ISSN (Online): 2349-7084

GLOBAL IMPACT FACTOR 0.238

ISRA JIF 0.351
INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING IN RESEARCH TRENDS
VOLUME 1, ISSUE 6, DECEMBER 2014, PP 453-460

Robust Model-Based Data Management

1
B.ASWINI, 2 B.RANJITH
1
M.Tech Research Scholar, Priyadarshini Institute of Technology and Science for Women
2
HOD-CSE, Priyadarshini Institute of Technology and Science for Women

Abstract:-Making new connections according to personal preferences is a crucial service in mobile social networking,
where the initiating user can find matching users within physical proximity of him/her. In existing systems for such services,
usually all the users directly publish their complete profiles for others to search. However, in many applications, the users
personal profiles may contain sensitive information that they do not want to make public. In this paper, we propose Find U, the
first privacy-preserving personal profile matching schemes for mobile social networks. In Find U, an initiating user can find
from a group of users the one whose profile best matches with his/her; to limit the risk of privacy exposure, only necessary and
minimal information about the private attributes of the participating users is exchanged. Matching user profiles using their
physical proximity via mobile social networking is a critical thing. We propose Find U, the concept used to limit the privacy
levels and also to find the best matching profiles. To realize the user privacy levels here we are using secure multiparty
computation (SMC) techniques. We also propose protocols such as PSI, PCSI to prove their security proofs. We evaluate the
efficiency of the protocols by adopting the total run time and energy consumption.

Index Terms- Private profile matching, Shamir secret sharing algorithm, Secure multi-party computation, set inflation
attack, Honest but curious model, Blind and permute model.

I.INTRODUCTION
With the proliferation of mobile devices, mobile social and medications in their personal profiles in order to
networks (MSNs) are becoming an inseparable part of find similar patients, for physical or mental support. In
our lives. Leveraging networked portable devices such this scenario, an initiating user (initiator) may want to
as smart phones and PDAs as platforms, MSN not only find out the patient having the maximum number of
enables people to use their existing online social identical symptoms to her, while being
networks (OSNs) at anywhere and anytime, but also
introduces a myriad of mobility-oriented applications,
such as location-based services and augmented reality.
Among them, an important service is to make new
social connections/friends within physical proximity
based on the matching of personal profiles. For
example, Magnet U [1] is a MSN application that
matches one with nearby people for dating or friend-
making based on common interests. In such an
application, a user only needs to input some (query)
attributes in her profile, and the system would
automatically find the persons around with similar
profiles. The scopes of these applications are very Fig. 1. Private profile matching in mobile social
broad, since people can input anything as they want, networks
such as hobbies, phone contacts and places they have
Reluctant to disclose her sensitive illness information to
been to. The latter can even be used to find lost
the rest of the users, and the same for the users being
connections *2+ and familiar strangers *3+. However,
matched with. If users private profiles are directly
such systems also raise a number of privacy concerns.
exchanged with each other, it will facilitate user
Let us first examine a motivating scenario. In a
profiling where that information can be easily collected
hospital, patients may include their illness symptoms

IJCERT2014 453
www.ijcert.org
 ISSN (Online): 2349-7084
GLOBAL IMPACT FACTOR 0.238
ISRA JIF 0.351
INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING IN RESEARCH TRENDS
VOLUME 1, ISSUE 6, DECEMBER 2014, PP 453-460

