towards law aware semantic cloud policies with exceptions
play

Towards Law-Aware Semantic Cloud Policies with Exceptions for Data - PowerPoint PPT Presentation

Nov 17, 2023 •103 likes •1.24k views

Towards Law-Aware Semantic Cloud Policies with Exceptions for Data Integration and Protection Yuh-Jong Hu Win-Nan Wu Di-Rong Cheng { hu, d9905, 98753031 } @cs.nccu.edu.tw Emerging Network Technology(ENT) Lab. Department of Computer Science

  1. Introduction Research Goals and Contributions Logical Cage Model vs. Legal Cage Model A TVD is a logical cage model, which consists of a set of distributed virtual machines (VMs), storage for the VMs, and a communication medium interconnecting the VMs [6]. A TLD is a legal cage model, which determined by a specific law, to regulate virtual legal boundary of data disclosure and usage. TLD concepts are modeled as a taxonomy of laws, where a type of law and an effective judicial domain are two factors to decide whether a data request is allowed. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 7 / 39 c

  2. Introduction Research Goals and Contributions Logical Cage Model vs. Legal Cage Model A TVD is a logical cage model, which consists of a set of distributed virtual machines (VMs), storage for the VMs, and a communication medium interconnecting the VMs [6]. A TLD is a legal cage model, which determined by a specific law, to regulate virtual legal boundary of data disclosure and usage. TLD concepts are modeled as a taxonomy of laws, where a type of law and an effective judicial domain are two factors to decide whether a data request is allowed. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 7 / 39 c

  3. Introduction Research Goals and Contributions Semantic Legal Policies as Logical Theories [5] Semantic legal policies are expressed as logical theories for information queries, and context are sets of ground facts that fed into policies for outputs. Semantic legal policies are mapping from a data usage context to access control decisions, such as permit, deny, and error. A data usage context comprises a user’s role along with his/her personal properties, resources metadata, access time, access location, purpose, and action, etc. Once a user’s data usage context is satisfied with the domain policy of a TLD, the semantic legal policies of this TLD are identified and executed. Semantic legal policy outputs (or query answers) are also encoded as logical formulas for authorization. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 8 / 39 c

  4. Introduction Research Goals and Contributions Semantic Legal Policies as Logical Theories [5] Semantic legal policies are expressed as logical theories for information queries, and context are sets of ground facts that fed into policies for outputs. Semantic legal policies are mapping from a data usage context to access control decisions, such as permit, deny, and error. A data usage context comprises a user’s role along with his/her personal properties, resources metadata, access time, access location, purpose, and action, etc. Once a user’s data usage context is satisfied with the domain policy of a TLD, the semantic legal policies of this TLD are identified and executed. Semantic legal policy outputs (or query answers) are also encoded as logical formulas for authorization. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 8 / 39 c

  5. Introduction Research Goals and Contributions Semantic Legal Policies as Logical Theories [5] Semantic legal policies are expressed as logical theories for information queries, and context are sets of ground facts that fed into policies for outputs. Semantic legal policies are mapping from a data usage context to access control decisions, such as permit, deny, and error. A data usage context comprises a user’s role along with his/her personal properties, resources metadata, access time, access location, purpose, and action, etc. Once a user’s data usage context is satisfied with the domain policy of a TLD, the semantic legal policies of this TLD are identified and executed. Semantic legal policy outputs (or query answers) are also encoded as logical formulas for authorization. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 8 / 39 c

  6. Introduction Research Goals and Contributions Semantic Legal Policies as Logical Theories [5] Semantic legal policies are expressed as logical theories for information queries, and context are sets of ground facts that fed into policies for outputs. Semantic legal policies are mapping from a data usage context to access control decisions, such as permit, deny, and error. A data usage context comprises a user’s role along with his/her personal properties, resources metadata, access time, access location, purpose, and action, etc. Once a user’s data usage context is satisfied with the domain policy of a TLD, the semantic legal policies of this TLD are identified and executed. Semantic legal policy outputs (or query answers) are also encoded as logical formulas for authorization. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 8 / 39 c

  7. Introduction Research Goals and Contributions Semantic Legal Policies as Logical Theories [5] Semantic legal policies are expressed as logical theories for information queries, and context are sets of ground facts that fed into policies for outputs. Semantic legal policies are mapping from a data usage context to access control decisions, such as permit, deny, and error. A data usage context comprises a user’s role along with his/her personal properties, resources metadata, access time, access location, purpose, and action, etc. Once a user’s data usage context is satisfied with the domain policy of a TLD, the semantic legal policies of this TLD are identified and executed. Semantic legal policy outputs (or query answers) are also encoded as logical formulas for authorization. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 8 / 39 c

  8. Introduction Research Goals and Contributions Semantic Legal Policies as Logical Theories (conti.) � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 9 / 39 c

  9. Related Work Related Work Several categories are related to this study: Multi-tenant cloud services: Abbadi [1], Cabuk [6], Eberhart [13], Foresti [16], Haase [20], Hu [25]. Peer data management: Beneventano [3], Calvanese [7], Halevey [21] [22], Hu [27], Madhavan [31]. Semantic policies for data sharing and protection: Clifton [10], Hu [24] [26]. Semantic privacy policies: Bart [2], Datta [11], Weitzner [37]. Semantic legal informatics: Boer [4], Gordon [19]. Datalog for security and privacy: Bonatti [5], Jajodia [28]. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 10 / 39 c

  10. Related Work Related Work Several categories are related to this study: Multi-tenant cloud services: Abbadi [1], Cabuk [6], Eberhart [13], Foresti [16], Haase [20], Hu [25]. Peer data management: Beneventano [3], Calvanese [7], Halevey [21] [22], Hu [27], Madhavan [31]. Semantic policies for data sharing and protection: Clifton [10], Hu [24] [26]. Semantic privacy policies: Bart [2], Datta [11], Weitzner [37]. Semantic legal informatics: Boer [4], Gordon [19]. Datalog for security and privacy: Bonatti [5], Jajodia [28]. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 10 / 39 c

  11. Related Work Related Work Several categories are related to this study: Multi-tenant cloud services: Abbadi [1], Cabuk [6], Eberhart [13], Foresti [16], Haase [20], Hu [25]. Peer data management: Beneventano [3], Calvanese [7], Halevey [21] [22], Hu [27], Madhavan [31]. Semantic policies for data sharing and protection: Clifton [10], Hu [24] [26]. Semantic privacy policies: Bart [2], Datta [11], Weitzner [37]. Semantic legal informatics: Boer [4], Gordon [19]. Datalog for security and privacy: Bonatti [5], Jajodia [28]. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 10 / 39 c

  12. Related Work Related Work Several categories are related to this study: Multi-tenant cloud services: Abbadi [1], Cabuk [6], Eberhart [13], Foresti [16], Haase [20], Hu [25]. Peer data management: Beneventano [3], Calvanese [7], Halevey [21] [22], Hu [27], Madhavan [31]. Semantic policies for data sharing and protection: Clifton [10], Hu [24] [26]. Semantic privacy policies: Bart [2], Datta [11], Weitzner [37]. Semantic legal informatics: Boer [4], Gordon [19]. Datalog for security and privacy: Bonatti [5], Jajodia [28]. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 10 / 39 c

