Presentation is loading. Please wait.

Presentation is loading. Please wait.

 Copyright 2009 Digital Enterprise Research Institute. All rights reserved. Digital Enterprise Research Institute www.deri.ie Annotation-Based Access.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: " Copyright 2009 Digital Enterprise Research Institute. All rights reserved. Digital Enterprise Research Institute www.deri.ie Annotation-Based Access."— Presentation transcript:

1  Copyright 2009 Digital Enterprise Research Institute. All rights reserved. Digital Enterprise Research Institute www.deri.ie Annotation-Based Access Control Peyman Nasirifard University College Dublin, Dublin, Ireland July 1st 2009

2 Digital Enterprise Research Institute www.deri.ie Outline Access control in social platforms How we share resources in real-life Annotation-Based Access Control (patent pending) Prototype: Uncle-Share  Scenario OR Live Demo Annotation-Based Access Control Add-on (Plug-in) Discussions Conclusion Q and A

3 Digital Enterprise Research Institute www.deri.ie Access Control in Social Platforms One of the key concepts of Web 2.0 platforms is „Sharing“  Sharing needs access control Problems with current approaches within social and cooperative platforms:  Coarse-grained: – Private vs. Public – Share with individuals  Groups To move from messaging to sharing:  Social-awareness-based access control

4 Digital Enterprise Research Institute www.deri.ie Real-Life Access Control We share resources based on social relationships we attribute to people  We may share our credit card details with our parents, but not with our friends. We mentally annotate people, meaning of terms may differ between people  parent, supervisor, friend, close friend, director, athletic, honest, etc. Real-life model can be applied to online model  Annotation-Based Access Control – more natural and flexible

5 Digital Enterprise Research Institute www.deri.ie Annotation-Based Access Control

6 Digital Enterprise Research Institute www.deri.ie Three Entities and Two Concepts A Person is an entity with the RDF type Person. A Person is connected to zero or more other Persons. A Person owns zero or more Resources. A Person defines zero or more Policies. An Annotation is a term or a set of terms that are connected together and aims to describe the Person. Each connection between Persons can be annotated with zero or more Annotations. A Resource is an entity with the RDF type Resource and is owned by (isOwnedBy) one or more Persons. Resources are in the form of URIs, URLs, and/or short messages. A Policy is an entity with the RDF type Policy. A Policy is defined by (isDefinedBy) one Person and belongs to (belongsTo) one Resource. A Policy has one Annotation and one Distance. A Distance is a numerical value which determines the depth that the Policy is valid. The depth is actually the shortest path among two Persons with consideration of Annotations.

7 Digital Enterprise Research Institute www.deri.ie Meta-policies (Rules) Rule: A Person acquires access to a Resource, if and only if (iff) s/he meets all policies that have been defined by Resource owner for that Resource. It means that the Person has been already annotated with the Annotations which are defined in the Policies and s/he is also in the scope of the Policies (i.e. Distance criteria).  Multiple Policies that are defined by a Resource owner for a Resource are ORed, if they have different Distances, otherwise the Policies are ANDed. Rule: Only the Resource owner is eligible to define Policies for that Resource. Rule: A private Resource has zero or more Policies, whereas a public Resource has at least one Policy. Rule: The default Distance for Policies is one.

8 Digital Enterprise Research Institute www.deri.ie Extended Version (Patent Pending)

9 Digital Enterprise Research Institute www.deri.ie Prototype: Uncle-Share Widget Login: User login or registration, including full name, user name, and password. Person: User may add, modify, and annotate contact list. Resources: User may add resources (URI/short message) and assign them policies. Shared: User may see the resources that have been shared with him by others. The distance may be set in order to increase or decrease the scope of the shared resources. Settings: User and server configuration. Help: Provides a tutorial video and some technical and contact information regarding the platform.

