Giuseppe Ciaccio, Antonio Pastorino and Marina Ribaudo
Challenges. Even in this case, we can identify entities that might need to access data without being the owners. Consider for instance the Judiciary or the Inland Revenue Office in case of lawsuits related to tax evasion. Moreover, the release of aggregated data is desirable for statistical purposes in this use case too.
In this scenario there is also another subtle point. The same resource, for instance a receipt of payment, involves two people. For example the receipt for plumbing work carried out in an apartment involves the plumber who did the work and received the money, and the owner of the apartment who paid for the work. For the former the resource represents income, while for the latter it is an expense; there is only one resource but it has two distinct resource owners. How to deal with resources of this type is not explicitly specified by OAuth 2.0( see Section 5).
5. Work in progress
In this paper we have made a case for releasing personal data in the Open Data domain by following a smart disclosure approach, and have proposed the use of the OAuth 2.0 authorization framework to this end. If properly implemented, OAuth 2.0 guarantees access to selected personal data upon authorization by the individual data owner.
Currently we have a working implementation of the OAuth 2.0 authorization server that we have called OAuthwo. OAuthwo is a free and modular PHP implementation of OAuth 2.0 based on the current IETF draft specification. OAuthwo is free software, written in PHP as a Zend( framework. zend. com) module and available for download at GitHub( github. com / andou / oauthwo _ zend /). Details can be found in our technical report( Ciaccio 2013). OAuthwo will allow us to implement proof‐of‐concept smart disclosure systems supporting a number of interesting use cases that leverage personal data securely disclosed as Open Data.
One challenge has to do with single resources owned by multiple users. OAuth 2.0 seems at odds with such a setting. As illustrated in the medical use case, the life of an unconscious patient might depend upon the rescuing physicians being able to access that patient ' s online medical record, yet the resource owner( the patient) would be unable to provide consent. One possible solution is to allow multiple owners, and then asynchronously warn each of the owners when one of them is granting authorization for their common resources. In some cases the set of owners is static( e. g. the plumber and the householder in the receipt for plumbing work, the citizen and the Judiciary in all tax‐related data), but in other cases it is not( e. g. the unconscious patient after an accident and the physicians involved in the rescue). This whole point needs investigation.
Another challenge is related to anonymized datasets. OAuth 2.0 lacks mechanisms for defining what is an anonymized version of a resource. It is unclear when and how a resource owner could authorize access to anonymized resources, and it is also unclear whether or not the resource owner should be able to exert ownership at all over anonymized versions of their data. In any case, authorization should be given ahead of time since the aggregation of anonymized data might take place at any time in the future and even repeatedly. The aggregation procedure itself might need special primitives for bulk verification of authorization grants, since verification on an individual basis would be highly inefficient when extracting a large anonymized dataset.
References
Ciaccio, G., Pastorino, A. and Ribaudo, M.( 2013) Open Data and Personal Information: A Smart Disclosure Approach based on OAuth 2.0( extended version), tech. rep. DIBRIS‐TR‐13‐01, DIBRIS, Università di Genova, Italy.
Ciaccio, G. and Ribaudo, M.( 2012)“ Open Data for the Masses: Unleashing Personal Data into the Wild” in Proceedings of 8th International Conference on Web Information Systems and Technologies( WEBIST 2012), SciTePress. Facebook( 2012) Facebook login ‐‐ Facebook Developers, [ online ], developers. facebook. com / docs / concepts / login / Falcão‐Reis, F. and Correia, M. E.( 2010) Patient Empowerment by the Means of Citizen‐managed Electronic Health
Records, Medical and Care Compunetics 6, pp. 214‐228, IOSPress. Google Inc.( 2012) Using OAuth 2.0 to Access Google APIs, [ online ], developers. google. com / accounts / docs / OAuth2 Hammer‐Lahav, E.( 2010) Introducing OAuth 2.0, [ online ], hueniverse. com / 2010 / 05 / introducing‐oauth‐2‐0 / Hoffman, W. et al.( 2012) Rethinking Personal Data: Strengthening Trust, [ online ], World Economic Forum, www. weforum. org / reports / rethinking‐personal‐data‐strengthening‐trust Howard, A.( 2012)“ Data for the Public Good”, Strata: Making Data Work, O ' Reilly IETF( 2007) The Atom Publishing Protocol, [ online ], tools. ietf. org / html / rfc5023
142