by a nearby user, either in an active or passive way; improve the computation and communication
and those user information may be exploited in efficiency. Also, userscan choose personalized privacy
unauthorized ways. For example, a salesman from a levels when running the samematching instance.
pharmacy may submit malicious matching queries to (3) We provide thorough security analysis and
obtain statistics on patients medications for marketing performance evaluation for our schemes. Our schemes
purposes. To cope with User profiling in MSNs, it is achieve several security properties not achieved by
essential to disclose minimal and necessary personal previous works, i.e., theyare not only secure under the
information to as few users as possible. In fact, the honest-but-curious (HBC) model but can also prevent
ideal situation is to let the initiator and its best several key malicious attacks. Meanwhile,they are
matching user directly and privately find out and shown to be more efficient under the settings of MSN.
connect to each other, without knowing anything about
other users profile attributes, while the rest of the II.RELATED WORK
users should also learn nothing about the two userss
matching attributes. The scenario is illustrated in Fig. 1, Privacy preserving profile matching protocols, without
where the party P1 is the initiator and the others are relying on neither a client-server relationship nor any
called candidates. P1s best matching user is P3, who central server. We propose novel methods to reduce
shares the maximum number of symptoms with her. energy consumption and protocol run time, while
Since directly publishing all the profile attributes is achieving reasonable security levels. Specifically, we
undesirable, it is challenging to find out the matching exploit the homomorphic properties of Shamir secret
users privately. One may think of simply turning off sharing to compute the intersection between user
the cell phone or input very few attributes, but these profiles privately, and due to the smaller
would interfere with the system usability. Recently, computational domain of secret sharing, our protocols
Yang et. al. proposed E Small Talker [4], a practical achieve higher performance and lower energy
system for matching peoples interests before initiating consumption for practical parameter settings of an
a small-talk. However, E-Small Talker reveals the exact MSN. Such a framework is also applicable to many
common attributes between the initiator and every scenarios beyond the motivating problems in this
other user, which could be more than necessary. paper, for example, in patient matching in online
Another difficulty of private matching under a MSN healthcare social networks.
setting is the lack of a centralized authority. Lu et. al.
[5] proposed a symptom matching scheme for mobile Algorithm:
health social networks, assuming the existence of a
semi-online central authority. In this section, we first outline the idea of Find U, and
then present two core designs for the PSI and PCSI
In this paper, we overcome the above challenges and protocols. Finally we address practical issues including
makethe following main contributions. user discovery.
(1) We formulate the privacy preservation problem of
profile matching in MSN. Three increasing levels of A. Overview
privacy are defined, where the information learnt by
the initiator and each candidate includes: the We present two protocols that aim at realizing one
intersection set between their profile attributes, the size level of privacy requirement each. We start with the
of their intersection set, and the rank of their basic scheme realizing PSI under PL-1, which is based
intersection set size, respectively. on secure polynomialevaluation using secret sharing.
(2) We propose two fully distributed privacy- At a high level, for P1 andeach Pi (2 i N), their
preserving profile matching protocols. The basic ideas inputs are shared among a subsetPi of 2t + 1 parties
come from private set-intersection (PSI) techniques. (the computing set) using (t, 2t + 1)-SS, based on which
However, solutions based on existing PSI schemes are they cooperatively compute shares of the function
less efficient. We leverage secure multi-party Fi(xj) = Rij fi(xj) + xj for each 1 j n, where fi(y) is the
computation (SMC) based on polynomial secret polynomial representing Pis set, and Rijis a random
sharing, and propose several key enhancements to

IJCERT2014 454
www.ijcert.org
 ISSN (Online): 2349-7084
GLOBAL IMPACT FACTOR 0.238
ISRA JIF 0.351
INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING IN RESEARCH TRENDS
VOLUME 1, ISSUE 6, DECEMBER 2014, PP 453-460

