Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lecture #6: RDF and RDF Security Dr. Bhavani Thuraisingham

Published byἙστία Βασιλικός Modified over 5 years ago

Similar presentations

Presentation on theme: "Lecture #6: RDF and RDF Security Dr. Bhavani Thuraisingham"— Presentation transcript:

1 Lecture #6: RDF and RDF Security Dr. Bhavani Thuraisingham
Building Trustworthy Semantic Webs Lecture #6: RDF and RDF Security Dr. Bhavani Thuraisingham September 2006

2 Objective of the Unit This unit will provide an overview of RDF and then discuss some security issues

3 Outline of the Unit Why RDF? What is RDF? RDF Specifications
RDF Schema (RFDS) RDF Axiomatic Semantics and Inferencing RQL Policies in RDF Summary and Directions

4 Why RDF? XML cannot be used to specify semantics Example:
Professor is a subclass of Academic Staff Professor inherits all properties of Academic Staff RDF was specified so that the inadequacies of XML could be handled RDF uses XML Syntax Additional constructs are needed for RDF

5 RDF Resource Description Framework is the essence of the semantic web
Adds semantics with the use of ontologies, XML syntax RDF Concepts Basic Model Resources, Properties and Statements Container Model Bag, Sequence and Alternative

6 RDF Basics Resource: Everything is a resource Person, Vehicle, etc.
Property: properties describe relationships between resources E.g., Invented Statement: (Object, Property, Value) Triple Berners Lee invented the Semantic Web

7 RDF Container Model Bag: Unordered container, may contain multiple occurrences Rdf: Bag Seq: Ordered container, may contain multiple occurrences Rdf: Seq Alt: a set of alternatives Rdf: Alt

8 RDF Specification <rdf: RDF
xmlns: rdf = “ xmlns: xsd = “ xmlns: uni = “ <rdf: Description: rdf: about = “949352” <uni: name = Berners Lee</uni:name> <uni: title> Professor < uni:title> </rdf: Description> <rdf: Description rdf: about: “ZZZ” < uni: bookname> semantic web <uni:bookname> < uni: authoredby: Berners Lee <uni:authoredby> </rdf: RDF>

9 RDF Specification RDF specifications have been given for Attributes, Types Nesting, Containers, etc. How can security policies be included in the specification Example: consider the statement “Berners Les is the Author of the book Semantic Web” Do we allow access to the connection between author and book? Do we allow access to the connection but not to the author name and book name?

10 RDF Policy Specification
<rdf: RDF xmlns: rdf = “ xmlns: xsd = “ xmlns: uni = “ <rdf: Description: rdf: about = “949352” <uni: name = Berners Lee</uni:name> <uni: title> Professor < uni:title> Level = L1 </rdf: Description> <rdf: Description rdf: about: “ZZZ” < uni: bookname> semantic web <uni:bookname> < uni: authoredby: Berners Lee <uni:authoredby> Level = L2 </rdf: RDF>

11 RDF Schema Need RDF Schema to specify statements such as professor is a subclass of academic staff <rdfs: Class rdf: ID = “professor” <rdfs: comment> The class of Professors All professors are Academic Staff Members. <rdfs: subClassof rdf: resource = “academicStaffMember”/> <rdfs: Class>

12 RDF Schema: Security Policies
How can security policies be specified? <rdfs: Class rdf: ID = “professor” <rdfs: comment> The class of Professors All professors are Academic Staff Members. <rdfs: subClassof rdf: resource = “academicStaffMember”/> Level = L <rdfs: Class>

13 RDF Axiomatic Semantics
First order logic to specify formulas and inferencing Built in functions (First) and predicates (Type) Modus Ponens From A and If A then B, deduce B Example: All containers are Resources Type(?C, Container)  Type(?c, Resource) If we have Type(A, Container) then we can infer (Type A, Resource)

