Controlled Query Evaluation over Prioritized Ontologies with Expressive Data Protection Policies

Abstract

We study information disclosure in Description Logic ontologies, in the spirit of Controlled Query Evaluation, where query answering is filtered through optimal censors maximizing answers while hiding data protected by a declarative policy. Previous works have considered limited forms of policy, typically constituted by conjunctive queries (CQs), whose answer must never be inferred by a user. Also, existing implementations adopt approximated notions of censors that might result too restrictive in the practice in terms of the amount of non-protected information returned to the users. In this paper we enrich the framework, by extending CQs in the policy with comparison predicates and introducing preferences between ontology predicates, which can be exploited to decide the portion of a secret that can be disclosed to a user, thus in principle augmenting the throughput of query answers. We show that answering CQs in our framework is first-order rewritable for \(\textit{DL-Lite}_{A} \) ontologies and safe policies, and thus in AC \(^0\) in data complexity. We also present some experiments on a popular benchmark, showing effectiveness and feasibility of our approach in a real-world scenario.