  13. Related Work Related Work Several categories are related to this study: Multi-tenant cloud services: Abbadi [1], Cabuk [6], Eberhart [13], Foresti [16], Haase [20], Hu [25]. Peer data management: Beneventano [3], Calvanese [7], Halevey [21] [22], Hu [27], Madhavan [31]. Semantic policies for data sharing and protection: Clifton [10], Hu [24] [26]. Semantic privacy policies: Bart [2], Datta [11], Weitzner [37]. Semantic legal informatics: Boer [4], Gordon [19]. Datalog for security and privacy: Bonatti [5], Jajodia [28]. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 10 / 39 c

  14. Related Work Related Work Several categories are related to this study: Multi-tenant cloud services: Abbadi [1], Cabuk [6], Eberhart [13], Foresti [16], Haase [20], Hu [25]. Peer data management: Beneventano [3], Calvanese [7], Halevey [21] [22], Hu [27], Madhavan [31]. Semantic policies for data sharing and protection: Clifton [10], Hu [24] [26]. Semantic privacy policies: Bart [2], Datta [11], Weitzner [37]. Semantic legal informatics: Boer [4], Gordon [19]. Datalog for security and privacy: Bonatti [5], Jajodia [28]. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 10 / 39 c

  15. Background A Super-Peer Domain (SPD) Model A super-peer specifies its legal semantic policies based on a type of law from a jurisdiction within a super-peer domain: A Peer Data Management System (PDMS) is the best way to achieve wide-scale data integration over the Internet. However, a pure peer data integration architecture is hard to enact in the cloud environment because we are unable to capture the unstructured peer relationships from a large amount of peers. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 11 / 39 c

  16. Background A Super-Peer Domain (SPD) Model A super-peer specifies its legal semantic policies based on a type of law from a jurisdiction within a super-peer domain: A Peer Data Management System (PDMS) is the best way to achieve wide-scale data integration over the Internet. However, a pure peer data integration architecture is hard to enact in the cloud environment because we are unable to capture the unstructured peer relationships from a large amount of peers. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 11 / 39 c

  17. Background A Super-Peer Domain (SPD) Model A super-peer specifies its legal semantic policies based on a type of law from a jurisdiction within a super-peer domain: A Peer Data Management System (PDMS) is the best way to achieve wide-scale data integration over the Internet. However, a pure peer data integration architecture is hard to enact in the cloud environment because we are unable to capture the unstructured peer relationships from a large amount of peers. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 11 / 39 c

  18. Background Semantic Mappings from Local Schemas to Global Schema Possible semantic mappings from local schemas to global schema: Global-As-View(GAV): expressing each concept in the global schema as queries over the data sources. Local-As-View(LAV): expressing each concept in the data sources as a query (or view) over the global schema. Global-Local-As-View(GLAV): allowing flexible schema definitions independent of the particular details of the data sources. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 12 / 39 c

  19. Background Semantic Mappings from Local Schemas to Global Schema Possible semantic mappings from local schemas to global schema: Global-As-View(GAV): expressing each concept in the global schema as queries over the data sources. Local-As-View(LAV): expressing each concept in the data sources as a query (or view) over the global schema. Global-Local-As-View(GLAV): allowing flexible schema definitions independent of the particular details of the data sources. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 12 / 39 c

  20. Background Semantic Mappings from Local Schemas to Global Schema Possible semantic mappings from local schemas to global schema: Global-As-View(GAV): expressing each concept in the global schema as queries over the data sources. Local-As-View(LAV): expressing each concept in the data sources as a query (or view) over the global schema. Global-Local-As-View(GLAV): allowing flexible schema definitions independent of the particular details of the data sources. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 12 / 39 c

  21. Background Semantic Mappings from Local Schemas to Global Schema Possible semantic mappings from local schemas to global schema: Global-As-View(GAV): expressing each concept in the global schema as queries over the data sources. Local-As-View(LAV): expressing each concept in the data sources as a query (or view) over the global schema. Global-Local-As-View(GLAV): allowing flexible schema definitions independent of the particular details of the data sources. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 12 / 39 c

  22. Background Principles of Data Protection Laws Three principles of data protection laws for cloud computing: Registration principle: location of service provider registration, which enables data collection services. Nationality principle: nationality of the data owner whose data are being used. Territoriality principle: data center location where actual data processing happens. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 13 / 39 c

  23. Background Principles of Data Protection Laws Three principles of data protection laws for cloud computing: Registration principle: location of service provider registration, which enables data collection services. Nationality principle: nationality of the data owner whose data are being used. Territoriality principle: data center location where actual data processing happens. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 13 / 39 c

  24. Background Principles of Data Protection Laws Three principles of data protection laws for cloud computing: Registration principle: location of service provider registration, which enables data collection services. Nationality principle: nationality of the data owner whose data are being used. Territoriality principle: data center location where actual data processing happens. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 13 / 39 c

  25. Background Principles of Data Protection Laws Three principles of data protection laws for cloud computing: Registration principle: location of service provider registration, which enables data collection services. Nationality principle: nationality of the data owner whose data are being used. Territoriality principle: data center location where actual data processing happens. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 13 / 39 c

  26. Law-Aware Semantic Cloud Objectives of Law-Aware Semantic Cloud Applying semantic technologies in the trusted virtual cloud infrastructure to: 1 offer LaaS for Cloud Service Providers (CSPs) while integrating semantic data modeled as ontologies from multiple data sources. 2 enable query services for cloud end-users through a combination of ontologies and stratified Datalog rules with negation. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 14 / 39 c

  27. Law-Aware Semantic Cloud Objectives of Law-Aware Semantic Cloud Applying semantic technologies in the trusted virtual cloud infrastructure to: 1 offer LaaS for Cloud Service Providers (CSPs) while integrating semantic data modeled as ontologies from multiple data sources. 2 enable query services for cloud end-users through a combination of ontologies and stratified Datalog rules with negation. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 14 / 39 c

  28. Law-Aware Semantic Cloud Objectives of Law-Aware Semantic Cloud Applying semantic technologies in the trusted virtual cloud infrastructure to: 1 offer LaaS for Cloud Service Providers (CSPs) while integrating semantic data modeled as ontologies from multiple data sources. 2 enable query services for cloud end-users through a combination of ontologies and stratified Datalog rules with negation. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 14 / 39 c

  29. Semantic Super-Peer Data Cloud A Super-Peer Data Cloud System A super-peer data cloud system is a set of super-peer domains Π = { π 1 , ..., π n } , where Each super-peer domain π i corresponds to a TLD. Grouping a set of peers into a super-peer domain and organize them into a two-level architecture: peers and super-peer. The super-peer is a guardian, which integrates all of its local peers’ ontologies into a global ontology through ontology mapping, alignment, and merging. Semantic global mappings are also possible from the current Super − peer α to interlink with another Super − peer β . Semantic legal privacy policies enforcement is posed to a super-peer that provides data integration and protection services. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 15 / 39 c

  30. Semantic Super-Peer Data Cloud A Super-Peer Data Cloud System A super-peer data cloud system is a set of super-peer domains Π = { π 1 , ..., π n } , where Each super-peer domain π i corresponds to a TLD. Grouping a set of peers into a super-peer domain and organize them into a two-level architecture: peers and super-peer. The super-peer is a guardian, which integrates all of its local peers’ ontologies into a global ontology through ontology mapping, alignment, and merging. Semantic global mappings are also possible from the current Super − peer α to interlink with another Super − peer β . Semantic legal privacy policies enforcement is posed to a super-peer that provides data integration and protection services. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 15 / 39 c

