A WebID is a single sign-on token for a user’s authentication to access multiple social network sites without preparing numerous user names and passwords. This breaks the walled garden data silo problem that exists in the current centralized on-line social network. In this study, we demonstrate how to restructure the centralized online social network architecture into the decentralized Social Web for wide-scale WebID capturing, recording, anonymizing, sharing, integration, modeling, and ana-lyzing.
4AISL stands for Assured Information Sharing Lifecycle, and Presidio for Collaborative Policies and Assured Information Sharing.
Propagation Control Services for WebID Analytics on the Decentralized Social Web 19 We presented a WebID analytics process to investigate the privacy-preserving WebID disclosure problem by using transparent and accountable propagation con-trol services at the data concon-trollers of an information value chain.
We show how to apply transparent and accountable propagation control services at the data controllers to assure WebID protection for the data owner and to ensure the analytics utility for the data user. In addition, we demonstrate how to provide WebID dataset protection and utility through types of semantics-enabled policy en-forcement to call for WebID propagation control services at the data controllers of an information value chain. In our future work, we will investigate a comprehen-sive solution for the problem inherent in transparent accountable propagation con-trol services. Furthermore, types of semantics-enabled policy for hybrid RHadoop analytics for the WebID datasets will be fully implemented on the decentralized privacy-aware Social Web.
Acknowledgements
This research was partially supported by the NSC Taiwan under Grant NSC 102-2221-E-004-014.
References
1. Adam, R.N., Worthmann, C.J.: Security-control methods for statistical databases: A compar-ative study. ACM Computing Survey21(4), 515–556 (1989)
2. Anderson, A.H.: A comparison of two privacy policy languages: EPAL and XACML. In:
Proceedings of the 3rd ACM Workshop on Secure Web Services (SWS’06), pp. 53–60. ACM (2006)
3. Appelquist, D., et al.: A standard-based, open and privacy-aware social web. Tech. rep., W3C Incubator Group Report (2010)
4. Ardagna, A.C., et al.: A privacy-aware access control system. Journal of Computer Security 16 (2008)
5. Barbier, G., et al.: Provenance Data in Social Media. Morgan & Claypoole Publishers (2013) 6. Beckett, D., et al.: Turtle: Terse RDF triple language. Tech. rep., W3C Candidate
Recommen-dation (2013)
7. Berners-Lee, T.: Socially aware cloud storage (2011)
8. Boley, H., et al.: Rule interchange on the web. In: Reasoning Web 2007, Third International Summer School, LNCS 4636. Springer, Dresden, Germany (2007)
9. Bonatti, A.P.: Datalog for security, privacy and trust. In: Datalog Reloaded, LNCS 6702, pp.
21–36. Springer (2011)
10. Carminati, B., Ferrari, E.: Privacy-aware access control in social networks: Issues and so-lutions. In: J. Nin, J. Herranz (eds.) Privacy and Anonymity in Information Management Systems, pp. 181–195. Springer (2010)
11. Ciriani, V., et al.: Microdata protection. In: T. Yu, S. Jajodia (eds.) Secure Data Management in Decentralized Systems, pp. 291–321. Springer (2007)
12. Cox, H.L., Karr, F.A., Kinney, K.S.: Risk-utility paradigms for statistical disclosure limitation:
How to think, but not how to act. International Statistical Review79(2), 160–183 (2011)
20 Yuh-Jong Hu 13. Dean, J., Ghemawat, S.: Mapreduce: Simplified data processing on large clusters.
Communi-cations of the ACM51(1), 107–113 (2008)
14. Dwork, C.: Differential privacy. In: Proc. of the 33rd International Colloquium on Automata, Languages and Programming (ICALP), LNCS 4052, pp. 1–12 (2006)
15. Dwork, C.: A firm foundation for private data analysis. Communications of the ACM54(1), 86–95 (2011)
16. Editors: Data, data everywhere: a special report on managing information. Tech. rep., The Economist (2010)
17. Eiter, T., et al.: Rules and Ontologies for the Semantic Web. Springer (2008) 18. Foresti, S.: Preserving Privacy in Data Outsourcing. Springer (2011)
19. Gentry, C.: Computing arbitrary functions of encrypted data. Communications of the ACM 53(3), 97–105 (2010)
20. Heath, T., Bizer, C.: Linked Data: Evolving the Web into a Global Data Space. Morgan &
Claypool Publishers (2011)
21. Hu, Y.J., Boley, H.: SemPIF: A semantic meta-policy interchange format for multiple web policies. In: Web Intelligence and Intelligent Agent Technology (WI-IAT), 2010 IEEE/WIC/ACM International Conference on, vol. 1, pp. 302–307 (2010)
22. Hu, Y.J., et al.: Crafting a balance between big data utility and protection in the semantic data cloud. In: International Conference on Web Intelligence, Mining and Semantics (WIMS’13).
