANALYTICS.pdf(R17A0528) BIG DATA ANALYTICS.pdf
(R17A0528) BIG DATA ANALYTICS.pdf
 
(R17A0528) BIG DATA ANALYTICS.pdf
(R17A0528) BIG DATA ANALYTICS.pdf(R17A0528) BIG DATA ANALYTICS.pdf
(R17A0528) BIG DATA ANALYTICS.pdf
 
The Power of Data
The Power of DataThe Power of Data
The Power of Data
 
Unleashing the power of apache atlas with apache - virtual dataconnector
Unleashing the power of apache atlas with apache - virtual dataconnectorUnleashing the power of apache atlas with apache - virtual dataconnector
Unleashing the power of apache atlas with apache - virtual dataconnector
 
ING- CoreIntel- Collect and Process Network Logs Across Data Centers in Real ...
ING- CoreIntel- Collect and Process Network Logs Across Data Centers in Real ...ING- CoreIntel- Collect and Process Network Logs Across Data Centers in Real ...
ING- CoreIntel- Collect and Process Network Logs Across Data Centers in Real ...
 
Modified query roles based access
Modified query roles based access Modified query roles based access
Modified query roles based access
 
Linked data life cycles
Linked data life cyclesLinked data life cycles
Linked data life cycles
 
Data Services and the Modern Data Ecosystem (ASEAN)
Data Services and the Modern Data Ecosystem (ASEAN)Data Services and the Modern Data Ecosystem (ASEAN)
Data Services and the Modern Data Ecosystem (ASEAN)
 
LeVan, "Search Web Services"
LeVan, "Search Web Services"LeVan, "Search Web Services"
LeVan, "Search Web Services"
 
Secrets of Enterprise Data Mining: SQL Saturday Oregon 201411
Secrets of Enterprise Data Mining: SQL Saturday Oregon 201411Secrets of Enterprise Data Mining: SQL Saturday Oregon 201411
Secrets of Enterprise Data Mining: SQL Saturday Oregon 201411
 
Updates on the FAIR Data Maturity Model RDA Working Group & the DG RTD FAIR i...
Updates on the FAIR Data Maturity Model RDA Working Group & the DG RTD FAIR i...Updates on the FAIR Data Maturity Model RDA Working Group & the DG RTD FAIR i...
Updates on the FAIR Data Maturity Model RDA Working Group & the DG RTD FAIR i...
 
Seminario eMadrid sobre "Nuevas experiencias en laboratorios remotos". Estand...
Seminario eMadrid sobre "Nuevas experiencias en laboratorios remotos". Estand...Seminario eMadrid sobre "Nuevas experiencias en laboratorios remotos". Estand...
Seminario eMadrid sobre "Nuevas experiencias en laboratorios remotos". Estand...
 
RDA FAIR Data Maturity Model
RDA FAIR Data Maturity ModelRDA FAIR Data Maturity Model
RDA FAIR Data Maturity Model
 
Webinar@AIMS: LODE-BD
Webinar@AIMS: LODE-BDWebinar@AIMS: LODE-BD
Webinar@AIMS: LODE-BD
 
THOR Workshop - Persistent Identifier Linking
THOR Workshop - Persistent Identifier LinkingTHOR Workshop - Persistent Identifier Linking
THOR Workshop - Persistent Identifier Linking
 
LinkedIn2
LinkedIn2LinkedIn2
LinkedIn2
 
Database systems Handbook.pdf
Database systems Handbook.pdfDatabase systems Handbook.pdf
Database systems Handbook.pdf
 
Muhammad Sharif Database systems Handbook.pdf
Muhammad Sharif Database systems Handbook.pdfMuhammad Sharif Database systems Handbook.pdf
Muhammad Sharif Database systems Handbook.pdf
 

Plus de Sabrina Kirrane

Different perspectives on data science
Different perspectives on data scienceDifferent perspectives on data science
Different perspectives on data scienceSabrina Kirrane
 
Intelligent agents the vision revisited
Intelligent agents the vision revisitedIntelligent agents the vision revisited
Intelligent agents the vision revisitedSabrina Kirrane
 
SPECIAL ESWC project networking
SPECIAL ESWC project networkingSPECIAL ESWC project networking
SPECIAL ESWC project networkingSabrina Kirrane
 
DALICC ESWC Project Networking 2018
DALICC ESWC Project Networking 2018DALICC ESWC Project Networking 2018
DALICC ESWC Project Networking 2018Sabrina Kirrane
 