  31. Semantic Super-Peer Data Cloud A Super-Peer Data Cloud System A super-peer data cloud system is a set of super-peer domains Π = { π 1 , ..., π n } , where Each super-peer domain π i corresponds to a TLD. Grouping a set of peers into a super-peer domain and organize them into a two-level architecture: peers and super-peer. The super-peer is a guardian, which integrates all of its local peers’ ontologies into a global ontology through ontology mapping, alignment, and merging. Semantic global mappings are also possible from the current Super − peer α to interlink with another Super − peer β . Semantic legal privacy policies enforcement is posed to a super-peer that provides data integration and protection services. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 15 / 39 c

  32. Semantic Super-Peer Data Cloud A Super-Peer Data Cloud System A super-peer data cloud system is a set of super-peer domains Π = { π 1 , ..., π n } , where Each super-peer domain π i corresponds to a TLD. Grouping a set of peers into a super-peer domain and organize them into a two-level architecture: peers and super-peer. The super-peer is a guardian, which integrates all of its local peers’ ontologies into a global ontology through ontology mapping, alignment, and merging. Semantic global mappings are also possible from the current Super − peer α to interlink with another Super − peer β . Semantic legal privacy policies enforcement is posed to a super-peer that provides data integration and protection services. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 15 / 39 c

  33. Semantic Super-Peer Data Cloud A Super-Peer Data Cloud System A super-peer data cloud system is a set of super-peer domains Π = { π 1 , ..., π n } , where Each super-peer domain π i corresponds to a TLD. Grouping a set of peers into a super-peer domain and organize them into a two-level architecture: peers and super-peer. The super-peer is a guardian, which integrates all of its local peers’ ontologies into a global ontology through ontology mapping, alignment, and merging. Semantic global mappings are also possible from the current Super − peer α to interlink with another Super − peer β . Semantic legal privacy policies enforcement is posed to a super-peer that provides data integration and protection services. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 15 / 39 c

  34. Semantic Super-Peer Data Cloud A Super-Peer Data Cloud System A super-peer data cloud system is a set of super-peer domains Π = { π 1 , ..., π n } , where Each super-peer domain π i corresponds to a TLD. Grouping a set of peers into a super-peer domain and organize them into a two-level architecture: peers and super-peer. The super-peer is a guardian, which integrates all of its local peers’ ontologies into a global ontology through ontology mapping, alignment, and merging. Semantic global mappings are also possible from the current Super − peer α to interlink with another Super − peer β . Semantic legal privacy policies enforcement is posed to a super-peer that provides data integration and protection services. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 15 / 39 c

  35. Semantic Super-Peer Data Cloud Semantics of a TLD Semantics of a TLD A super-peer domain π α ∈ Π, corresponding to a TLD α , can be defined as a tuple ( P α , SPD α , GS α , LS peer i , M α , DS α ): A super-peer sp α is the only node in a super-peer domain π α ∈ SPD α , which allows an agent α to enforce semantic legal policies. Through local LAV mapping assertions, a global schema GS α provides an integrated view for a set of peers from P α = { peer 1 , ..., peer n } . A set of peers from P α are mediators. A peer p i ∈ π α maps its local ontology schema, LS peer i , to a set of relational data sources, ds i , from DS α = { ds 1 , ..., ds m } . A set of local mapping assertions, M α , created from a mapping language, ML , are used to semantically link between a super-peer sp α and a set of peers. A set of local data sources, ds i , from DS α , are relational structure data that store materialized data instances. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 16 / 39 c

  36. Semantic Super-Peer Data Cloud Semantics of a TLD Semantics of a TLD A super-peer domain π α ∈ Π, corresponding to a TLD α , can be defined as a tuple ( P α , SPD α , GS α , LS peer i , M α , DS α ): A super-peer sp α is the only node in a super-peer domain π α ∈ SPD α , which allows an agent α to enforce semantic legal policies. Through local LAV mapping assertions, a global schema GS α provides an integrated view for a set of peers from P α = { peer 1 , ..., peer n } . A set of peers from P α are mediators. A peer p i ∈ π α maps its local ontology schema, LS peer i , to a set of relational data sources, ds i , from DS α = { ds 1 , ..., ds m } . A set of local mapping assertions, M α , created from a mapping language, ML , are used to semantically link between a super-peer sp α and a set of peers. A set of local data sources, ds i , from DS α , are relational structure data that store materialized data instances. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 16 / 39 c

  37. Semantic Super-Peer Data Cloud Semantics of a TLD Semantics of a TLD A super-peer domain π α ∈ Π, corresponding to a TLD α , can be defined as a tuple ( P α , SPD α , GS α , LS peer i , M α , DS α ): A super-peer sp α is the only node in a super-peer domain π α ∈ SPD α , which allows an agent α to enforce semantic legal policies. Through local LAV mapping assertions, a global schema GS α provides an integrated view for a set of peers from P α = { peer 1 , ..., peer n } . A set of peers from P α are mediators. A peer p i ∈ π α maps its local ontology schema, LS peer i , to a set of relational data sources, ds i , from DS α = { ds 1 , ..., ds m } . A set of local mapping assertions, M α , created from a mapping language, ML , are used to semantically link between a super-peer sp α and a set of peers. A set of local data sources, ds i , from DS α , are relational structure data that store materialized data instances. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 16 / 39 c

  38. Semantic Super-Peer Data Cloud Semantics of a TLD Semantics of a TLD A super-peer domain π α ∈ Π, corresponding to a TLD α , can be defined as a tuple ( P α , SPD α , GS α , LS peer i , M α , DS α ): A super-peer sp α is the only node in a super-peer domain π α ∈ SPD α , which allows an agent α to enforce semantic legal policies. Through local LAV mapping assertions, a global schema GS α provides an integrated view for a set of peers from P α = { peer 1 , ..., peer n } . A set of peers from P α are mediators. A peer p i ∈ π α maps its local ontology schema, LS peer i , to a set of relational data sources, ds i , from DS α = { ds 1 , ..., ds m } . A set of local mapping assertions, M α , created from a mapping language, ML , are used to semantically link between a super-peer sp α and a set of peers. A set of local data sources, ds i , from DS α , are relational structure data that store materialized data instances. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 16 / 39 c

  39. Semantic Super-Peer Data Cloud Semantics of a TLD Semantics of a TLD A super-peer domain π α ∈ Π, corresponding to a TLD α , can be defined as a tuple ( P α , SPD α , GS α , LS peer i , M α , DS α ): A super-peer sp α is the only node in a super-peer domain π α ∈ SPD α , which allows an agent α to enforce semantic legal policies. Through local LAV mapping assertions, a global schema GS α provides an integrated view for a set of peers from P α = { peer 1 , ..., peer n } . A set of peers from P α are mediators. A peer p i ∈ π α maps its local ontology schema, LS peer i , to a set of relational data sources, ds i , from DS α = { ds 1 , ..., ds m } . A set of local mapping assertions, M α , created from a mapping language, ML , are used to semantically link between a super-peer sp α and a set of peers. A set of local data sources, ds i , from DS α , are relational structure data that store materialized data instances. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 16 / 39 c