number jointly generated by P1 and Pi but notknown aim 1 sothat Pi cannot give an all-zero polynomial.
to any party. We have xj I1,i iff. Fi(xj) = xj . The function to be computed is: Fi(xj) = Rij fi(xj) + xj
for each 1 j n,where Rij = rijrij , rij and rij are
The values of ,Fi(xj)}1jn remain in secret-shared random numbers generatedby P1 and Pi, respectively.
formsbetween P1 and Pi before their shares are In this way, if Fi(xj) Si, xjI1,i with high probability,
revealed to each other. To reduce the communication and if Fi(xj) /S1 then xj /I1,i.The basic scheme consists
complexity, we proposean enhancement that of three phases, describes one run between two parties
aggregates multiple multiplication and addition - P1 and Pi. Thewhole protocol between P1 and P2, ...,
operations into one round during the secure PN consists of N 1 instances of the two-party
polynomial evaluation computation. For PL-2, the protocol, which can be parallelized/aggregated to save
advanced scheme achieves efficient PCSI. The main time (details are shown in [1]). In the data share
idea is that, the parties in Pi first compute the (t, 2t+1) distribution phase, P1 shares the 1 to m powersof each
shares of the function Fi(xj) = Rij fi(xj), 1 j of its set elements, while Pi shares its private inputs
nsecurely using the basic scheme, whereas xj I1,i iff. among Pis computing set. In addition, P1 and Pi also
Rij fi(xj) = 0. In order to blind from P1 the sharetheir n random numbers, respectively.In the
correspondencebetween its inputs {xj} (j {1, , n}) computation phase, the parties in Pi participatein
and the outputs Fi(xj ) (j {1, , n}), we employ a secure computation of the shares of {Fi(xj)}1jn. In
blind-and-permute(BP) method. To reduce the number particular, to evaluate fi(xj), a straightforward way is to
of invocations of the BPprotocol, we use share compute m 1 multiplications of aikxkj , 1 k m 1
conversion to convert the (t, t + 1)-shares of ,Fi(xj)}1jn by invoking the SS-multiplication protocol m1 times.
(held by parties in the reconstructionset P However, this will introduce too much communication
i) into (1, 2)-shares shared between P1 and Pi, so cost.Therefore, we propose to aggregate those
thatonly one BP invocation is needed between P1 and multiplicationsinto one round. That is, each party Pl
each Pi.B. The Basic SchemeWe first gives two Pi first locallycompute a product-sum of shares zijl
definitions that capture the idea to involvethe =m1k=1 *aik+l*xkj+l based on m 1 pairs of local
minimum number of parties during computation. shares ,*aik+l, *xkj+l}1km1.

Definition 3 (Computing set of Pi): A set of 2t+1 Then, after computing zijl, each party Pl Pi proceeds
partiesPi P, who help P1 and Pi to compute the shares inthe same way as in SS-Mul. Specifically, each Pl
of Fi(xj),1 j n. Pi includes P1 and Pi, and the rest 2t1 shares the value zijl to others by choosing a t-degree
parties are chosen as Pi+1, Pi+2, with indices random polynomialhl(x), and then locally computes
wrapping around. the same linear combination (2t+1k=1 khk(l)) of the
received secondary shares to get itsown share of the
Definition 4 (Reconstruction set of Pi): A set of t+1 product-sum - *m1k=1 aikxkj+l. We denote this
parties Pi Pi, who will contribute the shares of Fi(xj),1 variant of SS-Mul as SS-Mul-Add, whose correctness
j n to P1 and Pi for reconstruction, Pi also follows from the homomorphic properties of SS-Add
includesP1 and Pi, and the rest t 1 parties are chosen and SSMul. Since Fi(xj) = rijrij(ai0 +m1k=1 aikxkj+
in the sameway as in the computing set. xmj) + xj , Pls share of Fi(xj) can then be easily
As input, each party has a set of attributes: P1 hasS1 = computed by invoking two more SS-Mul.In the
{x1, x2, ..., xn} and Pi has Si = {yi1, yi2, ..., reconstruction phase, at least t + 1 shares of Fi(xj) are
yim},respectively, where each element is an encoded needed to reconstruct Fi(xj). To this end, the parties
attribute inFp. For example, a hash algorithm can be reveal their shares to P1 and Pi, who can obtain Fi(xj)
used for encoding. by polynomial interpolation. P1 and Pi can test if Fi(xj)
Rather than publishing the sets as they are, each Pi = xj , 1 j n and Fi(xj) = yj , 1 j m respectively, to
firstgenerates an m-degree polynomial based on Si as determine their intersection set.
follows:
III.PROBLEM DEFINITION
fi(y) = (y yi1) (y yi2) (y yim) = mk = 0aikyk,
(1)where {aik} 0km 1 are coefficients. We require A.System Model

