Social Networks For Dummies

furiouserectAI and Robotics

Nov 21, 2013 (3 years and 11 months ago)

84 views

1

Social Networks For Dummies

Or some clues about Distributed Knowledge Base with Privacy

Serge Abiteboul,
Alban Galland
and a bunch of different people

Webdam, INRIA Saclay
-
Ile
-
de
-
France

2

Summary



Introduction


Definitions


Goal


Related works



Distributed Knowledge Base with Privacy


Ask
-
owner implementation


Indexed
-
DHT implementation


Friendly
-
Gossip Implementation



Declarative Expression of Privacy



Social Knowledge Mining



Demonstration



Conclusion

3

My definition of Social Network


Social Network
: a (web)
application where users store
and consult data and interact
with data of other users
following explicit relationships


Some important notions


Users : people


Data : graph of XML
documents, AXML


Data
-
management : storage,
replication, query


Relationship

4

My definition of Privacy


Privacy
: the fact that a user
keeps control over her data and
activity


Some important notions


Read and write permissions


Delegation of permissions


(Anonymity of activity)


(Anonymity of aggregated data)

5

Goal


Define and implement the basis for a distributed
social network that guarantees access control


More precisely


Distributed knowledge base with access control


Declarative high level access control specification


Also


Social network application


Social knowledge mining

6

Related works


Social network


Some typically centralized SN systems with limited
access control management


Some SN
-
specific applications


Some works on knowledge mining in SN


Distribution


Distributed Hash Table and indexing (KadoP)


Friend based P2P


Privacy


Access control and logic


Cryptography

7

Distributed Knowledge Base with Privacy


Access control lists at the principal level


A principal corresponds to a set of access rights
and documents


e.g., a user or a group


Rights : read (query), append, write (delete), own
(grant, revoke)


Some languages (logics) to speak about
cryptography and communications


Signature, encryption


Time


Messages

8

Distributed Knowledge Base with Privacy


One can consider different architectures/
implementations


We focus on (1+) 3


(Centralized system)


Ask
-
owner implementation


Indexed
-
DHT implementation


Friendly
-
Gossip implementation


9

Ask
-
owner implementation


Basic semantic


Signed Instructions

Results

Ownership

10

Indexed
-
DHT implementation

Signed Instructions

Encrypted Results

Ownership

1

1

2

Access

Access

Index

11

Indexed
-
DHT implementation


Principals are no more physically hosted by one
machine but data
are

distributed as posts on a P2P
system with a DHT


Each post is signed and encrypted.
Hosts :


Understand some meta
-
data


Do not understand the content they store


Three key kinds of posts : update (write or
append), access and index


12

Indexed
-
DHT implementation


Update posts


q says (doc@q, t
apply

, T, C for q) where :


q : principal id


doc : document id


t
apply

: update timestamp


T : write or append


C for q : content encrypted by a reader public
key


Write/Append right = signature private key


A host can easily check it get a valid post

1

1

13

Indexed
-
DHT implementation


Update posts


Read right = reader private key


A reader can check she gets a valid
version, or otherwise ask another host



In the general case, hosts exchange signatures
on list of posts



If you forget about append, replication can be
replaced by time of validity and refresh

1

1

14

Indexed
-
DHT implementation

Access posts


q says t
apply
,(key for u), (u,R for q)
where :


q : principal id


u : another principal


key : cryptographic key (explicit
delegation)


R : access right (read, write, append,
own)


Revocation : add time to post + full (or
lazy) regeneration of dirty keys

Access

15

Indexed
-
DHT implementation

Index posts


Balance between leak of information
and efficiency of queries


May need more meta
-
data, like an
encryption schema


Could be managed as regular update

Index

16

Indexed
-
DHT implementation


Other versions depending of


Hierarchy of rights


Who can access the list of access controls of a
principal


Some reasons to use a logic language for access
control


Need a clear way to express the exchange of
knowledge


Need to make some proof

17

Friendly
-
Gossip Implementation

Signed Instructions

Encrypted Results

Ownership

18

Declarative Expression of Privacy



Example


People who are tagged on one of my photos can
see this photo


People who are friends of two of my friends can
read my Wall


People who are best friends of mine can write on
my Wall



Problems


Uncontrolled deduction


Fix
-
point semantic

19

Social Knowledge Mining


Previous works



Recommendation: previous works at Yahoo!
Research with Sihem Amer
-
Yahia



Corroboration (with Serge, Amelie and Pierre S.)


What remains in a distributed system with access
control?


Introducing higher level of semantic (belief…)


20

Demonstration


Some functionalities already implemented during
Marilena Oita internship


A user interface and global logic


Some part of Distributed Knowledge Base with
Privacy


Declarative Privacy is missing

21

Conclusion


This is work in progress


We are currently focusing on distributed
knowledge base with access control, wondering if
there is any link with knowledge management


Hidden behind trendy Social Networks, we believe
there are real topics of research, in particular in
distributed systems