Copyright © Norman Sadeh Semantic Web Technologies to Reconcile Privacy and Context Awareness Norman M. Sadeh ISRI- School of Computer Science Carnegie Mellon University Pittsburgh, PA - USA
Copyright © Norman Sadeh Mobility Challenge Can no longer assume the user’s undivided attention Can no longer assume the user’s undivided attention Time critical nature of many tasks Time critical nature of many tasks Limited input/output functionality Limited input/output functionality
Copyright © Norman Sadeh Context Awareness …All this argues for: …All this argues for: Higher levels of automation Context awareness …True also in fixed Internet scenarios
Copyright © Norman Sadeh Sources of Contextual Information A user’s context information is distributed across a number of disparate resources A user’s context information is distributed across a number of disparate resources Calendar Location tracking Address book Buddy lists Weather Available resources vary from one user to another Available resources vary from one user to another …and over time e.g. roaming across different networks
Copyright © Norman Sadeh Vision A growing collection of context-aware agents that users can buy or subscribe to A growing collection of context-aware agents that users can buy or subscribe to Personal resources modeled as Semantic Web services Personal resources modeled as Semantic Web services Service profile Each user has a Semantic eWallet Each user has a Semantic eWallet Automated identification and access of a user’s personal resources subject to privacy preferences
Copyright © Norman Sadeh Semantic Web Approach Ontologies to explicitly represent and reason about: Ontologies to explicitly represent and reason about: Personal/Contextual Resources Location tracking, calendar, organizational resources, messaging resources, preferences, etc. Contextual attributes e.g. location, calendar activities, social or organizational context, etc. Preferences, incl. privacy preferences: Access control preferences “Obfuscation” rules Web services Automated service identification and access
Copyright © Norman Sadeh Personal Resource Ontology: An Example Personal Resource Activity Information Resource Location Information Resource List of Friends Sprint PCS Location Tracking CMU Location Tracking Microsoft Outlook Calendar IS-A INSTANCE
Copyright © Norman Sadeh MyCampus Project Motivation: Motivation: Campus as “everyday life microcosm” Objective: Objective: Enhance campus life through context-aware services accessible over the WLAN Methodology: Methodology: Involve stakeholders in the design Students and other members of the community Evaluate and extrapolate to other environments Mobile Commerce, Mobile Enterprise, etc.
Copyright © Norman Sadeh Overall Architecture Wireless LAN Calendar Location Tracking Internet and Intranet Semantic Web-enabled Services Task-Specific Agents e-Wallet User’s Personal Environment Social Context Preferences Semantic Web-enabled Context Resources Personal Resource Directory (incl. Privacy Pref.) Personal Resource Ontologies Contextual Ontologies Personal Preference Ontologies Service Ontologies Semantic Web Service Directory
Copyright © Norman Sadeh Semantic eWallet Context-independent knowledge Context-independent knowledge Name, address, context-independent preferences Context-dependent knowledge Context-dependent knowledge “When driving, I don’t want to receive instant messages” Service invocation rules Service invocation rules Automated service identification and access Map contextual attributes onto different resources (personal and public) Privacy rules Privacy rules Access control rules “Only my classmates can see my location” Obfuscation rules “My classmates can only see the building I am in but not the actual room”
Copyright © Norman Sadeh Location Tracking as Web Service Location Tracking as a Web Service
Copyright © Norman Sadeh e- Asserting elementary needs for authorized information Pre-check access rights Post-check access rights Fetch useful static knowledge Application of obfuscation rules Query context assertion Query Assertion of authorized knowledge Result Call relevant external services Example : Query from John inquiring about Mary’s location the sender of the query is John the sender of the query is John John’s query requires accessing Mary’s location John’s query requires accessing Mary’s location 1. Is John allowed to see Mary’s location given what we know about the context of the query? 2. Mary said she only allows colleagues to see her location when she is on campus 3. John is a colleague of Mary Access location tracking functionality or Mary’s calendar Access location tracking functionality or Mary’s calendar Is Mary on campus? Is Mary on campus? Mary is willing to disclose the building but not the room she is in Mary is willing to disclose the building but not the room she is in Mary is in Smith Hall Mary is in Smith Hall