IJCERT2014 455
www.ijcert.org
 ISSN (Online): 2349-7084
GLOBAL IMPACT FACTOR 0.238
ISRA JIF 0.351
INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING IN RESEARCH TRENDS
VOLUME 1, ISSUE 6, DECEMBER 2014, PP 453-460

Our system consists of N users (or parties) denoted as will mutually learn the intersection set between them
P1...PN, each possessing a portable device. We denote to make connections. Thus we focus on minimizing the
theinitiating party (initiator) as P1. P1 launches the amount of private information revealed in one protocol
matching process and its goal is to find one party that run. The parties could try to learn more information
best matches with it, from the rest of the parties P2... than allowed, by either inferring from the results but
PN which are called candidates. Each party Pis profile honestly following the protocol, or actively deviating
consists of a set of attributes Si, which can be strings up from it. The former corresponds to the honest-but-
to a certain length. P1 defines a matching query to be a curious (HBC) model, while the latter corresponds to
subset of S1, and in the following we use S1 to denote the malicious model [7]. In this paper, the proposed
the query unless specified. Also, we denote n = |S 1| protocols are proven secure under the HBC model;
and m = |S i|, i> 1, assuming each candidate has the although not proven secure under the malicious model,
same set size for simplicity. we analyze a number of active attacks and show how
they are secure against them.The adversary may act
There could be various definitions of match. In this alone (be any single party) or several parties may
paper, to keep it simple, we consider |S1 Si| > 0 as collude. We assume that the size of a coalition is
match (same with [4]). The best match, Pi is defined as smaller than a threshold t, where t is a parameter. And
the party having the maximum intersection set size we shall also assume N 2t + 1 for our proposed
with P1. P1 will first find out Pi via our protocols, and schemes.
then they decide whether to connect with each other
based on their actual intersection set. For the network, B.Design Goals
we assume devices communicate through wireless 1. Security Goals
interfaces such as Bluetooth or WIFI. For simplicity, we Our main security goal is to thwart user profiling
assume every participating device is in the attack. Since the users may have differentprivacy
communication range of each other. In addition, we requirements and it takes different amount of efforts in
assume that a secure communication channel has been protocol run to achieve them, we hereby define three
established between each pair of users, which can be levels of privacy where a higher level leaks less
done easily if each device has public/private key pair. information to the adversaries. Note that, by default, all
Otherwise, we can use the group device pairing of the following include letting P1 and the best match
technique [6] to establish pair wise session keys. We do Pilearn the intersection set between them at the end of
not assume the existence of a trusted third party during a protocol run.
the protocol run; all parties carry out profile matching
in a completely distributed way. They may cooperate Definition 1 (Privacy Level 1 (PL-1))
with eachother, i.e., when P1 runs the protocol with When the protocol ends, P1 and each candidate Pi, 2
each Pi, a subset ofthe rest of parties would help them i N mutually learn the intersection set between them:
to compute their results. I1,i = S1Si. An adversary A (whose behavior is defined
in Sec. II-B) should learn nothing beyond what can be
A. Adversary Model derived from the above outputs and its private inputs.
An outsider can eaves drop the communication If we assume the adversary has unbounded
channel or modify, replay and inject messages; computingpower, PL-1 actually corresponds to
however it is not our main focus to prevent against unconditional security for all the parties under the
active attacks from outsiders. From now on, we will HBC model. Obviously, in PL-1, P1 can obtain all
deal with insiders who are participators of the candidates intersection sets just in one protocol run.
matching protocol. An insiders goal is to conduct Thus it reveals too much user information to the
userprofiling, i.e., obtain as much personal profile attacker if he assumes the role of P1. Therefore we
information of other nearby users as possible. With a define privacy level 2 in the following.
users attributes, a bad guy could correlate and identify
that user via its MAC addresses or public keys. Definition 2 (Privacy Level 2 (PL-2))
However, we cannot absolutely prevent user profiling,
because at least the initiator and its best matching user