  40. Semantic Super-Peer Data Cloud Semantics of a TLD Semantics of a TLD A super-peer domain π α ∈ Π, corresponding to a TLD α , can be defined as a tuple ( P α , SPD α , GS α , LS peer i , M α , DS α ): A super-peer sp α is the only node in a super-peer domain π α ∈ SPD α , which allows an agent α to enforce semantic legal policies. Through local LAV mapping assertions, a global schema GS α provides an integrated view for a set of peers from P α = { peer 1 , ..., peer n } . A set of peers from P α are mediators. A peer p i ∈ π α maps its local ontology schema, LS peer i , to a set of relational data sources, ds i , from DS α = { ds 1 , ..., ds m } . A set of local mapping assertions, M α , created from a mapping language, ML , are used to semantically link between a super-peer sp α and a set of peers. A set of local data sources, ds i , from DS α , are relational structure data that store materialized data instances. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 16 / 39 c

  41. Semantic Super-Peer Data Cloud Semantics of Multiple TLDs Semantics of Multiple TLDs A super-peer domain π α for TLD α is related to another super-peer domain π β for TLD β through: A set of super-peer’s GLAV semantic mapping assertions CQ π β ( sp β ) � CQ π α ( sp α ) , where CQ π β ( sp β ) and CQ π α ( sp α ) are conjunctive queries over the super-peer sp β and super-peer sp α . A Datalog rule is a mapping assertion of GLAV: H ← − B 1 ∧ B 2 ∧ , · · · , ∧ B n , where H , query results (or views) are from the source of sp α ’s global ontology schema, and rule antecedent B i , is a pattern matching specification from target sp β ’s global ontology schema. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 17 / 39 c

  42. Semantic Super-Peer Data Cloud Semantics of Multiple TLDs Semantics of Multiple TLDs A super-peer domain π α for TLD α is related to another super-peer domain π β for TLD β through: A set of super-peer’s GLAV semantic mapping assertions CQ π β ( sp β ) � CQ π α ( sp α ) , where CQ π β ( sp β ) and CQ π α ( sp α ) are conjunctive queries over the super-peer sp β and super-peer sp α . A Datalog rule is a mapping assertion of GLAV: H ← − B 1 ∧ B 2 ∧ , · · · , ∧ B n , where H , query results (or views) are from the source of sp α ’s global ontology schema, and rule antecedent B i , is a pattern matching specification from target sp β ’s global ontology schema. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 17 / 39 c

  43. Semantic Super-Peer Data Cloud Semantics of Multiple TLDs Semantics of Multiple TLDs A super-peer domain π α for TLD α is related to another super-peer domain π β for TLD β through: A set of super-peer’s GLAV semantic mapping assertions CQ π β ( sp β ) � CQ π α ( sp α ) , where CQ π β ( sp β ) and CQ π α ( sp α ) are conjunctive queries over the super-peer sp β and super-peer sp α . A Datalog rule is a mapping assertion of GLAV: H ← − B 1 ∧ B 2 ∧ , · · · , ∧ B n , where H , query results (or views) are from the source of sp α ’s global ontology schema, and rule antecedent B i , is a pattern matching specification from target sp β ’s global ontology schema. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 17 / 39 c

  44. Semantic Legal Policies Semantic Legal Policy Representation Semantic Legal Policy Representation 1 A semantic legal policy is created from a policy language, and a semantic legal policy language is shown as a combination of ontology language and rule language. 2 A semantic legal policy is composed of ontologies and rules, where ontologies are created from an ontology language and rules are created from a rule language. 3 Currently, OWL-DL is used for policy ontology and stratified Datalog with negation, e.g., Datalog ¬ , rules are used for defeasible rules reasoning. 4 The research challenging is how to integrate two families of logics, description logic (DL) and logic program (LP), for a semantic legal policy representation and enforcement under non-monotonic semantics. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 18 / 39 c

  45. Semantic Legal Policies Semantic Legal Policy Representation Semantic Legal Policy Representation 1 A semantic legal policy is created from a policy language, and a semantic legal policy language is shown as a combination of ontology language and rule language. 2 A semantic legal policy is composed of ontologies and rules, where ontologies are created from an ontology language and rules are created from a rule language. 3 Currently, OWL-DL is used for policy ontology and stratified Datalog with negation, e.g., Datalog ¬ , rules are used for defeasible rules reasoning. 4 The research challenging is how to integrate two families of logics, description logic (DL) and logic program (LP), for a semantic legal policy representation and enforcement under non-monotonic semantics. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 18 / 39 c

  46. Semantic Legal Policies Semantic Legal Policy Representation Semantic Legal Policy Representation 1 A semantic legal policy is created from a policy language, and a semantic legal policy language is shown as a combination of ontology language and rule language. 2 A semantic legal policy is composed of ontologies and rules, where ontologies are created from an ontology language and rules are created from a rule language. 3 Currently, OWL-DL is used for policy ontology and stratified Datalog with negation, e.g., Datalog ¬ , rules are used for defeasible rules reasoning. 4 The research challenging is how to integrate two families of logics, description logic (DL) and logic program (LP), for a semantic legal policy representation and enforcement under non-monotonic semantics. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 18 / 39 c

  47. Semantic Legal Policies Semantic Legal Policy Representation Semantic Legal Policy Representation 1 A semantic legal policy is created from a policy language, and a semantic legal policy language is shown as a combination of ontology language and rule language. 2 A semantic legal policy is composed of ontologies and rules, where ontologies are created from an ontology language and rules are created from a rule language. 3 Currently, OWL-DL is used for policy ontology and stratified Datalog with negation, e.g., Datalog ¬ , rules are used for defeasible rules reasoning. 4 The research challenging is how to integrate two families of logics, description logic (DL) and logic program (LP), for a semantic legal policy representation and enforcement under non-monotonic semantics. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 18 / 39 c

  48. Semantic Legal Policies Semantic Legal Policy Representation Policy Ontology for a Super-Peer Domain Semantics of a super-peer data cloud includes two modular concepts: 1 super-peer domain 2 domain policy and data policy � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 19 / 39 c

  49. Semantic Legal Policies Semantic Legal Policy Representation Policy Ontology for a Super-Peer Domain Semantics of a super-peer data cloud includes two modular concepts: 1 super-peer domain 2 domain policy and data policy � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 19 / 39 c

  50. Semantic Legal Policies Semantic Legal Policy Enforcement Semantic Legal Policy Enforcement Balancing policy expressive power and computational complexity from integration of ontologies and rules. OWL-DL with positive unary and binary datalog rule from SWRL is not capable for a policy’s exceptions handling. How about using different species of DL-Lite, e.g. DL − Lite A , DL − Lite F , DL − Lite R integrated with extended Datalog, Datalog + − , for a semantic legal policy enforcement? Consider seriously about policy enforcement criteria in terms of computational complexity, such as undecidable vs. decidable, intractable vs. tractable, etc. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 20 / 39 c