Digital Rights Management
Digital Rights ManagementDigital Rights Management
Digital Rights ManagementSabrina Kirrane
 
W3C Data Privacy Vocabularies and Controls Community Group
W3C Data Privacy Vocabularies and Controls Community GroupW3C Data Privacy Vocabularies and Controls Community Group
W3C Data Privacy Vocabularies and Controls Community GroupSabrina Kirrane
 
Propelling the Potential of Linked Data in Enterprises
Propelling the Potential of Linked Data in EnterprisesPropelling the Potential of Linked Data in Enterprises
Propelling the Potential of Linked Data in EnterprisesSabrina Kirrane
 
Cryptocurrencies and Blockchain technology
Cryptocurrencies and Blockchain technologyCryptocurrencies and Blockchain technology
Cryptocurrencies and Blockchain technologySabrina Kirrane
 

Plus de Sabrina Kirrane (8)

Different perspectives on data science
Different perspectives on data scienceDifferent perspectives on data science
Different perspectives on data science
 
Intelligent agents the vision revisited
Intelligent agents the vision revisitedIntelligent agents the vision revisited
Intelligent agents the vision revisited
 
SPECIAL ESWC project networking
SPECIAL ESWC project networkingSPECIAL ESWC project networking
SPECIAL ESWC project networking
 
DALICC ESWC Project Networking 2018
DALICC ESWC Project Networking 2018DALICC ESWC Project Networking 2018
DALICC ESWC Project Networking 2018
 
Digital Rights Management
Digital Rights ManagementDigital Rights Management
Digital Rights Management
 
W3C Data Privacy Vocabularies and Controls Community Group
W3C Data Privacy Vocabularies and Controls Community GroupW3C Data Privacy Vocabularies and Controls Community Group
W3C Data Privacy Vocabularies and Controls Community Group
 
Propelling the Potential of Linked Data in Enterprises
Propelling the Potential of Linked Data in EnterprisesPropelling the Potential of Linked Data in Enterprises
Propelling the Potential of Linked Data in Enterprises
 
Cryptocurrencies and Blockchain technology
Cryptocurrencies and Blockchain technologyCryptocurrencies and Blockchain technology
Cryptocurrencies and Blockchain technology
 

Dernier

A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFMichael Gough
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...BookNet Canada
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sectoritnewsafrica
 
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...amber724300
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Nikki Chapple
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...itnewsafrica
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Karmanjay Verma
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsYoss Cohen
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...itnewsafrica
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 

Dernier (20)

A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDF
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
 
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platforms
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 