IJCERT2014 456
www.ijcert.org
 ISSN (Online): 2349-7084
GLOBAL IMPACT FACTOR 0.238
ISRA JIF 0.351
INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING IN RESEARCH TRENDS
VOLUME 1, ISSUE 6, DECEMBER 2014, PP 453-460

When the protocol ends, P1 and each candidate Pi, 2 intersection (PSI) and private cardinality of set
i N mutually learn the size of their intersection set: intersection (PCSI) [7], and they are mostly tackled
m1,i = |S1 Si|. In addition, the best match Pi is under the framework of Secure Multi-party
allowed to know the m1, i values with other Pis. The Computation (SMC). The general SMC techniques [8]
adversary A should learn nothing beyond what can be are often far from efficient. Researchers have proposed
derived from the above outputs and its private inputs. various customized solutions for those problems, but
In PL-2, except when m1,i = |S1| or |Si|, P1 and each when applied to the ones defined here, they lead to
Pi both will not learn exactly which attributes are in high energy consumption and long protocol run time.
I1,i. The additional information for Pi is intended for In this paper, we explore novel methods with higher
it to learn whether itself is the best match under active efficiency, while achieving reasonable security (resist a
attacks. In PL-2, the adversary needs to run the threshold number of colluders).
protocol multiple times to obtain the same amount of
information with what he can obtain under PL-1 when E. Relations to Existing Problems
he assumes the role of P1. However, PL-2 still allows A In PL-1, each sub-protocol (between P1 and Pi) relates
to guess which attributes are in the matching setwith to the two-party PSI problem [7], [9], [10], while the PL-
non-negligible probability, especially when the 2 relates to two-party PCSI [7], [9], [11]. PL-3 is most
attribute sets are small. related to the privacy-preserving nearest neighbor
search problem [12], [13]. Unlike most existing
Definition 3 (Privacy Level 3 (PL-3)) problems in PSI and PCSI, we require the output of the
sub-protocol between P1 and each Pi be secret-shared
When the protocol ends, P1 and each Pi should only between them, so that the result can be revealed to both
learn the ranks of each value m1,i, 2 i N. A should party at once to prevent cheating. This turns out to be
learn nothing more than what can be derived from the an essential idea to minimize user profiling under
outputs and its private inputs. In PL-3, we can require malicious behavior. In addition, we define our security
that P1 only contacts the best matchPi , such that it under the threshold cryptography model, which allows
only obtains the intersection set I1,i with the best us to explore more Efficient solutions. Finally, our
match. If there is a tie, then the party with lowest ID is problems are defined under the distributed setting,
chosen as the best match. In this way, A will need at where there is no Client-server relationshipnor any
least N1 protocol runs to learn all other users exact central party. Such framework is applicable to many
profile attributes, and thus As profiling capability is scenarios beyond the motivating problems in this
much limited. paper.
2. Usability and Efficiency
For profile matching in MSN, it is desirable to involve A.Overview
as few human interactions as possible. In this paper, We present two protocols that aim at realizing one
human user only needs to explicitly participate in the level of privacy requirement each. We start with the
end of the protocol run, e.g., decide whether to connect basic schemerealizing PL-1. We base our idea on the
when he/she becomes the best match. In addition, the FNP scheme [7], but use secret sharing to compute
system design should be lightweight and practical, i.e., polynomial evaluation securely. At a high level, for P1
being efficientEnough in computation and and each Pi (2 i N), their inputs are shared among a
communication to be used in MSN. Finally, the users subset Pi of 2t + 1 parties (the computing set) using (t,
(especially the candidates) shall have the option to 2t + 1)-SS, based on which they cooperatively compute
flexibly personalize their privacy levels. shares of the function Fi(xj) = Ri j fi(xj) + xjfor each 1 j
n, where fi(y) is the polynomial representing Pis set,
A. Challenges and Rij is a random number jointly generated by P1
It is very challenging to achieve all the design goals and Pi but not known to any party. We have xj I1,Iiff.
simultaneously, especially if we desire high level of Fi(xj) = xj. The values of ,Fi(xj)}1jn remain in secret
securityBut are unwilling to pay the high costs of shared forms between P1 and Pi before their shares are
computation and communication. Similar problems to revealed to each other, to provide verifiability. To
ours can be found in the literature, namely private set reduce the communication complexity, we propose an

