Return to search

Reasoning in Description Logic Ontologies for Privacy Management

A rise in the number of ontologies that are integrated and distributed in numerous application systems may provide the users to access the ontologies with different privileges and purposes. In this situation, preserving confidential information from possible unauthorized disclosures becomes a critical requirement. For instance, in the clinical sciences, unauthorized disclosures of medical information do not only threaten the system but also, most importantly, the patient data. Motivated by this situation, this thesis initially investigates a privacy problem, called the identity problem, where the identity of (anonymous) objects stored in Description Logic ontologies can be revealed or not. Then, we consider this problem in the context of role-based access control to ontologies and extend it to the problem asking if the identity belongs to a set of known individuals of cardinality smaller than the number k. If it is the case that some confidential information of persons, such as their identity, their relationships or their other properties, can be deduced from an ontology, which implies that some privacy policy is not fulfilled, then one needs to repair this ontology such that the modified one complies with the policies and preserves the information from the original ontology as much as possible. The repair mechanism we provide is called gentle repair and performed via axiom weakening instead of axiom deletion which was commonly used in classical approaches of ontology repair. However, policy compliance itself is not enough if there is a possible attacker that can obtain relevant information from other sources, which together with the modified ontology still violates the privacy policies. Safety property is proposed to alleviate this issue and we investigate this in the context of privacy-preserving ontology publishing. Inference procedures to solve those privacy problems and additional investigations on the complexity of the procedures, as well as the worst-case complexity of the problems, become the main contributions of this thesis.:1. Introduction
1.1 Description Logics
1.2 Detecting Privacy Breaches in Information System
1.3 Repairing Information Systems
1.4 Privacy-Preserving Data Publishing
1.5 Outline and Contribution of the Thesis

2. Preliminaries
2.1 Description Logic ALC
2.1.1 Reasoning in ALC Ontologies
2.1.2 Relationship with First-Order Logic
2.1.3. Fragments of ALC
2.2 Description Logic EL
2.3 The Complexity of Reasoning Problems in DLs

3. The Identity Problem and Its Variants in Description Logic Ontologies
3.1 The Identity Problem
3.1.1 Description Logics with Equality Power
3.1.2 The Complexity of the Identity Problem
3.2 The View-Based Identity Problem
3.3 The k-Hiding Problem
3.3.1 Upper Bounds
3.3.2 Lower Bound

4. Repairing Description Logic Ontologies
4.1 Repairing Ontologies
4.2 Gentle Repairs
4.3 Weakening Relations
4.4 Weakening Relations for EL Axioms
4.4.1 Generalizing the Right-Hand Sides of GCIs
4.4.2 Syntactic Generalizations
4.5 Weakening Relations for ALC Axioms
4.5.1 Generalizations and Specializations in ALC w.r.t. Role Depth
4.5.2 Syntactical Generalizations and Specializations in ALC

5. Privacy-Preserving Ontology Publishing for EL Instance Stores
5.1 Formalizing Sensitive Information in EL Instance Stores
5.2 Computing Optimal Compliant Generalizations
5.3 Computing Optimal Safe^{\exists} Generalizations
5.4 Deciding Optimality^{\exists} in EL Instance Stores
5.5 Characterizing Safety^{\forall}
5.6 Optimal P-safe^{\forall} Generalizations
5.7 Characterizing Safety^{\forall\exists} and Optimality^{\forall\exists}

6. Privacy-Preserving Ontology Publishing for EL ABoxes
6.1 Logical Entailments in EL ABoxes with Anonymous Individuals
6.2 Anonymizing EL ABoxes
6.3 Formalizing Sensitive Information in EL ABoxes
6.4 Compliance and Safety for EL ABoxes
6.5 Optimal Anonymizers

7. Conclusion
7.1 Main Results
7.2 Future Work

Bibliography

Identiferoai:union.ndltd.org:DRESDEN/oai:qucosa:de:qucosa:36583
Date18 December 2019
CreatorsNuradiansyah, Adrian
ContributorsBaader, Franz, Bonatti, Piero A., Technische Universität Dresden
Source SetsHochschulschriftenserver (HSSS) der SLUB Dresden
LanguageEnglish
Detected LanguageEnglish
Typedoc-type:doctoralThesis, info:eu-repo/semantics/doctoralThesis, doc-type:Text
Rightsinfo:eu-repo/semantics/openAccess
Relationinfo:eu-repo/grantAgreement/Deutsche Forschungsgemeinschaft/GRK 1907/221322883//RoSI: Role-based Software Infrastructures for continuous-context-sensitive Systems/RoSI

Page generated in 0.0022 seconds