Preliminary Results on The Identity Problem in Description Logic Ontologies Adrian Nuradiansyah Franz Baader, Daniel Borchmann Technische Universität Dresden July 21, 2017 Adrian Nuradiansyah Description Logic Workshop 2017 July 21, 2017 1 / 1
Identification Problem Ontology combined ← − − − − − → Employee Database Anonymized Survey Data Background ( known individuals ) ( anonymous individuals ) Knowledge Adrian Nuradiansyah Description Logic Workshop 2017 July 21, 2017 2 / 1
Identification Problem Ontology combined ← − − − − − → Employee Database Anonymized Survey Data Background ( known individuals ) ( anonymous individuals ) Knowledge identity of known a ← − − − − − − anonymous x Adrian Nuradiansyah Description Logic Workshop 2017 July 21, 2017 2 / 1
Identification Problem An attacker still can access some axioms in the ontology s.t. he knows: { Female} + expert expert A : logic x privacy { Female } { Female } pattie { Male } john { Male } jim linda Adrian Nuradiansyah Description Logic Workshop 2017 July 21, 2017 3 / 1
Identification Problem An attacker still can access some axioms in the ontology s.t. he knows: { Female} + expert expert A : logic x privacy { Female } { Female } pattie { Male } john { Male } jim linda T : Female ⊑ ¬ Male ∃ expert . { logic } ⊑ VerTeam ∃ expert . { privacy } ⊑ SecTeam VerTeam ≡ { linda , john , pattie } SecTeam ≡ { linda , john , jim } Adrian Nuradiansyah Description Logic Workshop 2017 July 21, 2017 3 / 1
Identification Problem An attacker still can access some axioms in the ontology s.t. he knows: { Female} + expert expert A : logic x privacy { Female } { Female } pattie { Male } john { Male } jim linda T : Female ⊑ ¬ Male ∃ expert . { logic } ⊑ VerTeam ∃ expert . { privacy } ⊑ SecTeam VerTeam ≡ { linda , john , pattie } SecTeam ≡ { linda , john , jim } consequence : x ˙ = linda w.r.t. O Adrian Nuradiansyah Description Logic Workshop 2017 July 21, 2017 3 / 1
The Identity Problem Identity Problem Given a , b ∈ N I and an ontology O . Check whether a I = b I for all models I of O . It is denoted by ( O | = a ˙ = b ) . Adrian Nuradiansyah Description Logic Workshop 2017 July 21, 2017 4 / 1
The Identity Problem Identity Problem Given a , b ∈ N I and an ontology O . Check whether a I = b I for all models I of O . It is denoted by ( O | = a ˙ = b ) . Not all DLs are able to derive equalities between two individuals :( Adrian Nuradiansyah Description Logic Workshop 2017 July 21, 2017 4 / 1
DLs without Equality Power Definition L is a DL without equality power if there are no ontologies O formulated in L and two distinct individuals a , b , ∈ N I s.t. O | = a ˙ = b . Adrian Nuradiansyah Description Logic Workshop 2017 July 21, 2017 5 / 1
DLs without Equality Power Definition L is a DL without equality power if there are no ontologies O formulated in L and two distinct individuals a , b , ∈ N I s.t. O | = a ˙ = b . Theorem Every DL translated to a first-order logic without equality predicate is a DL without equality power Adrian Nuradiansyah Description Logic Workshop 2017 July 21, 2017 5 / 1
DLs without Equality Power Definition L is a DL without equality power if there are no ontologies O formulated in L and two distinct individuals a , b , ∈ N I s.t. O | = a ˙ = b . Theorem Every DL translated to a first-order logic without equality predicate is a DL without equality power They are: ALC and its fragments : EL , FL 0 , FLE , . . . SRI : extending ALC with inverse roles , role axioms , role compositions , and transitive roles . Adrian Nuradiansyah Description Logic Workshop 2017 July 21, 2017 5 / 1
DLs with Equality Power ALCO : lifting up an individual into a concept Example: Case of Employee. Adrian Nuradiansyah Description Logic Workshop 2017 July 21, 2017 6 / 1
DLs with Equality Power ALCO : lifting up an individual into a concept Example: Case of Employee. ALCQ : restricting the number of successors of a domain element Example: O = ( { PhDstudent ⊑ ≤ 1 supervised . ⊤} , { supervised ( adrian , y ) , supervised ( adrian , franz ) } ) Adrian Nuradiansyah Description Logic Workshop 2017 July 21, 2017 6 / 1