IJCERT2014 457
www.ijcert.org
 ISSN (Online): 2349-7084
GLOBAL IMPACT FACTOR 0.238
ISRA JIF 0.351
INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING IN RESEARCH TRENDS
VOLUME 1, ISSUE 6, DECEMBER 2014, PP 453-460

enhancement to the secure polynomial evaluation performing the required computation. A proposal
computation. sounds overtly hyperbolic without a thorough layout
of the architecture to aptly implement it. Thus, here we
For PL-2, the advanced scheme achieves efficient PCSI. also present a meticulously worked-out architecture to
The main idea is that, the parties in Pi first compute the realize the protocols and also to showcase and answer
(t,2t+1)- shares of the function Fi(xj) = Ri j fi(xj), 1 j the pertinent queries that are bound to arise in the
n securely using the basic scheme, whereas xj I1,i iff. minds of the audience. The modus-operandi of the
Ri j fi(xj) = 0. In order to blind from P1 the protocol deters the bodies involved to exhibit any
correspondence between its inputs {xj} ( j {1, , n}) malicious conduct by presenting thoroughly planned
and the outputs Fi(xj_) (j_ {1, , n}), we employ a impediments in the path of the transfer of data among
blind-and-permute (BP) method. To reduce the number themselves. The security of information of the parties is
of invocations of the BP protocol, we use share of utmost importance in any approach seeking to solve
conversion to convert the (t, t+1)-shares of ,Fi(xj)}1jn the SMC enigma. In our protocols we have taken
(held by parties in the reconstruction set P_i) into (2, 2)- adequate precautions so as to guarantee the security of
shares shared between P1 and Pi, so that only one BP data of the involved parties. Instead of sending the
invocation is neededbetween P1 and each Pi. The entire data blocks the parties break. Them into packets
security of both the basic and advanced schemes is and randomly distribute amongst themselves, for a
proven. Finally, we also discuss possible solutions to stipulated number of times. Provisions
achieve PL-3, and leave practical solutions that achieve Have been done so as to ensure that the parties do not
PL-3 as future work. get to know whose data packets they are forwarding,
and inStark contrast, the third party also doesnt have
The SMC has been a problem that has attracted the even a Lilliputian hint as to whose data packet a
attention of scholars and the industry for quite some particular partyis sending. This necessitates the need of
time. Although a vast amount of work has been done a secure channel to transfer the data packets which
upon the subject, the perpetual implementation of the have been dealt with inthe deftly formed and apposite
endeavors hasonly yielded a perennial hornets nest. architecture. To further conceal the identity of the data
Having said that, it should be acknowledged that to packets we apply anencrypting function upon the data
compute results upon data whose source is not known packets; these encrypting functions also reach to the
is not childs play; and the works undertaken until now third party throughthe same path and are used to
have served a great purposein enlightening the decode the packets and rearrange them to form data
industry of the subtleties of this so-called SMC blocks.
problem. Thus motivated with the intention of solving
this SMC problem we proposed a new protocol IV. IMPLEMENTATION
Encrytpo_Random through which we had put 1. Security
forwardwhat we perceived, to be the most appropriate Since the users may have different privacy
and seemingly plausible solution to the SMC requirements and it takes different amount of efforts to
conundrum. Themethodology followed was quite achieve them, we hereby (informally) define two levels
elementary yet very comprehensible. of privacy where the higher level leaks less information
Encrytpo_Random worked on a two layer basis; it to the adversaries.
consisted of the parties (1st layer) who aspire to draw
out a result collectively and beingapprehensive of each- 2. Usability and Efficiency
others intentions appoint an assumedly unbiased third For profile matching in MSN, it is desirable to involve
party (2nd layer) to carry out the as few human interactions as possible. In this paper, a
Computation and announce the result. human user only need to explicitly participate in the
end of the protocol run, e.g., decide whom to connect
In Extended Encrytpo_Randomthe domain of the 2nd to base on the common interests. In addition, the
layer has been extended from a single third-party to system design should be lightweight and practical, i.e.,
multiple third-parties, from whom a single entity is being enough efficient in computation and
chosen at run time and given the responsibility of communication to be used in MSN. Finally, different