ACM Press (2013)
23. Hundepool, A., et al.: Statistical Disclosure Control. Wiley Series in Survey Methodology (2012)
24. Inkster, T., Story, H., Harbulot, B.: WebID-TLS: WebID authentication over TLS, W3C edi-tor’s draft. Tech. rep., W3C (2013)
25. Jung, J.J.: Integrating social networks for context fusion in mobile service platforms. Journal of Universal Computer Science16(15), 2099–2110 (2010)
26. Karjoth, G., Schunter, M., Herreweghen, E.V.: Translating privacy practices into privacy promises - how to promise what you can keep. In: POLICY’03. IEEE (2003)
27. Krohn, M., et al.: A world wide web without walls. In: 6th ACM Workshop on Hot Topics in Networking (Hotnets). ACM (2007)
28. Labrinidis, A., et al.: Challenges and opportunities with big data. Tech. rep., Computing Research Consortium (CSR) (2012)
29. Manyika, J., et al.: Big data the next frontier for innovation, competition, and productivity.
Tech. rep., McKinsey Global Institute (2011)
30. Moreau, L.: The foundations for provenance for the web. Foundations and Trends in Web Science2(2-3), 99–241 (2010)
31. Myers, A.C., Liskov, B.: Protecting privacy using the decentralized label model. ACM Trans-actions on Computer System9(4), 410–442 (2000)
32. Nissenbaum, H.: Privacy Context: Technology, Policy, and the Integrity of Social Life. Stand-ford University Press (2010)
33. Patel-Schneider, F.P., Horrocks, I.: A comparison of two modelling paradigms in the semantic web. Journal of Web Semantics pp. 240–250 (2007)
34. Roy, I., et al.: Airavat: Security and privacy for mapreduce. In: Proceedings of the 7th USENIX Conference on Networked System Design and Implementation (NSDI’10) (2010)
35. Sambra, A., Story, H., Berners-Lee, T.: WebID 1.0: Web identity and discovery, W3C editor’s draft. Tech. rep., W3C (2013)
36. Schwab, K., et al.: Personal data: The emergence of a new asset class. Tech. rep., World Economic Forum (2011)
37. Solove, J.D.: A taxonomy of privacy. University of Pennsylvania Law Review154(3) (2006) 38. Spomy, M., et al.: JSON-LD 1.0. Tech. rep., W3C Proposed Recommendation (2013) 39. Stonebraker, M.: What does ’big data mean. BLOG@CACM (2012)
40. Sweeney, L.: K-annonumity: a model for protecting privacy. International Journal of Uncer-tainty, Fuzziness and Knowedge Based Systems10(5), 557–570 (2002)
41. Tene, O., Polonetsky, J.: Privacy in the age of big data: A time for big decisions. 64 Stanford Law Review Online 63 (2012)
Propagation Control Services for WebID Analytics on the Decentralized Social Web 21 42. Vimercati, S.D.C.d., et al.: Access control policies and languages in open environments.
In: T. Yu, S. Jajodia (eds.) Secure Data Management in Decentralized Systems, pp. 21–58.
Springer (2007)
43. Weaver, J., Tarjan, P.: Facebook linked data via the graph API. Semantic Web - Interoperabil-ity, UsabilInteroperabil-ity, Applicability (2012)
44. Weitzner, J.D., et al.: Creating a policy-aware web: Discretionary, rule-based access for the world wide web. In: E. Ferrari, B. Thuraisingham (eds.) Web and Information Security, pp.
1–31. IGI (2006)
45. Weitzner, J.D., et al.: Transparent accountable data mining: New strategies for privacy protec-tion. Tech. Rep. MIT-CSAIL-TR-2006-007, MIT CSAIL (2006)
46. Wood, D., et al.: Linked Data: Structured Data on the Web. Manning (2014)
47. Yeung A., C., et al.: Decentralization: The future of online social networking. In: W3C Work-shop on the Future of Social Networking. W3C (2009)
48. Zheleva, E., Terizi, E., Getoor, L.: Privacy in Social Networks. Morgan&Claypool (2012)