Sabrina Kirrane INSIGHT Viva Presentation

  • 1. Linked Data with Access Control PhD Viva Sabrina Kirrane
  • 2. Background & Problem Statement 1.1
  • 3. Publishing and Consuming Linked Data RDB2RDF RDB2RDF RDB2RDF Interface
  • 4. Research Questions 1. When relational data is exposed as RDF, how can we ensure the original access control policies are applied to the RDF data? 2. Beyond triple level access control, what rules are necessary to support existing access control models and to simplify access control specification and maintenance? 3. What adjustments need to be made to SPARQL queries, to ensure that only authorised data is returned? 4. What components are required to support the specification, enforcement and administration of access control for the Linked Data Web?
  • 5. Access Control Entities Users e.g. JBloggs, MRyan Roles e.g. manager, supervisor Groups e.g. humanResources, sales Attributes e.g. (employer, NUIG), (policyNumber, 565656) Create, Read, Update, Delete Triples The 28th International Conference on Logic Programming, ICLP 2012. The 2nd Joint International Semantic Technology Conference, JIST 2012.
  • 6. Associating Permissions with RDF Zimmermann, A., Lopes, N., Polleres, A., Straccia, U. 2012. A general framework for representing, reasoning and querying with annotated semantic web data. Allows domain specific meta data to be attached to triples Fuzzy :joeBloggs :worksFor :westportCars [ 0.5 ] Temporal :joeBloggs :worksFor :westportCars [ 2010, 2012 ] Provenance :joeBloggs :worksFor :westportCars [ :employeeDetails ] Access Control :joeBloggs :worksFor :westportCars [ [Read] [Update] [Delete] ] Supports both merging and inference  domain operator = disjunction ⊗ domain operator = conjunction The 28th International Conference on Logic Programming, ICLP 2012. The 2nd Joint International Semantic Technology Conference, JIST 2012.
  • 7. Lifting both Data and Policies Employee Permissions EmployeeID Name Salary JBloggs Joe Bloggs 60000 ID Type Entity Access HR Role Employee Read PermissionsForEmployee Use RDB2RDF to Extract details of all employees and the roles that can access their data prefix :<http://urq.deri.org/enterprise#> :JBloggs rdf:type foaf:Person [ [HR] [] [] ]; foaf:name "Joe Bloggs" [ [HR] [] [] ]; :salary 60000 [ [HR] [] [] ]. prefix :<http://urq.deri.org/enterprise#> FOR Id, Name, Salary, Role FROM PermissionsForEmployee CONSTRUCT { :{ $Id } a foaf:Person [{ $Role }][][]] ; foaf:name "{ $Name } " [{ $Role }][][]]; :salary { $Salary } [{ $Role }][][]]. } EmployeeID Name Salary RoleID JBloggs Joe Bloggs 60000 HR The 28th International Conference on Logic Programming, ICLP 2012. The 2nd Joint International Semantic Technology Conference, JIST 2012.
  • 8. Evaluating Triple Based Access Control Objective Examine the performance overhead associated with access control Dataset Enterprise Software Applications Document Management System Timesheet System Datasets of increasing size 푫푺ퟏ 푫푺ퟐ 푫푺ퟑ 푫푺ퟒ Records 9990 17692 33098 63909 Triples 62296 123920 247160 493648 File size(MB) 7.6 14.9 29.9 59.6 The 28th International Conference on Logic Programming, ICLP 2012. The 2nd Joint International Semantic Technology Conference, JIST 2012.
  • 9. Evaluation Results and Limitations Overhead associated with access control Performance Improvement for 2+ Triple Patterns The 28th International Conference on Logic Programming, ICLP 2012. The 2nd Joint International Semantic Technology Conference, JIST 2012.
  • 11. Research Questions 1. When relational data is exposed as RDF, how can we ensure the original access control policies are applied to the RDF data? 2. Beyond triple level access control, what rules are necessary to support existing access control models and to simplify access control specification and maintenance? 3. What adjustments need to be made to SPARQL queries, to ensure that only authorised data is returned? 4. What components are required to support the specification, enforcement and administration of access control for the Linked Data Web?
  • 12. What rules are necessary for access control over RDF data? Discretionary Access Control (DAC) • Central access control policy • Users are allowed to override the central policy • Users can pass their access rights on to others (known as delegation) 28th IFIP TC-11 International Information Security and Privacy Conference, SEC 2013. 12th International Semantic Web Conference, ISWC 2013.
  • 13. DAC for the RDF Data Model Ability to delegate access rights to others grant/revoke Data and Schema based authorisations triple(s), subject, object, property, named graph – RDF Quad Pattern RDFS/OWL, Authorisation hierarchies Access Rights tightly coupled with operations select, construct, ask, describe insert, delete, insert/delete drop, create, copy, move, add Conflict Resolution denial takes precedence explicit over implicit exploit hierarchies Integrity Constrains ensure the create, copy, move, add permissions are assigned to named graphs 28th IFIP TC-11 International Information Security and Privacy Conference, SEC 2013. 12th International Semantic Web Conference, ISWC 2013.