IJCERT2014 458
www.ijcert.org
 ISSN (Online): 2349-7084
GLOBAL IMPACT FACTOR 0.238
ISRA JIF 0.351
INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING IN RESEARCH TRENDS
VOLUME 1, ISSUE 6, DECEMBER 2014, PP 453-460

users (especially the candidates) shall have the option reduces the complexities that are encountered in three
to flexibly personalize their privacy levels. and four layer protocols.

Shamir secret sharing scheme REFERENCES

Secret sharing schemes are multi-party protocols
[1] The Description Logic Handbook: Theory,
related to key establishment. The original motivation
Implementation, and Applications, F. Baader, D.
for secret sharing was the following. To safeguard
Calvanese, D. McGuinness, D. Nardi, P.F. Patel-
cryptographic keys from loss, it is desirable to create
Schneider, eds. Cambridge Univ. Press, 2003.
backup copies. The greater the number of copies made,
[2] Modular Ontologies: Concepts, Theories and
the greater the risk of security exposure; the smaller the
Techniques for Knowledge Modularization, H.
number, the greater the risk that all are lost. Secret
Stuckenschmidt, C. Parent, S. Spaccapietra, eds.
sharing schemes address this issue by allowing
Springer, 2009.
enhanced reliability without increased risk.
*3+ S. Ghilardi, C. Lutz, and F. Wolter, Did I Damage
My Ontology? A Case for Conservative Extensions in
Preventing Malicious Attacks.
Description Logics, Proc.10th Intl Conf. Principles of
Our protocols in this paper are only proven secure in
Knowledge Representation and Reasoning
the HBC model; it would be interesting to make it
(KR), 2006.
secure under the stronger malicious model, i.e., to
[4] R. Kontchakov, L. Pulina, U. Sattler, T. Schneider, P.
prevent an adversary from arbitrarily deviating from a
Selmer, F.Wolter, and M. Zakharyaschev, Minimal
protocol run. we showed that with an additional
Module Extraction from DL-Lite Ontologies Using QBF
commitment round before final reconstruction (which
Solvers, Proc. 21st Intl Joint Conf.Artificial
adds little additional overhead), a specific type of set
Intelligence (IJCAI), 2009.
inflation attack can be easily prevented where a
[5] Z. Wang, K. Wang, R.W. Topor, and J.Z. Pan,
malicious user influences the final output in her
Forgetting concepts in DL-Lite, Proc. Fifth European
favourable way by changing her shares after seeing
Semantic Web Conf. Semantic Web:Research and
others.
Applications (ESWC), 2008.
*6+ B. Konev, D. Walther, and F. Wolter, Forgetting
V.CONCLUSION and Uniform Interpolation in Extensions of the
Description Logic EL, Proc.22nd Intl Workshop
Secure Multi-Party Computation is a well Description Logics, 2009.
researchedtopic. Quite a few protocols already exist, [7] B. Konev, C. Lutz, D. Walther, and F. Wolter,
and work isgoing-on on another handful. Through Semantic Modularity and Module Extraction in
Extended EncryptoRandom we have endeavored to Description Logics, Proc.18th European Conf.
present aconcept that emphasizes the need to keep the Artificial Intelligence (ECAI), 2008.
structure of the proposed solution to the problem very [8] B. Konev, D. Walther, and F. Wolter, Forgetting
forthright so as to avoid ambiguities; at the same time and Uniform Interpolation in Large-Scale Description
ensuring thesecurity of information by taking efficient Logic Terminologies, Proc. 21st Intl Joint Conf.
and intricatemeasures. The data is first distributed and Artifical intelligence (IJCAI), 2009.
then sentforward; assuring that no party becomes [9] B. Cuenca Grau, I. Horrocks, Y. Kazakov, and U.
victim tosabotage by other parties and also that, no Sattler, Just the Right Amount: Extracting Modules
party getsundue privilege, as the sole responsibility of from Ontologies, Proc. 16th Intl Conf. World Wide
thecomputation process is not vested upon a single Web (WWW), 2007.
entity.The encrypted nature of data further hinders [10] K. Wang, Z. Wang, R.W. Topor, J.Z. Pan, and G.
anypossibility of spiteful conduct. The possibility Antoniou, Concept and Role Forgetting in ALC
ofcollaborative malefic behavior by some party and the Ontologies, Proc.Eighth
TTPhas been completely curbed by concealing the Intl Semantic Web Conf. (ISWC), 2009.
identity ofthe TTP until runtime. Our protocol also [11] D. Calvanese, G.D. Giacomo, D. Lembo, M.
Lenzerini, and R.Rosati, Tractable Reasoning and

