No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
Customized Views on Profiles in WebID-Based Distributed Social Networks
Abstract
WebID as an extensible and distributed identification approach
enables users to globally authenticate themselves, connect to each
other and manage their identity data at a self-defined place. Identity data
stored in WebID profile documents can be protected from unauthorized
access using appropriate access control methods. While existing methods
are primarily about securing resources, they lack providing adequate
mechanisms for controlling access to specific data within profiles.
This paper presents our approach to create customized views on
profiles in WebID-based distributed social networks. We introduce finegrained
personalized filters based on SPARQL templates and demonstrate
their integration into an existing identity management platform.
... Solid (2020; Mansour et al., 2016) could be named as an example of a framework for developing decentralized applications. Social networks, blockchain-based identification or webID (Faísca et al., 2016;Wild et al., 2013) could be used to develop the social identity and the author's profile. ...
Although the World Wide Web (or web) is a decentralized network of interconnected documents, highly centralized ecosystem dominated by a few supranational companies has developed on top of these foundations. These companies create their own platforms and offer web-powered services that are used by people and organizations around the world. Many of these platforms or services are free of charge, but the providers often process personal and other users' data not just to improve their services but also for other commercial purposes. The users' data also represent a significant barrier to entry of new companies to the market, because collecting the users' data would require significant investments from the new entrants. At the same time, users often face difficulties when switching service providers because their data are in many cases not easily transferable between services. As a result, these supranational companies have become centers of significant power and influence. This article presents the so-called re-decentralization of the web as a complementary alternative to this present state. The goal of the re-decentralized web is to return to the original ideas of the web as an open space, where everyone can freely publish their content and decide on the use of their data. This paper offers a probe into this issue from a social and technical point of view based on an integrative literature review. In this context, some relevant phenomena such as cloud feudalism, platform capitalism or dictatorship of algorithms were highlighted and referred to. In conclusion, the paper summarizes the current situation, presents challenges for further research, and discusses the possible implications of wider adoption of the technologies based on the idea of a re-decentralized web in the near future.
... The framework uses WebID, the Semantic Pingback technology, a Pingback server, user devices (majorly mobile device), and some categorized FOAF files. WebID is a distributed identification and users connecting approach in social network, and it provides users with authentication and access contrivances [13]. Identification through WebID is done through URI, this makes the WebID protocol request one more additional HTTP connection aside the one used in making original request. ...
Social network sites have become de factor in fostering human relationships and business prospects. Several social networks abound with little interoperability functionality that enables exchange of profiles of users. Though, proprietary Application Programming Interfaces (APIs) are provided as endpoints for applications in retrieval of user profile. Moreover, semantic web Friend of a Friend (FOAF) is now been used as a medium for realizing semantic social networks to be able to share user's profile across sites. And since the goal of semantic web is to provide autonomous data centric system coupled on ontology and reasoning, we propose a novel communication protocol named iProc, and usable by autonomous agents that relies on the distributive nature of social network data in coalescing a virtually centralized social network and as well providing means to enlarge user's connectivity to other users across different sites. This paper presents the architecture for a proposed iProc. Furthermore, an implementation of the FOAF files to be used was carried out and discussed.
... For this, WebID relies on several RDF-vocabularies such as FOAF. With WebID, users are enabled to globally authenticate themselves, connect to each other, manage their profile data at a self-defined place and specify customized views [23]. Users can rely on WebID identity providers for creating new WebID identities and managing their WebID profile data [24]. ...
Finding suitable workers for specific functions largely relies on human assessment. In web-scale environments this assessment exceeds human capability. Thus we introduced the CRAWL approach for Adaptive Case Management (ACM) in previous work. For finding experts in distributed social networks, CRAWL leverages various Web technologies. It supports knowledge workers in handling collaborative, emergent and unpredictable types of work. To recommend eligible workers, CRAWL utilizes Linked Open Data, enriched WebID-based user profiles and information gathered from ACM case descriptions. By matching case requirements against profiles, it retrieves a ranked list of contributors. Yet it only takes statements people made about themselves into account. We propose the CRAWL•E approach to exploit the knowledge of people about people available within social networks. We demonstrate the recommendation process by prototypical implementation using a WebID-based distributed social network.
... A distributed system implementing CRAWL might provide user interfaces similar to Figures 2 and 3. In 2, Casey adds skills to her profile using WebID identity provider and management platform Sociddea [10]. In 3 the VSRCM 1 case management system provides her with a list of recommended candidates with their skills and contact information. ...
An increasing share of today's work is knowledge work. Adaptive Case Management (ACM) assists knowledge workers in handling this collaborative, emergent and unpredictable type of work. Finding suitable workers for specific functions still relies on manual assessment and assignment by persons in charge, which does not scale well. In this paper we discuss a tool for ACM to facilitate this expert finding leveraging existing Web technology. We propose a method to automatically recommend a set of eligible workers utilizing linked data, enriched user profile data from distributed social networks and information gathered from case descriptions. This semantic recommendation method detects similarities between case requirements and worker profiles. The algorithm traverses distributed social graphs to retrieve a ranked list of suitable contributors to a case according to adaptable metrics. For this purpose, we introduce a vocabulary to specify case requirements and a vocabulary to describe skill sets and personal attributes of workers. The semantic recommendation method is demonstrated by a prototypical implementation using a WebID-based distributed social network.