10 Digital Enterprise Research Institute www.deri.ie Features Widget  Can be embedded into any Web page or widget platform  Syndication, flexibility, portability, and customization. Service-Oriented-Architecture (SOA)  All functionalities are wrapped as services Ontology-based and RDF-based AJAX (i.e. No additional interations with the server) Suggest box  Suggests annotations to end users  Currently the suggestions come from the RELATIONSHIP ontology We used free and open source packages

11 Digital Enterprise Research Institute www.deri.ie Embedded Widget (iGoogle and BSCW)

12 Digital Enterprise Research Institute www.deri.ie Question Scenario or Live Demo?

13 Digital Enterprise Research Institute www.deri.ie Use Case Scenario

14 Digital Enterprise Research Institute www.deri.ie Who Will Access What? Alice has access to her three resources and www.resource5.com via Bob, because www.resource5.com is accessible to the Bob's contacts that have been annotated as student and have maximum distance one to Bob and Alice fulfils this policy. Bob has access to his two resources and also two of Alice's resources: www.resource1.com and www.resource2.com. Tom has access to www.resource4.com which was shared via Bob to him and also www.resource2.com which was shared via Alice to him. Mary will see the short message from Alice: I_need_to_talk_to_you_please.

15 Digital Enterprise Research Institute www.deri.ie Collaboration Vocabulary CoVoc: A vocabulary for describing collaborations and e- Professionals (mainly researchers) Five main categories  An e-Professional (researcher) collaborates in different projects  An e-Professional (researcher) participates in different events like conferences and workshops and publishes various stuff  An e-Professional (researcher) may be part of the university board  An e-Professional (researcher) can be involved in industry  An e-Professional (researcher) has various online (social) activities For each category, we proposed some terms  writeDeliverableWith, hadCoffeeBreakWith, supervisor, CEO, readNewsOf We built RDF schema for CoVoc  Extensible for future needs

16 Digital Enterprise Research Institute www.deri.ie Mining Tags Helping users to Tag people with their expertise Our current approach uses log files of shared workspaces

17 Digital Enterprise Research Institute www.deri.ie Prototype: Expert Finder

18 Digital Enterprise Research Institute www.deri.ie Who is working with whom? Helping users to find proxies Our current approach uses log files of shared workspaces

19 Digital Enterprise Research Institute www.deri.ie Prototype: Holmes

20 Digital Enterprise Research Institute www.deri.ie HeyStaks I am a fan of HeyStacks There are some user interface and privacy issues  Out of scope of this presentation There exist two (or three) main methods for sharing staks in HeyStaks  Users can select one or more buddies from their friend list to share a stak with them.  Users can enter the email addresses of other users to share a stak with them.  Maybe based on groups as well

21 Digital Enterprise Research Institute www.deri.ie HeyStaks

22 Digital Enterprise Research Institute www.deri.ie HeyStaks Enabling users to have friends (buddies).  Heystaks can also propose some friends: for example, users with the same email extensions can be friends together and so on. Adding the feature to enable users to annotate those friends with desired terms.  Minining tags based on saved resources Enabling users to define access control policies for staks based on annotations. Main access control engine to control the access to resources (staks) based on previous annotations and policies.

23 Digital Enterprise Research Institute www.deri.ie Conclusion and Future Work We presented Annotation-Based Access Control  Distance and Annotation are two important factors  Propagation of the policies  Widget-based prototype can be embedded into any platform  Some additional add-on  OrbiTeam (BSCW platform) is going to license it for evaluation purposes Future Work  Recommendar system for people-tags  Helping users for determining the appropriate annotation and distance  Integrating this model with BSCW

24 Digital Enterprise Research Institute www.deri.ie Thank You! Q and A

Download ppt " Copyright 2009 Digital Enterprise Research Institute. All rights reserved. Digital Enterprise Research Institute www.deri.ie Annotation-Based Access."

Similar presentations

Copyright 2008 Digital Enterprise Research Institute. All rights reserved. Digital Enterprise Research Institute www.deri.ie An Annotation-based Access.

Copyright 2008 Digital Enterprise Research Institute. All rights reserved. Digital Enterprise Research Institute An Annotation-based Access.
Step 1 Start your web browser (Internet Explorer or Firefox). Step 2 Type: in the Address box Step 3 Press Enter on the keyboard.

Step 1 Start your web browser (Internet Explorer or Firefox). Step 2 Type: in the Address box Step 3 Press Enter on the keyboard.
Business Development Suit Presented by Thomas Mathews.

