In this paper we study the problem of information disclosure in ontology-based data access (OBDA). Following previous work on Controlled Query Evaluation, we introduce the framework of Policy-Protected OBDA (PPOBDA), which extends OBDA with data protection policies specified over the ontology and enforced through a censor, i.e., a function that alters answers to users' queries to avoid the disclosure of protected data. We consider PPOBDA systems in which the ontology is expressed in OWL 2 QL and the policies are denial constraints, and show that query answering under censors in such a setting can be reduced to standard query answering in OBDA (without data protection policies). The basic idea of our approach is to compile the policies of a PPOBDA system into the mapping of a standard OBDA system. To this aim, we analyze some notions of censor proposed in the literature, show that they are not suited for the above-mentioned compilation, and provide a new definition of censor that enables the effective realization of our idea. We have implemented our technique and evaluated it over the NPD benchmark for OBDA. Our results are very promising and show that controlled query evaluation in OBDA can be realized in the practice by using off-the-shelf OBDA engines.
2020, The Semantic Web - ISWC 2020 - 19th International Semantic Web Conference, Pages 128-146 (volume: 12506)
Controlled Query Evaluation in Ontology-Based Data Access (04b Atto di convegno in volume)
Cima Gianluca, Lembo Domenico, Marconi Lorenzo, Rosati Riccardo, Fabio Savo Domenico
Gruppo di ricerca: Artificial Intelligence and Knowledge Representation, Gruppo di ricerca: Data Management and Semantic Technologies