Mixing Description Logics in Privacy-Preserving Ontology Publishing

“…It is currently not clear whether and how our results can be extended from singleton policies to general ones consisting of a finite set of EL concepts. The papers [2,6] investigate both compliance and safety for such general policies, but they restrict the data to EL instance stores. The work in [4] considers general quantified ABoxes and policies, but presents results for compliance only.…”

“…First, instead of making the data public, one can provide only restricted access through queries, whose answers are monitored by a "censor", which may decide not to give an answer or even lie if needed to satisfy the constraints [7][8][9]. Second, one can publish the data in an appropriately anonymized form, while keeping as much information about individuals as is allowed by the policy available [2,4,6,10,13,14].…”

“…The works in this area differ from each other in several aspects. The papers [2,4,6] and this one allow for arbitrary modifications of the original data set, as long as the new data is logically implied by the original one. In contrast, the work from [10,13,14] restricts modifications to the application of certain anonymization operations.…”

“…While in the work described in [10,13,14] RDF graphs are used to represent the data and conjunctive queries to describe the policy, the papers [2,4,6] consider the setting where DL ABoxes represent the data and concepts of the DL EL describe the policy. More precisely, a restricted form of ABoxes, called instance store, is considered in [2,6], whereas in [4] and in the present paper so-called quantified ABoxes are employed. Basically, quantified ABoxes extend traditional DL ABoxes by allowing for anonymized individuals, which from a logical point of view are represented as existentially quantified variables.…”

“…Here, we employ the same formal setup as [4] but addresses safety. The only work where the formalisms for representing the attacker's knowledge and formalizing the data differ is [6].…”

Safety of quantified ABoxes w.r.t. singleton ε L policies

“…It is currently not clear whether and how our results can be extended from singleton policies to general ones consisting of a finite set of EL concepts. The papers [2,6] investigate both compliance and safety for such general policies, but they restrict the data to EL instance stores. The work in [4] considers general quantified ABoxes and policies, but presents results for compliance only.…”

“…First, instead of making the data public, one can provide only restricted access through queries, whose answers are monitored by a "censor", which may decide not to give an answer or even lie if needed to satisfy the constraints [7][8][9]. Second, one can publish the data in an appropriately anonymized form, while keeping as much information about individuals as is allowed by the policy available [2,4,6,10,13,14].…”

“…The works in this area differ from each other in several aspects. The papers [2,4,6] and this one allow for arbitrary modifications of the original data set, as long as the new data is logically implied by the original one. In contrast, the work from [10,13,14] restricts modifications to the application of certain anonymization operations.…”

“…While in the work described in [10,13,14] RDF graphs are used to represent the data and conjunctive queries to describe the policy, the papers [2,4,6] consider the setting where DL ABoxes represent the data and concepts of the DL EL describe the policy. More precisely, a restricted form of ABoxes, called instance store, is considered in [2,6], whereas in [4] and in the present paper so-called quantified ABoxes are employed. Basically, quantified ABoxes extend traditional DL ABoxes by allowing for anonymized individuals, which from a logical point of view are represented as existentially quantified variables.…”

“…Here, we employ the same formal setup as [4] but addresses safety. The only work where the formalisms for representing the attacker's knowledge and formalizing the data differ is [6].…”

Safety of quantified ABoxes w.r.t. singleton ε L policies