  • 14. Access Control Entities Users e.g. joeBloggs, johnSmith Roles e.g. manager, supervisor Groups e.g. humanResources, sales Attributes e.g. (employer, NUIG), (policyNumber, 565656) Create, Read, Update, Delete Select, Construct, Ask, Describe, Insert, Delete, Delete/Insert Create, Copy, Move, Add, Drop Triple RDF Quad Patterns Redundant Redundant 28th IFIP TC-11 International Information Security and Privacy Conference, SEC 2013. 12th International Semantic Web Conference, ISWC 2013.
  • 15. What rules are necessary to support DAC over RDF data? Jajodia, S., Samarati, P., Sapino, M. L., Subrahmanian, V. S. Flexible support for multiple access control policies. 2001. Hierarchical Data System Components 28th IFIP TC-11 International Information Security and Privacy Conference, SEC 2013. 12th International Semantic Web Conference, ISWC 2013.
  • 16. Hierarchical Data System Components Jajodia, S., Samarati, P., Sapino, M. L., Subrahmanian, V. S. Flexible support for multiple access control policies. 2001. Users/Groups Roles Access Rights Resources 28th IFIP TC-11 International Information Security and Privacy Conference, SEC 2013. 12th International Semantic Web Conference, ISWC 2013.
  • 17. What rules are necessary to support DAC over RDF data? Jajodia, S., Samarati, P., Sapino, M. L., Subrahmanian, V. S. Flexible support for multiple access control policies. 2001. Graph Based Data System Components 28th IFIP TC-11 International Information Security and Privacy Conference, SEC 2013. 12th International Semantic Web Conference, ISWC 2013.
  • 18. Graph Based Data System Components 28th IFIP TC-11 International Information Security and Privacy Conference, SEC 2013. 12th International Semantic Web Conference, ISWC 2013. Subjects Access Rights Resources
  • 19. What rules are necessary to support DAC over RDF data? Jajodia, S., Samarati, P., Sapino, M. L., Subrahmanian, V. S. Flexible support for multiple access control policies. 2001. Authorisations <Sub, AR, Sign, Res, Type, By> Propagation Rules Authx ← Authy ᴧ GraphPattern Conflict Resolution Policies Authx ← Authx > Authy Integrity Constraints Error ← Authx 28th IFIP TC-11 International Information Security and Privacy Conference, SEC 2013. 12th International Semantic Web Conference, ISWC 2013.
  • 20. Evaluating Graph Based Access Control Objective Overhead associated with access control over increasing: • datasets • authorisations Dataset Berlin SPARQL Benchmark Dataset Query and authorisation generator Datasets of increasing size 푫푺ퟏ 푫푺ퟐ 푫푺ퟑ 푫푺ퟒ 푫푺ퟓ Quads 250223 500258 1000109 2000164 4000936 File size(MB) 24.5 49 98 195 391 푨푺ퟏ 푨푺ퟐ 푨푺ퟑ 푨푺ퟒ 푨푺ퟓ Authorisation sets of increasing size Quads 60000 120000 240000 480000 960000 File size(MB) 6.5 13 26 53 105
  • 21. Evaluation Results and Limitations Rules over increasing authorisations 60000 – 960000 Select queries over increasing triples 250223 – 4000936 • all quads (?S ?P ?O ?G) • a particular graph (?S ?P ?O G1) • all quads of type (?S rdf:type bsbm:Offer ?G) • all classes (?S rdf:type rdf:Class) • all properties (?S rdf:type rdf:Property) • Classes to all instances of that class • Properties to all instances of that property • Instance to properties associated with that instance 28th IFIP TC-11 International Information Security and Privacy Conference, SEC 2013. 12th International Semantic Web Conference, ISWC 2013.
  • 22. Known Limitations • Need access to all quad patterns to execute the query • Access Control correctness an open issue
  • 23. Research Questions 1. When relational data is exposed as RDF, how can we ensure the original access control policies are applied to the RDF data? 2. Beyond triple level access control, what rules are necessary to support existing access control models and to simplify access control specification and maintenance? 3. What adjustments need to be made to SPARQL queries, to ensure that only authorised data is returned? 4. What components are required to support the specification, enforcement and administration of access control for the Linked Data Web?
  • 24. SPARQL 1.1 Query Categories SPARQL Queries • Basic graph patterns and aggregates • Negation and subqueries SPARQL Updates • Insert/delete • Insert and Delete • Graph based update operations
  • 25. Rewriting SPARQL BGPs & Aggregates :MRyan :salary ?o :Employee SELECT ?id ?name ?salary WHERE { GRAPH ?g { ?id foaf:name ?name . ?id :salary ?salary } } SELECT ?id ?name ?salary WHERE { GRAPH ?g { ?id foaf:name ?name . ?id :salary ?salary FILTER NOT EXISTS { GRAPH :Employee { ?id foaf:name ?name . ?id :salary ?salary FILTER(?id = :MRyan) } } } }
  • 26. Rewriting SPARQL Subqueries and Filters :MRyan :worksFor ?o :OrgStructure SELECT DISTINCT ?employee ?manager WHERE { GRAPH ?g { ?x foaf:name ?employee . ?y foaf:name ?manager { SELECT ?x ?y WHERE { GRAPH :OrgStructure { ?x :worksFor ?y } } } } } SELECT DISTINCT ?employee ?manager WHERE { GRAPH ?g { ?x foaf:name ?employee . ?y foaf:name ?manager { SELECT ?x ?y WHERE { GRAPH :OrgStructure { ?x :worksFor ?y FILTER NOT EXISTS { GRAPH :OrgStructure { ?x :worksFor ?y FILTER ( ?x = :MRyan ) } } } } } } }
