In this paper we study the problem of information disclosure in ontology-based data access (OBDA). Following previous work on Controlled Query Evaluation, we introduce the framework of Policy-Protected OBDA (PPOBDA), which extends OBDA with data protection policies specified over the ontology and enforced through a censor, i.e., a function that alters answers to users' queries to avoid the disclosure of protected data. We consider PPOBDA systems in which the ontology is expressed in OWL 2 QL and the policies are denial constraints, and show that query answering under censors in such a setting can be reduced to standard query answering in OBDA (without data protection policies). The basic idea of our approach is to compile the policies of a PPOBDA system into the mapping of a standard OBDA system. To this aim, we analyze some notions of censor proposed in the literature, show that they are not suited for the above-mentioned compilation, and provide a new definition of censor that enables the effective realization of our idea. We have implemented our technique and evaluated it over the NPD benchmark for OBDA. Our results are very promising and show that controlled query evaluation in OBDA can be realized in the practice by using off-the-shelf OBDA engines.

Controlled Query Evaluation in Ontology-Based Data Access / Cima, Gianluca; Lembo, Domenico; Marconi, Lorenzo; Rosati, Riccardo; Savo, Domenico Fabio. - 12506:(2020), pp. 128-146. (Intervento presentato al convegno The 19th International Semantic Web Conference tenutosi a Virtual Conference) [10.1007/978-3-030-62419-4_8].

Controlled Query Evaluation in Ontology-Based Data Access

Gianluca Cima;Domenico Lembo
;
Lorenzo Marconi;Riccardo Rosati;Domenico Fabio Savo
2020

Abstract

In this paper we study the problem of information disclosure in ontology-based data access (OBDA). Following previous work on Controlled Query Evaluation, we introduce the framework of Policy-Protected OBDA (PPOBDA), which extends OBDA with data protection policies specified over the ontology and enforced through a censor, i.e., a function that alters answers to users' queries to avoid the disclosure of protected data. We consider PPOBDA systems in which the ontology is expressed in OWL 2 QL and the policies are denial constraints, and show that query answering under censors in such a setting can be reduced to standard query answering in OBDA (without data protection policies). The basic idea of our approach is to compile the policies of a PPOBDA system into the mapping of a standard OBDA system. To this aim, we analyze some notions of censor proposed in the literature, show that they are not suited for the above-mentioned compilation, and provide a new definition of censor that enables the effective realization of our idea. We have implemented our technique and evaluated it over the NPD benchmark for OBDA. Our results are very promising and show that controlled query evaluation in OBDA can be realized in the practice by using off-the-shelf OBDA engines.
2020
The 19th International Semantic Web Conference
Ontology-based Data Access; Information Disclosure; Data Protection; First-Order Rewritability
04 Pubblicazione in atti di convegno::04b Atto di convegno in volume
Controlled Query Evaluation in Ontology-Based Data Access / Cima, Gianluca; Lembo, Domenico; Marconi, Lorenzo; Rosati, Riccardo; Savo, Domenico Fabio. - 12506:(2020), pp. 128-146. (Intervento presentato al convegno The 19th International Semantic Web Conference tenutosi a Virtual Conference) [10.1007/978-3-030-62419-4_8].
File allegati a questo prodotto
File Dimensione Formato  
Cima_Controlled-Query_2020.pdf

solo gestori archivio

Tipologia: Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 411.2 kB
Formato Adobe PDF
411.2 kB Adobe PDF   Contatta l'autore
Cima_postprint_Controlled-Query_2020.pdf

accesso aperto

Tipologia: Documento in Post-print (versione successiva alla peer review e accettata per la pubblicazione)
Licenza: Creative commons
Dimensione 442.25 kB
Formato Adobe PDF
442.25 kB Adobe PDF

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11573/1450653
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 9
  • ???jsp.display-item.citation.isi??? 6
social impact