Navigation

Content Hotkeys
Distributed and Self-organizing Systems
Distributed and Self-organizing Systems
Teaser

Publication Details

ProProtect3: An Approach for Protecting User Profile Data from Disclosure, Tampering, and Improper Use in the Context of WebID

Type

Journal Article

Year

2015

Authors

wild

wiedemann

heseba

tschudnowsky

gaedke

Location

Transactions on Large-Scale Data- and Knowledge-Centered Systems XIX

ISBN/ISSN

978-3-662-46561-5

Download

PDF

Abstract

WebID is a new identification approach of the W3C. It enables managing profile data associated to persons and services at self-defined places in the cloud. By relying on RDF vocabularies like FOAF for describing user profile data, WebID contributes to the Semantic Web vision. While access to user profiles can be controlled with existing security mechanisms, they are not designed to protect sensitive data within user profiles from unwanted retrieval, malicious manipulation, and improper use. This article analyzes the risks that affect the knowledge stored in WebID-based user profiles. It therefore describes potential attack scenarios and outlines the challenges a solution must deal with. To tackle the problem of insufficient protection, we propose ProProtect3. This approach enables identity owners (1) to create customized filters for sensitive data, (2) to verify the profile data integrity, and (3) to restrict the rights of delegatees. For evaluating the ProProtect3 approach, we integrate it into a WebID identity provider.

Reference Copy

Stefan Wild, Fabian Wiedemann, Sebastian Heil, Alexey Tschudnowsky, Martin Gaedke: ProProtect3: An Approach for Protecting User Profile Data from Disclosure, Tampering, and Improper Use in the Context of WebID; Pages 87-127; Transactions on Large-Scale Data- and Knowledge-Centered Systems XIX

copy text to clipboard

Research Area

Web Engineering




Powered by DGS
Edit list (authentication required)

Press Articles