14 RDF Inferencing While first order logic provides a proof system, it will be computationally infeasible As a result horn clause logic was developed for logic programming; this is still computationally expensive RDF uses If then Rules IF E contains the triples (?u, rdfs: subClassof, ?v) and (?v, rdfs: subClassof ?w) THEN E also contains the triple (?u, rdfs: subClassOf, ?w) That is, if u is a subclass of v, and v is a subclass of w, then u is a subclass of w

15 RDF Query One can query RDF using XML, but this will be very difficult as RDF is much richer than XML Is there an analogy between say XQuery and a query language for RDF? RQL – an SQL-like language has been developed for RDF Select from “RDF document” where some “condition”

16 Policies in RDF How can policies be specified?
Should policies be specified as shown in the examples, extensions to RDF syntax? Should policies be specified as RDF documents? Is there an analogy to XPath expressions for RDF policies? <policy-spec cred-expr = “//Professor[department = ‘CS’]” target = “annual_ report.xml” path = = ‘CS’]//Node()” priv = “VIEW”/>

17 Example Policies Temporal Access Control
After 1/1/05, only doctors have access to medical records Role-based Access Control Manager has access to salary information Project leader has access to project budgets, but he does not have access to salary information What happens is the manager is also the project leader? Positive and Negative Authorizations John has write access to EMP John does not have read access to DEPT John does not have write access to Salary attribute in EMP How are conflicts resolved?

18 Privacy Policies Privacy constraints processing
Simple Constraint: an attribute of a document is private Content-based constraint: If document contains information about X, then it is private Association-based Constraint: Two or more documents taken together is private; individually each document is public Release constraint: After X is released Y becomes private Augment a database system with a privacy controller for constraint processing

19 Access Control Strategy
Subjects request access to RDF documents under two modes: Browsing and authoring With browsing access subject can read/navigate documents Authoring access is needed to modify, delete, append documents Access control module checks the policy based and applies policy specs Views of the document are created based on credentials and policy specs In case of conflict, least access privilege rule is enforced Works for Push/Pull modes Query Modification?

20 System Architecture for Access Control
User Pull/Query Push/result RDF- Access RDF-Admin Admin Tools Credential base Policy base RDF Documents

21 Can Thirs Party Architecture wotk for RDF Documenrtfs?
The Owner is the producer of information It specifies access control policies The Publisher is responsible for managing (a portion of) the Owner information and answering subject queries Goal: Untrusted Publisher with respect to Authenticity and Completeness checking XML Source Credential base policy base SE-RDF? Owner Publisher Reply document credentials Query User/Subject

22 RDF Databases Data is presented as RDF documents Query language: RQL
Query optimization Managing transactions on RDF documents Metadata management: RDF Schemas? Access methods and index strategies RDF security and integrity management

23 Inference/Privacy Control
Interface to the Semantic Web Technology By UTD Inference Engine/ Rules Processor Policies Ontologies Rules RDF Documents Web Pages, Databases RDF Database

24 Summary and Directions
RDF is beginning to be used Very little work on RDF security How can we specify the policies discussed in this unit in RDF? How can query modification be carried out for RDF documents? Design access control for RDF databases

Download ppt "Lecture #6: RDF and RDF Security Dr. Bhavani Thuraisingham"

Similar presentations

CH-4 Ontologies, Querying and Data Integration. Introduction to RDF(S) RDF stands for Resource Description Framework. RDF is a standard for describing.

CH-4 Ontologies, Querying and Data Integration. Introduction to RDF(S) RDF stands for Resource Description Framework. RDF is a standard for describing.
RDF Schemata (with apologies to the W3C, the plural is not ‘schemas’) CSCI 7818 – Web Technologies 14 November 2001 Van Lepthien.

RDF Schemata (with apologies to the W3C, the plural is not ‘schemas’) CSCI 7818 – Web Technologies 14 November 2001 Van Lepthien.
Dr. Bhavani Thuraisingham February 18, 2011 Building Trustworthy Semantic Webs RDF and RDF Security.

Dr. Bhavani Thuraisingham February 18, 2011 Building Trustworthy Semantic Webs RDF and RDF Security.
1 RDF Tutorial. C. Abela RDF Tutorial2 What is RDF? RDF stands for Resource Description Framework It is used for describing resources on the web Makes.