DLs with Equality Power ALCO : lifting up an individual into a concept Example: Case of Employee. ALCQ : restricting the number of successors of a domain element Example: O = ( { PhDstudent ⊑ ≤ 1 supervised . ⊤} , { supervised ( adrian , y ) , supervised ( adrian , franz ) } ) CFD nc : featuring functional dependencies Functional Dependencies : if two individuals agree on some attributes , then they are unique. Example : O = ( { A ⊑ A : f → id } , { A(a), A(x), f ( a ) = b , f ( x ) = b } ) Adrian Nuradiansyah Description Logic Workshop 2017 July 21, 2017 6 / 1
How to solve the identity problem? Problem Reduction 1 ( Upper Bound ) Identity reduced → Instance for all DLs with equality power . − − − − − O 1 | = a ˙ = b iff ( O 1 ∪ A ( a )) | = A ( b ) , where A ∈ N C is new Adrian Nuradiansyah Description Logic Workshop 2017 July 21, 2017 7 / 1
How to solve the identity problem? Problem Reduction 1 ( Upper Bound ) Identity reduced → Instance for all DLs with equality power . − − − − − O 1 | = a ˙ = b iff ( O 1 ∪ A ( a )) | = A ( b ) , where A ∈ N C is new Problem Reduction 2 ( Lower Bound ) Instance reduced → Identity in ALCO and ALCQ − − − − − HornSAT reduced → Identity in CFD nc − − − − − Adrian Nuradiansyah Description Logic Workshop 2017 July 21, 2017 7 / 1
How to solve the identity problem? Problem Reduction 1 ( Upper Bound ) Identity reduced → Instance for all DLs with equality power . − − − − − O 1 | = a ˙ = b iff ( O 1 ∪ A ( a )) | = A ( b ) , where A ∈ N C is new Problem Reduction 2 ( Lower Bound ) Instance reduced → Identity in ALCO and ALCQ − − − − − HornSAT reduced → Identity in CFD nc − − − − − Complexity Results ExpTime-complete in ALCO and ALCQ NExpTime-complete in ALCOIQ PTime-complete in CFD nc Complexities of identity and instance problem are not the same in ALC = allowing { a ˙ = b | a , b ∈ N I } ⊆ A → PTime vs ExpTime-hard Adrian Nuradiansyah Description Logic Workshop 2017 July 21, 2017 7 / 1
The View-based Identity Problem A rôle-based access control scenario: A partially visible ontology O I combined ← − − − − − → Employee Databases Anonymized Background ( known individuals ) Survey Data knowledge ( anonymous individuals ) Adrian Nuradiansyah Description Logic Workshop 2017 July 21, 2017 8 / 1
The View-based Identity Problem A rôle-based access control scenario: A partially visible ontology O I combined ← − − − − − → Employee Databases Anonymized Background ( known individuals ) Survey Data knowledge ( anonymous individuals ) At rôle ˆ At rôle ˆ r 1 r k - queries through O ˆ r 1 ⊆ O I switch → . . . switch - queries through O ˆ r k ⊆ O I − − − − → - obtains View V ˆ - obtains View V ˆ r k r 1 At rôle ˆ r k + 1 , is the identity of an anonymous x hidden w.r.t. V ˆ r k ? r 1 , . . . , V ˆ Adrian Nuradiansyah Description Logic Workshop 2017 July 21, 2017 8 / 1
Query Answering and View Let N I = N KI ∪ N AI , where N KI and N AI are the sets of known and anonymous individuals, respectively. Adrian Nuradiansyah Description Logic Workshop 2017 July 21, 2017 9 / 1
Query Answering and View Let N I = N KI ∪ N AI , where N KI and N AI are the sets of known and anonymous individuals, respectively. Let x ∈ N AI . The identity of x w.r.t. an ontology O I is idn ( x , O I ) = { a ∈ N KI | O I | = x ˙ = a } Adrian Nuradiansyah Description Logic Workshop 2017 July 21, 2017 9 / 1
Query Answering and View Let N I = N KI ∪ N AI , where N KI and N AI are the sets of known and anonymous individuals, respectively. Let x ∈ N AI . The identity of x w.r.t. an ontology O I is idn ( x , O I ) = { a ∈ N KI | O I | = x ˙ = a } Given O I , O ˆ r ⊆ O I accessed by a user with a rôle ˆ r , and a ( subsumption or retrieval ) query q , the answer to q w.r.t. ˆ r is: ans ( q , ˆ r ) := { true } , if q = C ⊑ D and O ˆ r | = C ⊑ D , ans ( q , ˆ r ) := ∅ , if q = C ⊑ D and O ˆ r �| = C ⊑ D , ans ( q , ˆ r ) := { a ∈ N I | O ˆ r | = C ( a ) } , if q = C , ans ( q , ˆ r ) := { ( a , b ) ∈ N I × N I | O ˆ r | = r ( a , b ) } , if q = r ∈ N R . Adrian Nuradiansyah Description Logic Workshop 2017 July 21, 2017 9 / 1
Recommend
More recommend