Empowering people to express themselves in global communities, social networks became almost indispensable for exchanging usergenerated content. User profiles are essential elements of social networks. They represent their members, but also disclose personal data to companies. W3C’s WebID offers an alternative to centralized social networks that aims at providing control about personal data. WebID relies on trusting the systems that host user profiles. There is a risk that attackers exploit this trust by tampering user profile data or stealing identities. In this paper, we therefore propose the IronClad approach. It improves trustworthiness by introducing tamper-evident WebID profiles. IronClad takes protective measures to publicly discover malicious manipulation of profile data. We exemplarily implement IronClad in an existing WebID identity management platform known from previous work.
WebID is a new identification approach of the W3C. It enables managing profile data associated to persons and services at self-defined places in the cloud. By relying on RDF vocabularies like FOAF for describing user profile data, WebID contributes to the Semantic Web vision. While access to user profiles can be controlled with existing security mechanisms, they are not designed to protect sensitive data within user profiles from unwanted retrieval, malicious manipulation, and improper use. This article analyzes the risks that affect the knowledge stored in WebID-based user profiles. It therefore describes potential attack scenarios and outlines the challenges a solution must deal with. To tackle the problem of insufficient protection, we propose ProProtect3. This approach enables identity owners (1) to create customized filters for sensitive data, (2) to verify the profile data integrity, and (3) to restrict the rights of delegatees. For evaluating the ProProtect3 approach, we integrate it into a WebID identity provider.
WebID is a new development of the W3C. As a universal identification mechanism, WebID enables users to authenticate through client certificates instead of username/password pairs. For creating such WebID certificates, there are different ways available. Each is characterized by several aspects that become important depending on a user's individual conditions and trust needs. Users must carefully consider these aspects on their own to find the most appropriate way for them. There is a risk that inexperienced users make wrong considerations, which affect their security and privacy. In this work, we propose an approach towards a context-aware WebID certificate creation taking individual conditions and trust needs into account. As a proof of concept, we apply the SWAC framework that facilitates JavaScript-based generation of WebID certificates on both client and server. We evaluate our approach and available methods including HTML5 keygen and native implementations using different devices and Web browsers.
Social networking forms an important part of online activities of Web users. Web sites such as Facebook, MySpace and Orkut have millions of users using them everyday. However, these sites present two problems. Firstly, these sites form information silos. Information on one site is not usable in the others. Secondly such sites do not allow users much control over how their personal information is disseminated, which results in potential privacy problems.
The WebID protocol enables the global identification and authentication of agents in a distributed manner by combining asym-metric cryptography and Linked Data. In order to decide whether access should be granted or denied to a particular WebID, the authenticating web server may need to retrieve other profiles and linked resources to work out if the requesting agent is member of an authorized group (e.g. friends of the resource owner's friends). If it were required for such resources to be publicly available, this would be a major privacy limitation on a linked Social Network. In this paper we explore different ways in which an agent can act on behalf of a user and we propose an extension to the WebID protocol which allows for delegation of access authorization. This extends the range of application scenarios where WebID authenti-cation can be efficiently deployed while increasing privacy.
Online social networking has become one of the most popular services on the Web. However, current social networks are like walled gardens in which users do not have full control over their data, are bound to specific usage terms of the social network operator and suffer from a lock-in effect due to the lack of interoperability and standards compliance between social networks. In this paper we propose an architecture for an open, distributed social network, which is built solely on Semantic Web standards and emerging best practices. Our architecture combines vocabularies and protocols such as WebID, FOAF, Semantic Pingback and PubSubHubbub into a coherent distributed semantic social network, which is capable to provide all crucial functionalities known from centralized social networks. We present our reference implementation, which utilizes the OntoWiki application framework and take this framework as the basis for an extensive evaluation. Our results show that a distributed social network is feasible, while it also avoids the limitations of centralized solutions.
Federated Identity systems promise to solve the increasingly vexing problem of password overload. However, existing systems, such as OpenID and CardSpace have failed to gain the expected levels of adoption, due in part to usability and security issues, while proprietary systems such as Facebook Connect raise serious privacy concerns over their usage of the data collected. In this paper, we examine two new contenders—BrowserID from Mozilla and WebID from the WebID Community Group—and find that, while both offer significant improvements, we were still able to identify a number of important security, privacy, and usability issues that need to be addressed before beginning to widely deploy these new platforms.
This paper defines an approach to managing digital identity requiring special-purpose technology on the browser client. We propose a mechanism using standards, such as HTTP(S) extended with WebID Protocol and Semantic Web ontologies and vocabularies. We present a scalable method that allows user authentication and authorization to work across multiple web-sites, enterprises, devices, and browsers in a uniform and easy-to-use manner.