  51. Semantic Legal Policies Semantic Legal Policy Enforcement Semantic Legal Policy Enforcement Balancing policy expressive power and computational complexity from integration of ontologies and rules. OWL-DL with positive unary and binary datalog rule from SWRL is not capable for a policy’s exceptions handling. How about using different species of DL-Lite, e.g. DL − Lite A , DL − Lite F , DL − Lite R integrated with extended Datalog, Datalog + − , for a semantic legal policy enforcement? Consider seriously about policy enforcement criteria in terms of computational complexity, such as undecidable vs. decidable, intractable vs. tractable, etc. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 20 / 39 c

  52. Semantic Legal Policies Semantic Legal Policy Enforcement Semantic Legal Policy Enforcement Balancing policy expressive power and computational complexity from integration of ontologies and rules. OWL-DL with positive unary and binary datalog rule from SWRL is not capable for a policy’s exceptions handling. How about using different species of DL-Lite, e.g. DL − Lite A , DL − Lite F , DL − Lite R integrated with extended Datalog, Datalog + − , for a semantic legal policy enforcement? Consider seriously about policy enforcement criteria in terms of computational complexity, such as undecidable vs. decidable, intractable vs. tractable, etc. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 20 / 39 c

  53. Semantic Legal Policies Semantic Legal Policy Enforcement Semantic Legal Policy Enforcement Balancing policy expressive power and computational complexity from integration of ontologies and rules. OWL-DL with positive unary and binary datalog rule from SWRL is not capable for a policy’s exceptions handling. How about using different species of DL-Lite, e.g. DL − Lite A , DL − Lite F , DL − Lite R integrated with extended Datalog, Datalog + − , for a semantic legal policy enforcement? Consider seriously about policy enforcement criteria in terms of computational complexity, such as undecidable vs. decidable, intractable vs. tractable, etc. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 20 / 39 c

  54. Semantic Legal Policies Semantic Legal Policy Enforcement Semantic Legal Policies A Domain Policy’s Ontology A partial ontology for a domain policy hasTLD . DomainPolicy ( dmp ), hasTLD − . TLD ( tld ). hasCondition . DomainPolicy ( dmp ), hasCondition − . Condition ( dmc ). hasPartOf . Condition ( dmc ), hasPartOf − . Purpose ( checkIn ), hasPartOf − . DataUser ( airlineStaff ), hasPartOf − . Action ( read ). hasPartOf − . Location ( TW ), hasPartOf − . Consent ( ⊤ ). = 1 hasSuperPeer − . Super − Peer ( sp ), ∃ hasPeers . Peer ( p ), ∀ registerAt . Peer ( p ), ∃ registerAt − . Super − Peer ( sp ). � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 21 / 39 c

  55. Semantic Legal Policies Semantic Legal Policy Enforcement Semantic Legal Policies (conti.) A Domain Policy’s Rules (conti.) Link between TLD and SPD DomainPolicy (? dmp ) ∧ hasTLD (? dmp , ? tld ) ∧ correspondTo (? tld , ? spd ) ∧ SPD (? spd ) − → domainPolicyForSPD (? dmp , ? spd ) ← − (1) Request for an SPD Request (? r ) ∧ hasCondition (? r , ? c ) ∧ Condition (? c ) ∧ DomainPolicy (? dmp ) ∧ hasCondition (? dmp , ? dmc ) ∧ Condition (? dmc ) ∧ isSubsumed (? c , ? dmc ) ∧ domainPolicyForSPD (? dmp , ? spd ) − → getInTo (? r , ? spd ) ← − (2) � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 22 / 39 c

  56. Semantic Legal Policies Semantic Legal Policy Enforcement Semantic Legal Policies (conti.) A Domain Policy’s Rules (conti.) Link between TLD and SPD DomainPolicy (? dmp ) ∧ hasTLD (? dmp , ? tld ) ∧ correspondTo (? tld , ? spd ) ∧ SPD (? spd ) − → domainPolicyForSPD (? dmp , ? spd ) ← − (1) Request for an SPD Request (? r ) ∧ hasCondition (? r , ? c ) ∧ Condition (? c ) ∧ DomainPolicy (? dmp ) ∧ hasCondition (? dmp , ? dmc ) ∧ Condition (? dmc ) ∧ isSubsumed (? c , ? dmc ) ∧ domainPolicyForSPD (? dmp , ? spd ) − → getInTo (? r , ? spd ) ← − (2) � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 22 / 39 c

  57. Semantic Legal Policies Semantic Legal Policy Enforcement Semantic Legal Policies A Data Policy’s Ontology (conti.) A partial ontology for a data policy isBelongedTo . DataPolicy ( dap ), isBelongedTo − . DomainPolicy ( dmp ). hasPII . Data ( da ), hasPII − . PII , hasPFlightInfo . PII ( pii ), hasPFlightInfo − . PersonalFlightInfo ( fInfo ). hasPartOf . PersonalFlightInfo ( finfo ), hasPartOf − . Name ( name ), hasPartOf − . PassportNo . ( pano ), hasPartOf − . Nationality ( citizenship ), hasPartOf − . FlightNo . ( fno ), hasPartOf − . Date ( date ). hasPartOf − . Address ( addr ). hasPartOf − . PhoneNo . ( pono ). � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 23 / 39 c

  58. Semantic Legal Policies Semantic Legal Policy Enforcement Semantic Legal Policies (conti.) A Data Policy’s Rules (conti.) Super-peer has its own peers SPD (? spd ) ∧ hasSuperPeer (? spd , ? sp ) ∧ Super − Peer (? sp ) ∧ hasPeers (? spd , ? p ) ∧ Peer (? p ) ∧ registerAt (? p , ? sp ) − → hasOwnPeers (? sp , ? p ) ← − (3) Super-peer is allowed to disclose PII Super − Peer (? sp ) ∧ hasOwnPeers (? sp , ? p ) ∧ Peer (? p ) ∧ canFind (? p , ? da ) ∧ Data (? da ) ∧ hasPII (? da , ? pii ) ∧ PII (? pii ) → hasDisclosedFor (? sp , ? pii ) ← − (4) − � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 24 / 39 c

  59. Semantic Legal Policies Semantic Legal Policy Enforcement Semantic Legal Policies (conti.) A Data Policy’s Rules (conti.) Super-peer has its own peers SPD (? spd ) ∧ hasSuperPeer (? spd , ? sp ) ∧ Super − Peer (? sp ) ∧ hasPeers (? spd , ? p ) ∧ Peer (? p ) ∧ registerAt (? p , ? sp ) − → hasOwnPeers (? sp , ? p ) ← − (3) Super-peer is allowed to disclose PII Super − Peer (? sp ) ∧ hasOwnPeers (? sp , ? p ) ∧ Peer (? p ) ∧ canFind (? p , ? da ) ∧ Data (? da ) ∧ hasPII (? da , ? pii ) ∧ PII (? pii ) → hasDisclosedFor (? sp , ? pii ) ← − (4) − � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 24 / 39 c

  60. Semantic Legal Policies Semantic Legal Policy Enforcement Semantic Legal Policies (conti.) A Data Policy’s Rules (conti.) A Data policy for an SPD DataPolicy (? dap ) ∧ isBelongedTo (? dap , ? dmp ) ∧ DomainPolicy (? dmp ) ∧ domainPolicyForSPD (? dmp , ? spd ) − → dataPolicyForSPD (? dap , ? spd ) ← − (5) Request can use PII Request (? r ) ∧ getInTo (? r , ? spd ) ∧ satisfy (? r , ? dap ) ∧ DataPolicy (? dpa ) ∧ dataPolicyForSPD (? dap , ? spd ) ∧ SPD (? spd ) ∧ hasSuperPeer (? spd , ? sp ) ∧ hasDisclosedFor (? sp , ? pii ) − → canUse (? r , ? pii ) ← − (6) � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 25 / 39 c

