Dr. Bhavani Thuraisingham January 14, 2011 Building Trustworthy Semantic Webs Lecture #1: Introduction to Trustworthy Semantic Web
12-2 1/25/ :43 Outline 0 Data and Applications Security -Developments and Directions 0 Secure Semantic Web -XML Security; Other directions 0 Some Emerging Secure DAS Technologies -Secure Sensor Information Management; Secure Dependable Information Management 0 Some Directions for Privacy Research -Data Mining for handling security problems; Privacy vs. National Security; Privacy Constraint Processing; Foundations of the Privacy Problem 0 What are the Challenges?
12-3 1/25/ :43 Developments in Data and Applications Security: Present 0 Access Control for Systems R and Ingres (mid 1970s) 0 Multilevel secure database systems (1980 – present) -Relational database systems: research prototypes and products; Distributed database systems: research prototypes and some operational systems; Object data systems; Inference problem and deductive database system; Transactions 0 Recent developments in Secure Data Management (1996 – Present) -Secure data warehousing, Role-based access control (RBAC); E- commerce; XML security and Secure Semantic Web; Data mining for intrusion detection and national security; Privacy; Dependable data management; Secure knowledge management and collaboration
12-4 1/25/ :43 Developments in Data and Applications Security: Multilevel Secure Databases - I 0 Air Force Summer Study in Early systems based on Integrity Lock approach 0 Systems in the mid to late 1980s, early 90s -E.g., Seaview by SRI, Lock Data Views by Honeywell, ASD and ASD Views by TRW -Prototypes and commercial products -Trusted Database Interpretation and Evaluation of Commercial Products 0 Secure Distributed Databases (late 80s to mid 90s) -Architectures; Algorithms and Prototype for distributed query processing; Simulation of distributed transaction management and concurrency control algorithms; Secure federated data management
12-5 1/25/ :43 Developments in Data and Applications Security: Multilevel Secure Databases - II 0 Inference Problem (mid 80s to mid 90s) -Unsolvability of the inference problem; Security constraint processing during query, update and database design operations; Semantic models and conceptual structures 0 Secure Object Databases and Systems (late 80s to mid 90s) -Secure object models; Distributed object systems security; Object modeling for designing secure applications; Secure multimedia data management 0 Secure Transactions (1990s) -Single Level/ Multilevel Transactions; Secure recovery and commit protocols
12-6 1/25/ :43 Some Directions and Challenges for Data and Applications Security - I 0 Secure semantic web -Security models 0 Secure Information Integration -How do you securely integrate numerous and heterogeneous data sources on the web and otherwise 0 Secure Sensor Information Management -Fusing and managing data/information from distributed and autonomous sensors 0 Secure Dependable Information Management -Integrating Security, Real-time Processing and Fault Tolerance 0 Data Sharing vs. Privacy -Federated database architectures?
12-7 1/25/ :43 Some Directions and Challenges for Data and Applications Security - II 0 Data mining and knowledge discovery for intrusion detection -Need realistic models; real-time data mining 0 Secure knowledge management -Protect the assets and intellectual rights of an organization 0 Information assurance, Infrastructure protection, Access Control -Insider cyber-threat analysis, Protecting national databases, Role-based access control for emerging applications 0 Security for emerging applications -Geospatial, Biomedical, E-Commerce, etc. 0 Other Directions -Trust and Economics, Trust Management/Negotiation, Secure Peer-to-peer computing,
12-8 1/25/ :43 Coalition Data and Policy Sharing Export Data/Policy Component Data/Policy for Agency A Data/Policy for Federation Export Data/Policy Component Data/Policy for Agency C Component Data/Policy for Agency B Export Data/Policy
12-9 1/25/ :43 Other Topics 0 Secure Semantic Web 0 Secure Cloud Computing 0 Mobile code security 0 Vulnerability Analysis 0 Infrastructure security -Power grid 0 Healthcare Security 0 Financial Security
/25/ :43 Semantic Web: Overview 0 According to Tim Berners Lee, The Semantic Web supports -Machine readable and understandable web pages -Enterprise application integration -Nodes and links that essentially form a very large database Premise: Semantic Web Technologies = XML, RDF, Ontologies, Rules Applications: Web Database Management, Web Services, Information Integration
/25/ :43 Layered Architecture for Dependable Semantic Web XML, XML Schemas Rules/Query Logic, Proof and Trust TRUSTTRUST Other Services RDF, Ontologies URI, UNICODE PRIVACYPRIVACY 0 Adapted from Tim Berners Lee’s description of the Semantic Web
