Using Social Semantic Web Data for Privacy Policies
Student: Emily Kigel
Supervision: Philipp Kärger
Policy based access control is an approach to protect
privacy in open systems. Such policies are formal statements describing
who gets access under which conditions. For automated privacy decisions
based on policies, so-called policy engines are used. Policy engines
automatically decide if an action is allowed to be performed or not;
this decision is a conclusion drawn from the policy conditions. There
exists several policy engines, for example Ponder, Rei and Protune.
For automated access control decisions several sources may be queried.
For example, I may grant access to some files only to my friends in
Facebook or only to users reading my tweets on twitter.com.
Some of these data sources provide their information in a propriatory
format, others allow access to such information via a SPARQL endpoint.
Protune is a policy engine that allows to include such external data
sources for access control decisions.
Goal of the thesis
The goal of this Bachelor thesis is to
- provide a state of the
art of privacy preferences in current social web platforms
- extract privacy statements that are currently not
possible to be specified and identify which information sources (that
is, which social web platforms or SPARQL endpoints) are useful to be
incorporated for more advanced privacy statements
- implement an extension for the Protune System in Java
that collects social information from social web platforms as well as
from SPARQL endpoints
Literature and Links
| Policies and
Policy reasoning |
| |
|
| |
|
| Privacy on
Social Platforms |
| |
|
| |
|
| Protune Policy
Framework |
| |
|
| |
|
| SPARQL Endpoints |
| |
|
Planning Overview
| June |
| Tasks: |
- Get familiar with the topics
- Read the links listed above and check for more
- Understand how policies work in general
- Understand how Protune works in particular
(i.e., how are the policies specified, etc.)
- Download the Protune sources and play around
with the visualClient and visualServer demo application and write some
first own policies
- Perform simple SPARQL queries to understand RDF
and SPARQL
- Check some of the most common Social Platforms
|
| Output: |
- Write down all the things you understand in
that phase in a way that you can reuse it for the final thesis
- Provide an overview of Social Web Tools you
consider for deeper investigation
|
| July |
| Tasks: |
- Check and understand the privacy settings of
the Social Web Platforms
- Figure out what is missing there, list required
extensions
- Figure out how to access the Social Web
Platforms in question
- Implement a first prototype that queries a
SPARQL endpoint from Java
- create a structure for your thesis
|
| Output: |
- An overview of the privacy settings in current
Social Platforms
- A list of required extensions to those privacy
settings
- Prototypical implementations
- All thoughts and decisions should be informally
documented so that you can reuse the text for the final thesis
- a structure of the thesis
|
| August |
| Tasks: |
- Finalize the implemenentation of the SPARQL and
Social Platform wrappers
- Implement a simple prove of concepts that uses
protune for privacy decisions
- Start writing the thesis
|
| Output: |
- Implementation and documentation
- A first draft of the thesis
|
| September |
| Tasks: |
- Write down your considerations and results in a
thesis
- Create junit tests to test your developments
- Finalize the documentation of your software
|
| Output: |
- Final software, documented and tested
- Final thesis document
|
|