IJCERT2014 459
www.ijcert.org
 ISSN (Online): 2349-7084
GLOBAL IMPACT FACTOR 0.238
ISRA JIF 0.351
INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING IN RESEARCH TRENDS
VOLUME 1, ISSUE 6, DECEMBER 2014, PP 453-460

Efficient Query Answering in Description Logics: The

DL-Lite Family, J. Automated Reasoning,vol. 39, no. 3,
pp. 385-429, 2007.
[12] O. Palombi, G. Bousquet, D. Jospin, S. Hassan, L.
Reveret, and F.Faure, My Corporis Fabrica: A Unified
Ontological, Geometrical and Mechanical View of
Human Anatomy, Proc. Second Workshop
3D Physiological Human (3DPH), 2009.
[13] S. Abiteboul, R. Hull, and V. Vianu, Foundations of
Databases. Addison-Wesley, 1995.
*14+ M.Y. Vardi, The Complexity of Relational Query
Languages, Proc. 14th Ann. ACM Symp. Theory of
Computing (STOC), 1982.
*15+ A. Cali, G. Gottlob, and T. Lukasiewicz, Datalog+-
: A UnifiedApproach to Ontologies and Integrity
Constraints, Proc. Intl Conf. Database Theory (ICDT),
2009.
*16+ R. Cattell, Scalable Sql and Nosql Data Stores,
SIGMOD Record,vol. 39, no. 4, pp. 12-27, 2010.
[17. ] B. Cuenca Grau, I. Horrocks, Y. Kazakov, and U.
Sattler,Extracting Modules from Ontologies: A Logic-
Based Approach, Proc. Third Intl Workshop OWL
Experiences and Directions(OWLED), 2007
[18] B. Cuenca Grau, I. Horrocks, Y. Kazakov, and U.
Sattler, Modular
Reuse of Ontologies: Theory and Practice, J. Artificial
Intelligence Research, vol. 31, pp. 273-318, 2008.

IJCERT2014 460
www.ijcert.org