/25/ :43 Relationships between Dependability, Confidentiality, Privacy, Trust Dependability Confidentiality Privacy Trust Dependability: Security, Privacy, Trust, Real-time Processing, Fault Tolerance; also sometimes referred to as “Trustworthiness” Confidentiality: Preventing the release of unauthorized information considered sensitive Privacy: Preventing the release of unauthorized information about individuals considered sensitive Trust: Confidence one has that an individual will give him/her correct information or an individual will protect sensitive information
/25/ :43 What is XML all about? 0 XML is needed due to the limitations of HTML and complexities of SGML 0 It is an extensible markup language specified by the W3C (World Wide Web Consortium) 0 Designed to make the interchange of structured documents over the Internet easier 0 Key to XML is Document Type Definitions (DTDs) -Defines the role of each element of text in a formal model 0 Allows users to bring multiple files together to form compound documents
/25/ :43 Example XML Document Patents Funds Year: 2002 Name: U. Of X Expenses Name: CS titleAuthor ID Asset report Assets Dept Equipment news Patent Other assets Grants Contracts
/25/ :43 Specifying User Credentials in XML Alice Brown University of X CS Security John James University of X CS Senior
/25/ :43 Specifying Security Policies in XML <policy-spec cred-expr = “//Professor[department = ‘CS’]” target = “annual_ report.xml” path = = ‘CS’]//Node()” priv = “VIEW”/> <policy-spec cred-expr = “//Professor[department = ‘CS’]” target = “annual_ report.xml” path = = ‘EE’] /Short-descr/Node() and //Patent = ‘EE’]/authors” priv = “VIEW”/> <policy-spec cred-expr = Explantaion: CS professors are entitled to access all the patents of their department. They are entitled to see only the short descriptions and authors of patents of the EE department
/25/ :43 RDF 0 Resource Description Framework is the essence of the semantic web 0 Adds semantics with the use of ontologies, XML syntax 0 RDF Concepts - Basic Model =Resources, Properties and Statements -Container Model =Bag, Sequence and Alternative
/25/ :43 Ontology Mappings 0 Common definitions for any entity, person or thing 0 Several ontologies have been defined and available for use 0 Defining common ontology for an entity is a challenge 0 Mappings have to be developed for multiple ontologies 0 Specific languages have been developed for ontologies including RDF and OIL (Ontology Interface Language)
/25/ :43 Rules Processing User Interface Manager Constraint Manager Rules/ Constraints Query Processor: Constraints during query and release operations Update Processor: Constraints during update operation XML Database Design Tool Constraints during database design operation XML Database XML Document Manager
/25/ :43 Rule-Processing (Concluded) Policies Ontologies Rules Semantic Web Engine XML, RDF Documents Web Pages, Databases Inference Engine/ Rules Processor Interface to the Semantic Web Technology By W3C
/25/ :43 Semantic Web Database Management 0 Database access through the semantic web -XML, RDF technologies 0 Query, indexing and transaction management for web databases -E.g., New kinds of transaction models for E-commerce applications -Index strategies for unstructured data 0 Query languages and data models -XML has become the standard document interchange language 0 Managing XML/RDF databases on the web -XML-QL, Extensions to XML, Query and Indexing strategies
/25/ :43 Web Services 0 Web Services are about services on the web for carrying out many functions including directory management, source location, subscribe and publish, etc. 0 Web services description language (WSDL) exists for web services specification 0 Web services architectures have been developed 0 Challenge now is to compose web services; how do you integrate multiple web services and provide composed web service in a seamless fashion 0 Ultimate goal is to have web services for information integration
/25/ :43 Web service architecture Service requestor Service providers UDDI Publish Query Answer Request the service
/25/ :43 Secure Web Service Architecture Confidentiality, Authenticity, Integrity Service requestor Service provider UDDI Query BusinessEntity BusinessService BindingTemplate BusinessService tModel PublisherAssertion
/25/ :43 Example Web Service 0 Publish/Subscribe Service
/25/ :43 Information Integration 0 Data Integration: -Integrate the data from the heterogeneous databases and data sources =Challenges: Common data model, Mappings between data models, Schema integration, Semantic heterogeneity, Handling heterogeneous query models, transaction strategies, security policies, etc. 0 Information Integration -Integrate heterogeneous information sources 0 Knowledge integration -Integrate heterogeneous knowledge sources