Over the past few weeks I have been intrigued with semantic web and the impact of it upon privacy and security. I was at CSI’s NetSec in Scottsdale, AZ last week (followed by a wonderful first visit to the Grand Canyon…and then some hardware problems…AARRRRGGGGHHHHH!!!!!…thus my lack of blog postings), and I was surprised that no one I spoke with (admittedly a small fraction of the total number of attendees) had heard of semantic web.
Semantic web has actually been in the news lately. For example,
- NSA Looking At Social-Networking Spaces – "Bajarin also mentioned that the NSA searches are also tying into a time when the Internet is evolving towards what’s known as the "semantic Web." With simple code revisions to major Web sites, the Internet’s content becomes far easier to search through and index, larger systems and search engines seeing the structure of the Internet in a more logical, easily searchable way. "While it (the "semantic Web") might help surveillance, it helps make searches more accurate," Bajarin said. "It would have to help data mining and surveillance efforts to some degree. If you want serious data mining done for lower-level access, you’d need legal access to the back end." Others have wondered about the NSA’s logic in tracking terrorist connections through social-networking sites such as MySpace.com and Facebook.com."
- Pentagon datamines social networks – "New Scientist reports that the Pentagon is datamining social networks. This is to allow the US government to draw up detailed personal profiles of individuals, according to what they post to the internet. It is also intended to work out which individuals are connected to blacklisted organisations, either directly, or through people they interact with online. Ironically, attempts by the W3C to make the web more interaccessible via different data formats – the so-called semantic web, using the Resource Description Framework (RDF) – will expedite this process. "
- Inventor of ‘Semantic Web’ hired as RPI professor – "He is recognized as one of the inventors of the "Semantic Web," which is the development of a language for the Internet that can be understood by computers. Such a system can allow far fuller use of the Web, Hendler said. "As a simple example, imagine being able to search the Web for ‘the scene where the guy throws his hat at a statue and its head falls off’ and finding the right clip from the movie Goldfinger to download to your hand-held video device," Hendler said in a statement released by Rensselaer."
Several web sites are devoted to semantic web, such as W3C and the Semantic Web Community portal.
Much has been written about semantic web in various universities. For example, just a few include:
It certainly has great potential…imagine the computing power!
However, when delving into the possibilities, there are certainly significant privacy issues to consider in the way it is used, and the impact of incorrect labelings and codings.
Consider a 1000 piece jigsaw puzzle of a blue lake and blue sky…looking at just one piece at a time would not tell someone what the completed puzzle would look like. Even looking at a few connected pieces would not tell much more of significance. However, by putting together significant portions of the puzzle, eventually leading to puzzle completion, everything about the picture becomes clearly obvious. The semantic web holds that same potential for piecing together the private lives of people; taking a piece from here and a piece from there to form the complete picture about an individual. A huge risk is when the semantic web does not interpret the pieces correctly, makes vastly inaccurate conclusions, and subsequent mistakes are made that negatively impact lives. Similar to the profiling programs used by the TSA that have resulted in a few incorrect interpretations of travellers that resulted in significant impacts to their otherwise comparatively normal lives, only on a potentially larger scale.
There is much more to say about this…more research first, however…
Technorati Tags
information security
IT compliance
corporate governance
awareness and training
semantic web
privacy