  61. Semantic Legal Policies Semantic Legal Policy Enforcement Semantic Legal Policies (conti.) A Data Policy’s Rules (conti.) A Data policy for an SPD DataPolicy (? dap ) ∧ isBelongedTo (? dap , ? dmp ) ∧ DomainPolicy (? dmp ) ∧ domainPolicyForSPD (? dmp , ? spd ) − → dataPolicyForSPD (? dap , ? spd ) ← − (5) Request can use PII Request (? r ) ∧ getInTo (? r , ? spd ) ∧ satisfy (? r , ? dap ) ∧ DataPolicy (? dpa ) ∧ dataPolicyForSPD (? dap , ? spd ) ∧ SPD (? spd ) ∧ hasSuperPeer (? spd , ? sp ) ∧ hasDisclosedFor (? sp , ? pii ) − → canUse (? r , ? pii ) ← − (6) � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 25 / 39 c

  62. Unifying Semantic Legal Policies Unifying Two Types of Policies Privacy Protection and National Security 1 We manually unify two types of semantic legal policies, translated from privacy protection law and national security law. 2 Privacy protection law α and national security law β are unified at Super − peer α ∩ β at TLD α ∩ β , where TLD α ∩ β is in the intersection of TLD α and TLD β jurisdiction 3 Database is in compliance with a data protection law α from one jurisdiction but data centers hosting database are possibly in compliance with national security law β from another jurisdiction. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 26 / 39 c

  63. Unifying Semantic Legal Policies Unifying Two Types of Policies Privacy Protection and National Security 1 We manually unify two types of semantic legal policies, translated from privacy protection law and national security law. 2 Privacy protection law α and national security law β are unified at Super − peer α ∩ β at TLD α ∩ β , where TLD α ∩ β is in the intersection of TLD α and TLD β jurisdiction 3 Database is in compliance with a data protection law α from one jurisdiction but data centers hosting database are possibly in compliance with national security law β from another jurisdiction. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 26 / 39 c

  64. Unifying Semantic Legal Policies Unifying Two Types of Policies Privacy Protection and National Security 1 We manually unify two types of semantic legal policies, translated from privacy protection law and national security law. 2 Privacy protection law α and national security law β are unified at Super − peer α ∩ β at TLD α ∩ β , where TLD α ∩ β is in the intersection of TLD α and TLD β jurisdiction 3 Database is in compliance with a data protection law α from one jurisdiction but data centers hosting database are possibly in compliance with national security law β from another jurisdiction. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 26 / 39 c

  65. Unifying Semantic Legal Policies Unifying Semantic Legal Policies at Super − peer α ∩ β � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 27 / 39 c

  66. Unifying Semantic Legal Policies Query at Intersection of TLDs Two types of queries are available: subject-based and pattern-based: 1 At Super − peer α ∩ β , only provides pattern-based queries, at Super − peer α and Super − peer β we provide both. 2 A guardian agent in Super − peer α ∩ β only grants anonymization pattern-based queries, so PII cannot be fully disclosed. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 28 / 39 c

  67. Unifying Semantic Legal Policies Query at Intersection of TLDs Two types of queries are available: subject-based and pattern-based: 1 At Super − peer α ∩ β , only provides pattern-based queries, at Super − peer α and Super − peer β we provide both. 2 A guardian agent in Super − peer α ∩ β only grants anonymization pattern-based queries, so PII cannot be fully disclosed. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 28 / 39 c

  68. Defeasible Reasoning for Policy Exceptions Stratum One Exception: A Data Owner’s Consent No data Disclosure unless a data owner’s consent Ab1 → hasPartOf . Condition ( Ab1 ) hasPartOf . Condition ( Ab1 ), hasPartOf − . Purpose ( ¬ nationalSecurity )   hasPartOf − . DataUser ( ¬ securityOfficer ) Ab 1 = hasPartOf − . Consent ( ⊤ )  � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 29 / 39 c

  69. Defeasible Reasoning for Policy Exceptions Stratum Two Exception: Without a Data Owner’s Consent Data Disclosure without a data owner’s consent Ab2 → hasPartOf . Condition ( Ab2 ) hasPartOf . Condition ( Ab2 ), hasPartOf − . Purpose ( nationalSecurity )   hasPartOf − . DataUser ( securityOfficer ) Ab 2 = hasPartOf − . Consent ( ⊥ )  � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 30 / 39 c

  70. Defeasible Reasoning for Policy Exceptions Stratum Three Exception: Citizen-ships are the Criteria Deny data disclosing if not a local citizen Ab3 → hasPartOf . Condition ( Ab3 ). hasPartOf . Condition ( Ab3 ),  hasPartOf . Condition ( Ab 2)  Ab 3 = · · · hasPartOf − . Nationality ( ¬ TW − citizenship )  � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 31 / 39 c

  71. Defeasible Reasoning for Policy Exceptions A Policy’s Exceptions Handling in SPD α ∩ β � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 32 / 39 c

  72. Defeasible Reasoning for Policy Exceptions Stratified Datalog ¬ Rule for Policy Exceptions Handling Complying with two type of laws Request (? r ) ∧ hasCondition (? r , Ab1 ) ∧ Condition ( Ab1 ) ∧ DomainPolicy (? dmp ) ∧ hasCondition (? dmp , ? dmc ) ∧ Condition (? dmc ) ∧ isSubsumed ( Ab1 , ? dmc ) ∧ domainPolicyForSPD (? dmp , ? spd ) → getInTo (? r , ? spd ) − � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 33 / 39 c

  73. Conclusion and Future Work Conclusion 1 A semantic privacy preserving model provides legalized data integration and protection services in semantic cloud. 2 Law-as-a-Service (LaaS) overcomes legal obstacles when Cloud Service Providers (CSPs) intend to deploy their cloud resources and services. 3 Semantic web technologies are applied for semantic legal policy representation to enable data integration and protection. 4 Semantic legal policies, as a combination of ontologies and stratified Datalog rules with negation, are enforced and a semantic legal policy’s exceptions are handled through defeasible reasoning. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 34 / 39 c

  74. Conclusion and Future Work Conclusion 1 A semantic privacy preserving model provides legalized data integration and protection services in semantic cloud. 2 Law-as-a-Service (LaaS) overcomes legal obstacles when Cloud Service Providers (CSPs) intend to deploy their cloud resources and services. 3 Semantic web technologies are applied for semantic legal policy representation to enable data integration and protection. 4 Semantic legal policies, as a combination of ontologies and stratified Datalog rules with negation, are enforced and a semantic legal policy’s exceptions are handled through defeasible reasoning. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 34 / 39 c