  • 27. Rewriting SPARQL Update Queries DELETE/INSERT • Apply SELECT query rewriting strategy DELETE DATA and INSERT DATA. • Remove unauthorised quads from the query CLEAR and DROP. • DELETE from target graph ADD and LOAD. • INSERT into target graph COPY. • DELETE from the destination graph • INSERT into destination graph MOVE. • DELETE from the destination graph • INSERT into destination graph • DELETE from the source graph
  • 28. Access Control Correctness Correctness criteria for fine-grained access control in relational databases. 2007. Wang, Q., Yu, T., Li, N., Lobo, J., Bertino, E., Irwin, K., Byun, J.-W. Secure - does not return information which has not been authorised Sound - does not return invalid results Maximum - returns as much information as possible without violating the secure and sound constraints State 1 State 2
  • 30. Evaluating Query Rewriting Correctness Objective Compare the results returned by our query rewriting algorithm to the results returned by a standard SPARQL query over a filtered dataset • Basic graph patterns and aggregates • Negation and subqueries • Insert/delete • Insert and delete • Graph based update operations Dataset  Automatically generate a set of authorisations from all 2^4 possible combinations (of constants and variables) for each quad in the BSBM dataset  Systematically generate queries for each of the 19104 RDF quad patterns As SPARQL queries are based on basic graph pattern matching, if we can prove correctness for all possible authorisations over the different query types, the data itself is irrelevant
  • 31. Evaluating Query Rewriting Correctness Results The proposed query rewriting algorithm is secure, sound and maximum for: • Basic graph patterns and aggregates • Negation and subqueries • Insert/delete • Insert and delete • Graph based update operations Exception In the case of property paths the query rewriting algorithm is not maximum Example FILTER NOT EXISTS { GRAPH ?g { ?employee :worksFor+ ?manager FILTER ( ?employee = :MRyan ) } }
  • 32. Performance Evaluation Triple Updates Graph Updates Queries Negation Time in milliseconds Time in milliseconds Time in milliseconds Time in milliseconds
  • 34. Research Questions 1. When relational data is exposed as RDF, how can we ensure the original access control policies are applied to the RDF data? 2. Beyond triple level access control, what rules are necessary to support existing access control models and to simplify access control specification and maintenance? 3. What adjustments need to be made to SPARQL queries, to ensure that only authorised data is returned? 4. What components are required to support the specification, enforcement and administration of access control for the LDW?
  • 35. Publishing and Consuming Linked Data RDB2RDF RDB2RDF
  • 36. Linked Data Authorisation Architecture RDB2RDF RDB2RDF
  • 37. Enforce access control policies Extract both data and permissions Source the individual PDFs
  • 38. Conclusions 1. When relational data is exposed as RDF, how can we ensure the original access control policies are applied to the RDF data? Use RDB2RDF to extract and associate permissions with triples 2. Beyond triple level access control, what rules are necessary to support existing access control models and to simplify access control specification and maintenance? The graph based authorisation flexible framework • Authorisations • Propagation rules • Conflict resolution policies • Integrity constraints
  • 39. Conclusions 3. What adjustments need to be made to SPARQL queries, to ensure that only authorised data is returned? Query rewriting strategy • FILTER NOT EXISTS expressions • Remove triples from insert and delete data queries • Rewrite update queries as INSERT/DELETE queries 4. What components are required to support the specification, enforcement and administration of access control for the LDW? The Linked Data Authorisation Architecture includes: • Authorisation Interface • Query Engine • Authorisation Framework
  • 40. Linked Data with Access Control Next Steps Privacy • Reasoning over privacy policies Context Awareness • Reasoning over contextual data • Efficient reasoning over streaming data Usability & Understandability • Graph based data clustering and visualisation techniques o examine the interplay between authorisations and rules o determine the impact of new authorisations Explanations & Negotiation • Potential security impact associated with explanations

Notes de l'éditeur

  1. Seevl music discovery and personalisation BBC integration of large amounts of content online, as text, audio and video. Search engines. Talis Aspire resource management solutions and services for universities, learners and educators.  Marbles browser Sindice Search Engine , Sigma browser Swoogle search engine
  2. 7.5 MB – 15 MB – 30 MB – 60 MB 60000 T – 120000 T – 24000 T – 48000 T