Copyright © Norman Sadeh FIPA ACL messages and OWL Content JADE platform User Interaction Agent Directory Facilitator Agent (FIPA) Agent Management Agent (FIPA) e-Wallet Manager Agent Ontologist Agent Task-Specific Agents
Copyright © Norman Sadeh Directory Facilitator Agent (FIPA) Agent Management Agent (FIPA) FIPA ACL messages and OWL Content User Interaction Agent HTTP Request e-Wallet Manager Agent Ontologist Agent Task-Specific Agents JADE platform
Copyright © Norman Sadeh privacy query answer Design of an e-Wallet Three-layer architecture: security through typing Three-layer architecture: security through typing Core knowledge: User static & context- sensitive knowledge Service Layer: Automatic identification and invocation of external sources of knowledge (e.g. public web services and and personal resources) Privacy layer: Enforces privacy rules access control & obfuscation All facts represented in OWL All facts represented in OWL Backward chaining migration rules: privacy rules, service rules, static migration rules Backward chaining migration rules: privacy rules, service rules, static migration rules service Core Know- ledge
Copyright © Norman Sadeh privacy query answer e- Design of an e-Wallet Three-layer architecture: security through typing Three-layer architecture: security through typing Core knowledge: user static & context- sensitive knowledge Service Layer: automatic identification and invocation of personal and public semantic web services Privacy layer: enforces privacy rules access control obfuscation rules Asserting elementary needs for authorized information Pre-check access rights Post-check access rights Fetch useful static knowledge Application of obfuscation rules Query context assertion Query Assertion of authorized knowledge Result Call relevant external services service Core Know- ledge
Copyright © Norman Sadeh Implementation Details OWL Meta-model in CLIPS OWL Meta-model in CLIPS Ontology in OWL Ontology in OWL Annotation in OWL Annotation in OWL Rule in (R)OWL Rule in (R)OWL Services in (W)OWL Services in (W)OWL Privacy in (S)OWL Privacy in (S)OWL Query in (Q)OWL Query in (Q)OWL Ontology stylesheet Ontology stylesheet & Annotation stylesheet Annotation stylesheet & Rule stylesheet Rule stylesheet & Service stylesheet Service stylesheet & Privacy stylesheet Privacy stylesheet & Query stylesheet Query stylesheet & Ontology in CLIPS Ontology in CLIPS Annotation in CLIPS Annotation in CLIPS Rule in CLIPS Rule in CLIPS Service rule in CLIPS Service rule in CLIPS Privacy rule in CLIPS Privacy rule in CLIPS Query rules in CLIPS Query rules in CLIPS XSLT Engine Result in OWL Result in OWL JESS
Copyright © Norman Sadeh Visualizing & Editing Preferences Visualizing & editing a privacy rule
Copyright © Norman Sadeh Editing Based on Existing Ontologies
Copyright © Norman Sadeh Obfuscation Example User location finder User location finder City block level City level level
Copyright © Norman Sadeh Slide Projector Agent
Copyright © Norman Sadeh Empirical Evaluation Initial prototype working on Carnegie Mellon’s campus Initial prototype working on Carnegie Mellon’s campus Restaurant concierge agent, message filtering agent, etc. Integration with calendar, location tracking, user profile, etc. Evaluation Evaluation Context awareness adds value Requires access to a broad range of resources/attributes Privacy concerns have to be addressed Additional validation on context-aware enterprise and DoD applications Additional validation on context-aware enterprise and DoD applications
Copyright © Norman Sadeh Concluding Remarks Context awareness helps overcome the limitations of mobile devices and the time criticality of mobile scenarios Context awareness helps overcome the limitations of mobile devices and the time criticality of mobile scenarios Context awareness makes privacy even more critical Context awareness makes privacy even more critical Our experiments indicate that user preferences are often complex Our experiments indicate that user preferences are often complex Incl. context-sensitive preferences Capturing these preferences is far from trivial Capturing these preferences is far from trivial Default profiles, learning, dialogs, How far can we go? Semantic Web approach Semantic Web approach Allows for policies that refer to concepts introduced in any number of domain-specific ontologies Opportunities for reconciliation with P3P/APPEL Opportunities for reconciliation with P3P/APPEL
Copyright © Norman Sadeh Q&A Source: 4_9/odlyzko/index.html