  75. Conclusion and Future Work Conclusion 1 A semantic privacy preserving model provides legalized data integration and protection services in semantic cloud. 2 Law-as-a-Service (LaaS) overcomes legal obstacles when Cloud Service Providers (CSPs) intend to deploy their cloud resources and services. 3 Semantic web technologies are applied for semantic legal policy representation to enable data integration and protection. 4 Semantic legal policies, as a combination of ontologies and stratified Datalog rules with negation, are enforced and a semantic legal policy’s exceptions are handled through defeasible reasoning. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 34 / 39 c

  76. Conclusion and Future Work Conclusion 1 A semantic privacy preserving model provides legalized data integration and protection services in semantic cloud. 2 Law-as-a-Service (LaaS) overcomes legal obstacles when Cloud Service Providers (CSPs) intend to deploy their cloud resources and services. 3 Semantic web technologies are applied for semantic legal policy representation to enable data integration and protection. 4 Semantic legal policies, as a combination of ontologies and stratified Datalog rules with negation, are enforced and a semantic legal policy’s exceptions are handled through defeasible reasoning. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 34 / 39 c

  77. Future Work Future Work Exploring defeasible reasoning of a policy’s exceptions handling from different hybrid integration of DL-Lite species’ ontologies and stratified Datalog rules with negation. Exploiting expressive power and computational complexity of semantic legal policy enforcement under different ontologies and rules integration. After direct mapping from a RDB’s tables to modular ontologies, through fragmentation and encryption techniques to ensure the data protection criteria of outsourcing in the cloud. Using tremendous amount of RDB data sets as ontology’s data sources to verify sustainability of LaaS. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 35 / 39 c

  78. Future Work Future Work Exploring defeasible reasoning of a policy’s exceptions handling from different hybrid integration of DL-Lite species’ ontologies and stratified Datalog rules with negation. Exploiting expressive power and computational complexity of semantic legal policy enforcement under different ontologies and rules integration. After direct mapping from a RDB’s tables to modular ontologies, through fragmentation and encryption techniques to ensure the data protection criteria of outsourcing in the cloud. Using tremendous amount of RDB data sets as ontology’s data sources to verify sustainability of LaaS. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 35 / 39 c

  79. Future Work Future Work Exploring defeasible reasoning of a policy’s exceptions handling from different hybrid integration of DL-Lite species’ ontologies and stratified Datalog rules with negation. Exploiting expressive power and computational complexity of semantic legal policy enforcement under different ontologies and rules integration. After direct mapping from a RDB’s tables to modular ontologies, through fragmentation and encryption techniques to ensure the data protection criteria of outsourcing in the cloud. Using tremendous amount of RDB data sets as ontology’s data sources to verify sustainability of LaaS. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 35 / 39 c

  80. Future Work Future Work Exploring defeasible reasoning of a policy’s exceptions handling from different hybrid integration of DL-Lite species’ ontologies and stratified Datalog rules with negation. Exploiting expressive power and computational complexity of semantic legal policy enforcement under different ontologies and rules integration. After direct mapping from a RDB’s tables to modular ontologies, through fragmentation and encryption techniques to ensure the data protection criteria of outsourcing in the cloud. Using tremendous amount of RDB data sets as ontology’s data sources to verify sustainability of LaaS. � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 35 / 39 c

  81. LaaS System Demo and Q&A LaaS System Demo and Q&A LaaS System Demo. and Q&A LaaS System Demo. Q&A � Y. J. Hu et al. (NCCU) WIMS’12 June-13-2012 36 / 39 c

Recommend

Oblivious Computation in Public Cloud for Privacy-aware Access Control Policies and Data Search

Oblivious Computation in Public Cloud for Privacy-aware Access Control Policies and Data Search

Oblivious Computation in Public Cloud for Privacy-aware Access Control Policies and Data Search Ph.D. Dissertation Defense Zeeshan Pervez Department of Computer Engineering Kyung Hee University, Global Campus, Korea email:

650 views • 24 slides
Efficient Semantic-Aware Detection of Near Duplicate Resources 7 th Extended Semantic Web

Efficient Semantic-Aware Detection of Near Duplicate Resources 7 th Extended Semantic Web

Efficient Semantic-Aware Detection of Near Duplicate Resources 7 th Extended Semantic Web Conference E. Ioannou, O. Papapetrou, D. Skoutas, W. Nejdl Wednesday, 2nd June 2010, Heraklion, Greece Outline 1. Motivation 2. RDFsim Approach

299 views • 26 slides
COMP 213 Advanced Object-oriented Programming Lecture 18 Exceptions Exceptions Weve seen

COMP 213 Advanced Object-oriented Programming Lecture 18 Exceptions Exceptions Weve seen

COMP 213 Advanced Object-oriented Programming Lecture 18 Exceptions Exceptions Weve seen that exceptions generally arise from input/resource failures. Semantic coding errors (bugs) can go unnoticed until some input is of the wrong form

967 views • 59 slides
Volumetric instance-aware semantic mapping and 3D object discovery Margarita Grinvald, Fadri

Volumetric instance-aware semantic mapping and 3D object discovery Margarita Grinvald, Fadri

Volumetric instance-aware semantic mapping and 3D object discovery Margarita Grinvald, Fadri Furrer, Tonci Novkovic, Jen Jen Chung, Cesar Cadena, Roland Siegwart, Juan Nieto IROS, 5 Nov 2019 Instance-aware semantic mapping solves detection

911 views • 42 slides
Exceptions Exceptions Amtoft from Hatcliff Raising Exceptions Handling Exceptions Application

Exceptions Exceptions Amtoft from Hatcliff Raising Exceptions Handling Exceptions Application

Exceptions Exceptions Amtoft from Hatcliff Raising Exceptions Handling Exceptions Application ML provides an elegant exception handling mechanism 1. built-in exceptions 2. partial functions 3. user-defined exceptions 4. exception

853 views • 9 slides
Troubleshooting Exceptions Module Overview Exceptions Managed Exceptions Unhandled Exceptions

Troubleshooting Exceptions Module Overview Exceptions Managed Exceptions Unhandled Exceptions

Troubleshooting Exceptions Module Overview Exceptions Managed Exceptions Unhandled Exceptions (UhE) Corrupted State Exceptions (CSE) Just In Time (JIT) Debugging Debugging Managed Exceptions 2 Exceptions Unexpected behavior (for example,

514 views • 38 slides
Management of Exceptions in Access Control Policies J. G. Alfaro, F. Cuppens, N. Cuppens ENST

Management of Exceptions in Access Control Policies J. G. Alfaro, F. Cuppens, N. Cuppens ENST

Management of Exceptions in Access Control Policies J. G. Alfaro, F. Cuppens, N. Cuppens ENST Bretagne, Rennes RSM/SERES Outline - 2 - Problem domain Main strategies Use of full expressiveness Conclusions and Perspectives

562 views • 28 slides
EE 457 Unit 8 Exceptions What Happens When Things Go Wrong 2 What are Exceptions?

EE 457 Unit 8 Exceptions What Happens When Things Go Wrong 2 What are Exceptions?