1 RDF Tutorial. C. Abela RDF Tutorial2 What is RDF? RDF stands for Resource Description Framework It is used for describing resources on the web Makes.
E © 2002 Dario Aganovic Resource Description Framework Schema (RDFS) Dario Aganovic Industrial PhD-student NPI Production Kista, Ericsson AB and Production.

E © 2002 Dario Aganovic Resource Description Framework Schema (RDFS) Dario Aganovic Industrial PhD-student NPI Production Kista, Ericsson AB and Production.
CS570 Artificial Intelligence Semantic Web & Ontology 2

CS570 Artificial Intelligence Semantic Web & Ontology 2
Shelley Powers, O’Reilly SNU IDB Lab. Hyewon Kim

Shelley Powers, O’Reilly SNU IDB Lab. Hyewon Kim
By Ahmet Can Babaoğlu Abdurrahman Beşinci.  Suppose you want to buy a Star wars DVD having such properties;  wide-screen ( not full-screen )  the extra.

By Ahmet Can Babaoğlu Abdurrahman Beşinci.  Suppose you want to buy a Star wars DVD having such properties;  wide-screen ( not full-screen )  the extra.
RDF Tutorial.

RDF Tutorial.
Dr. Alexandra I. Cristea RDF.

Dr. Alexandra I. Cristea RDF.
RDF: Data Description With HTML, the Web is for reading With XML, the Web is for processing Necessary to know  who wrote this?  who owns it?  who authorised.

RDF: Data Description With HTML, the Web is for reading With XML, the Web is for processing Necessary to know  who wrote this?  who owns it?  who authorised.
Access Control in Data Management Systems Dr. Bhavani Thuraisingham The University of Texas at Dallas Access Control and Policies in Data Management Systems.

Access Control in Data Management Systems Dr. Bhavani Thuraisingham The University of Texas at Dallas Access Control and Policies in Data Management Systems.
Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #9 Trustworthy Semantic Webs February 2010 Data and Applications Security Developments.

Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #9 Trustworthy Semantic Webs February 2010 Data and Applications Security Developments.
Dr. Bhavani Thuraisingham October 1, 2008 Building Trustworthy Semantic Webs Lecture #11: Logic and Inference Rules Semantic Web Applications.

Dr. Bhavani Thuraisingham October 1, 2008 Building Trustworthy Semantic Webs Lecture #11: Logic and Inference Rules Semantic Web Applications.
RDF (Resource Description Framework) Why?. XML XML is a metalanguage that allows users to define markup XML separates content and structure from formatting.

RDF (Resource Description Framework) Why?. XML XML is a metalanguage that allows users to define markup XML separates content and structure from formatting.
Secure Publishing of XML Documents Bhavani Thuraisingham October 29, 2010.

Secure Publishing of XML Documents Bhavani Thuraisingham October 29, 2010.
Dr. Bhavani Thuraisingham The University of Texas at Dallas Trustworthy Semantic Webs October 2013 Data and Applications Security.

Dr. Bhavani Thuraisingham The University of Texas at Dallas Trustworthy Semantic Webs October 2013 Data and Applications Security.
Trustworthy Semantic Webs Dr. Bhavani Thuraisingham The University of Texas at Dallas December 2007.

Trustworthy Semantic Webs Dr. Bhavani Thuraisingham The University of Texas at Dallas December 2007.
Secure and Selective Authentication and Access Control of XML Documents Bhavani Thuraisingham April 8, 2009 Lecture #22.

Secure and Selective Authentication and Access Control of XML Documents Bhavani Thuraisingham April 8, 2009 Lecture #22.
Dr. Bhavani Thuraisingham February 2010 Building Trustworthy Semantic Webs Lecture #14 : OWL (Web Ontology Language) and Security.

Dr. Bhavani Thuraisingham February 2010 Building Trustworthy Semantic Webs Lecture #14 : OWL (Web Ontology Language) and Security.

Similar presentations

Ads by Google