Business Development Suit Presented by Thomas Mathews.
 Copyright 2006 Digital Enterprise Research Institute. All rights reserved. www.deri.ie The Future is Now JeromeDL A Digital Library on Social Semantic.

 Copyright 2006 Digital Enterprise Research Institute. All rights reserved. The Future is Now JeromeDL A Digital Library on Social Semantic.
IIT Kanpur Web Based Land Records Management System Prof. P.K.Kalra Developed by Department of Electrical Engineering Indian Institute.

IIT Kanpur Web Based Land Records Management System Prof. P.K.Kalra Developed by Department of Electrical Engineering Indian Institute.
Kentico CMS 5.5 R2 What’s New. Highlights Intranet Solution Document management package – WebDAV support – Project & task management – Document libraries.

Kentico CMS 5.5 R2 What’s New. Highlights Intranet Solution Document management package – WebDAV support – Project & task management – Document libraries.
GSA eBuy Seller’s Tutorial

GSA eBuy Seller’s Tutorial
Author Instructions How to upload Single Abstract to the paper management system Single Abstract is a document that describes one presentation that someone.

Author Instructions How to upload Single Abstract to the paper management system Single Abstract is a document that describes one presentation that someone.
Web 2.0: Concepts and Applications 5 Connecting People.

Web 2.0: Concepts and Applications 5 Connecting People.
 Copyright 2009 Digital Enterprise Research Institute. All rights reserved. Digital Enterprise Research Institute www.deri.ie Extracting and Utilizing.

 Copyright 2009 Digital Enterprise Research Institute. All rights reserved. Digital Enterprise Research Institute Extracting and Utilizing.
 Copyright 2006 Digital Enterprise Research Institute. All rights reserved. www.deri.ie 1 Tools and Terms for Annotation-Based Access Control Peyman Nasirifard.

 Copyright 2006 Digital Enterprise Research Institute. All rights reserved. 1 Tools and Terms for Annotation-Based Access Control Peyman Nasirifard.
1 of 6 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.

1 of 6 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2007 Microsoft Corporation.
ReQuest (Validating Semantic Searches) Norman Piedade de Noronha 16 th July, 2004.

ReQuest (Validating Semantic Searches) Norman Piedade de Noronha 16 th July, 2004.
Creating Online Class Communities Jennifer Dorman Discovery Education

Creating Online Class Communities Jennifer Dorman Discovery Education
Sharepoint Portal Server Basics. Introduction Sharepoint server belongs to Microsoft family of servers Integrated suite of server capabilities Hosted.

Sharepoint Portal Server Basics. Introduction Sharepoint server belongs to Microsoft family of servers Integrated suite of server capabilities Hosted.
Connect Connect is an educational platform where you can access your homework, assignments and course material. Connect Plus gives you also access to an.

Connect Connect is an educational platform where you can access your homework, assignments and course material. Connect Plus gives you also access to an.
OMap By: Haitham Khateeb Yamama Dagash Under Suppervision of: Benny Daon.

OMap By: Haitham Khateeb Yamama Dagash Under Suppervision of: Benny Daon.
DYNAMICS CRM AS AN xRM DEVELOPMENT PLATFORM Jim Novak Solution Architect Celedon Partners, LLC

DYNAMICS CRM AS AN xRM DEVELOPMENT PLATFORM Jim Novak Solution Architect Celedon Partners, LLC
CONFIDENTIAL – DO NOT DISTRIBUTE Copyright © 2014 Interneer, Inc. All rights reserved. Partner with Professional Services for Success and Configuration.

CONFIDENTIAL – DO NOT DISTRIBUTE Copyright © 2014 Interneer, Inc. All rights reserved. Partner with Professional Services for Success and Configuration.
 Copyright 2007 Digital Enterprise Research Institute. All rights reserved. www.deri.org Digital Enterprise Research Institute (DERI) Galway www.deri.ie.

 Copyright 2007 Digital Enterprise Research Institute. All rights reserved. Digital Enterprise Research Institute (DERI) Galway

Similar presentations

Ads by Google