1 EE 457 Unit 8 Exceptions What Happens When Things Go Wrong 2 What are Exceptions? Exceptions are rare events triggered by the hardware and forcing the processor to execute a software handler HW Interrupts Error conditions

660 views • 24 slides
On the Impact of Isolation Costs on Locality-aware Cloud Scheduling Ankit Bhardwaj, Meghana G

On the Impact of Isolation Costs on Locality-aware Cloud Scheduling Ankit Bhardwaj, Meghana G

On the Impact of Isolation Costs on Locality-aware Cloud Scheduling Ankit Bhardwaj, Meghana G Gupta , Ryan Stutsman University of Utah Scalable Computer Systems Lab www.utah.systems Code Isolation-cost Aware Scheduling Cloud N Networking P

539 views • 19 slides
Budget-aware Semi-Supervised Semantic and Instance Segmentation Miriam Bellver, Amaia Salvador,

Budget-aware Semi-Supervised Semantic and Instance Segmentation Miriam Bellver, Amaia Salvador,

Budget-aware Semi-Supervised Semantic and Instance Segmentation Miriam Bellver, Amaia Salvador, Jordi Torres, Xavier Giro-i-Nieto Women In Computer Vision - CVPR 2019 Motivation Semantic segmentation Instance segmentation Pixel-level

282 views • 15 slides
Semantic security framework and context- aware role-based access control ontology for Smart

Semantic security framework and context- aware role-based access control ontology for Smart

Semantic security framework and context- aware role-based access control ontology for Smart Spaces Semantic Big Data Workshop, ACM SIGMOD 2016 Conference 2016, San Francisco, California, July 1st 2016 Shohreh Hosseinzadeh, Natalia

240 views • 19 slides
A Semantic-aware Representation Framework for Online Log Analysis Wei Weibin Men eng, Yi Ying

A Semantic-aware Representation Framework for Online Log Analysis Wei Weibin Men eng, Yi Ying

A Semantic-aware Representation Framework for Online Log Analysis Wei Weibin Men eng, Yi Ying L Liu, Yu Yuheng Hu Huang, Sh Shenglin Zh Zhang Fe Federico Za Zaiter, Bi Bingji jin Ch Chen en, Dan Pei ei 2020/8/28 1 Weibin Meng 1

413 views • 26 slides
Exceptions, MIPS-Style Reminder: MIPS CPU deals with exceptions. Interrupts are

Exceptions, MIPS-Style Reminder: MIPS CPU deals with exceptions. Interrupts are

CPSC-410/611 Operating Systems Exceptions, MIPS-Style Reminder: MIPS CPU deals with exceptions. Interrupts are just a special case of exceptions. The MIPS Architecture has no interrupt-vector table! All exceptions trigger

574 views • 7 slides
Semantic Centric Solutions for Application and Data Portability in Cloud Computing Ajith H.

Semantic Centric Solutions for Application and Data Portability in Cloud Computing Ajith H.

Semantic Centric Solutions for Application and Data Portability in Cloud Computing Ajith H. Ranabahu , Amit Sheth Kno.e.sis Center Wright State University 2 nd IEEE International Conference on Cloud Computing and Technology Indianapolis IN

575 views • 39 slides
GCN INTRODUCTION AND ITS APPLICATION IN 3D POINT CLOUD SEMANTIC SEGMENTATION Yisong Li (NVIDIA),

GCN INTRODUCTION AND ITS APPLICATION IN 3D POINT CLOUD SEMANTIC SEGMENTATION Yisong Li (NVIDIA),

GCN INTRODUCTION AND ITS APPLICATION IN 3D POINT CLOUD SEMANTIC SEGMENTATION Yisong Li (NVIDIA), Guohao Li (KAUST) Grid Data vs General Graphs CNN vs GCN ResGCN OUTLINE Experiments on 3D Cloud Point Segmentation Sequential

1.31k views • 102 slides
What are Exceptions? Exceptions are rare events triggered by the hardware and forcing the

What are Exceptions? Exceptions are rare events triggered by the hardware and forcing the

8.1 8.2 What are Exceptions? Exceptions are rare events triggered by the hardware and forcing the processor to execute a software handler EE 457 Unit 8 Exceptions Similar to conditional branches/subroutine calls What

451 views • 6 slides
Policies for Cloud Service Brokerage Chenxi Qiu Holcombe Department of Electrical and Computer

Policies for Cloud Service Brokerage Chenxi Qiu Holcombe Department of Electrical and Computer

Towards Green Cloud Computing: Demand Allocation and Pricing Policies for Cloud Service Brokerage Chenxi Qiu Holcombe Department of Electrical and Computer Engineering Outline 1.Introduction 2.Algorithm Design 3.Performance Evaluation

392 views • 20 slides
Exceptions zero, that require immediate handling when encountered by your program. The C++

Exceptions zero, that require immediate handling when encountered by your program. The C++

Exceptions Exceptions are run time anomalies, such as division by Exceptions zero, that require immediate handling when encountered by your program. The C++ language provides built in support for raising and handling exceptions. With

44 views • 3 slides
Imprecise Exceptions - Exceptions in Haskell Christopher Krau Universit at des Saarlandes

Imprecise Exceptions - Exceptions in Haskell Christopher Krau Universit at des Saarlandes

Outline Introduction Exceptions A new design Semantics Extensions Summary Imprecise Exceptions - Exceptions in Haskell Christopher Krau Universit at des Saarlandes Informatik 22nd March 2006 Outline Introduction Exceptions A new

563 views • 25 slides
Mining Time-Aware Urban Living Styles via Latent Semantic Concept Analysis with Service

Mining Time-Aware Urban Living Styles via Latent Semantic Concept Analysis with Service

Mining Time-Aware Urban Living Styles via Latent Semantic Concept Analysis with Service Recommendation Application LAM, Wai Department of Systems Engineering and Engineering Management The Chinese University of Hong Kong A proposal for

584 views • 12 slides
CS 104 Computer Organization and Design Exceptions and Interrupts CS104: Exceptions and

CS 104 Computer Organization and Design Exceptions and Interrupts CS104: Exceptions and

CS 104 Computer Organization and Design Exceptions and Interrupts CS104: Exceptions and Interrupts 1 Exceptions and Interrupts Interrupts: App App App System software Notification of external events Exceptions: Mem CPU I/O

1.03k views • 26 slides
Chapter 10 Exceptions Chapter Scope The purpose of exceptions Exception messages The

Chapter 10 Exceptions Chapter Scope The purpose of exceptions Exception messages The

Chapter 10 Exceptions Chapter Scope The purpose of exceptions Exception messages The call stack trace The try-catch statement Exception propagation The exception class hierarchy I/O exceptions (and writing text files)

508 views • 29 slides
Security Aware and Energy-Efficient Virtual Machine Consolidation in Cloud Computing Systems

Security Aware and Energy-Efficient Virtual Machine Consolidation in Cloud Computing Systems

Security Aware and Energy-Efficient Virtual Machine Consolidation in Cloud Computing Systems Farhad Ahamed, Seyed Shahrestani and Bahman Javadi School hool of of Comput omputing, ing, Engineer ngineering ing and and Mathema hematics ics

474 views • 18 slides
QoS-Aware Storage Virtualization for Cloud File Systems Christoph Kleineweber (Speaker) Alexander

QoS-Aware Storage Virtualization for Cloud File Systems Christoph Kleineweber (Speaker) Alexander

QoS-Aware Storage Virtualization for Cloud File Systems Christoph Kleineweber (Speaker) Alexander Reinefeld Thorsten Schtt Zuse Institute Berlin 1 Outline Introduction Performance Models Reservation Scheduling Evaluation

722 views • 17 slides

More recommend