Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security in semantic web Hassan Abolhassani, Leila Sharif Sharif university of technology

Published byMeagan Willis Modified over 9 years ago

Similar presentations

Presentation on theme: "Security in semantic web Hassan Abolhassani, Leila Sharif Sharif university of technology"— Presentation transcript:

1 Security in semantic web Hassan Abolhassani, Leila Sharif Sharif university of technology abolhassani@sharif.ir

2 Outline ● Semantic Web: a short introduction ● Security model in html document based web ● Security issues in a sample semantic web ● Analysis of solutions ● Query reformulation: centralized version ● Query reformulation: distributed version ● Security aware inference engine

3 Semantic web ● Bringing meaning to the web ● Overcome the limitation of current web – Machine processing is not possible – Search engines returns a lot of un-related results ● Impossible using current web: – Find information about animals that use sonar but are not either bats or dolpines – Finding (best) prices of goods and services – Delegating task to agents: Book me a holiday next weekend somewhere warm not too far away

4 Syntatic web

5 Semantic web layers

6 Focus of this work

7 Outline ● Semantic Web: a short introduction ● Security model in html document based web ● Security issues in a sample semantic web ● Analysis of solutions ● Query reformulation: centralized version ● Query reformulation: distributed version ● Security aware inference engine

8 Simplified security model of the current web ● A page as a whole is subject to security ● All the concepts in a page is treated equally ● Searches return references to pages, not to concepts ● This model is not applicable to semantic web

9 Outline ● Semantic Web: a short introduction ● Security model in html document based web ● Security issues in a sample semantic web ● Analysis of solutions ● Query reformulation: centralized version ● Query reformulation: distributed version ● Building security aware inference engine

10 A sample semantic web ● company1 has name1 as its name ● person1 is the president of the company1 ● this person has phone1 as his personal phone and phone2 as his office phone ● the company has partner1 as one of its partners ● partner1 has product1 with name1 and price1 as its name and price respectively ●...

11 A sample semantic web (cont.)

12 Example queries (in OWL/QL) ● Finding the “personalPhone” number of the president of “company1”: Query: (“What is the personalPhone of president of company1”) Query Pattern: {(c:president company1 ?person) (p:personalPhone ?person ?phone)} Must-Bind Variables List: (?phone) May-Bind variables List: () Don't-Bind Variables List: () Answer Pattern: {(p:personalPhone “president of company1” ?phone)}

13 Example queries (in OWL/QL) ● Finding the “personalPhone” number of the president of “company1”: Query: (“What is the personalPhone of president of company1”) Query Pattern: {(c:president company1 ?person) (p:personalPhone ?person ?phone)} Must-Bind Variables List: (?phone) May-Bind variables List: () Don't-Bind Variables List: () Answer Pattern: {(p:personalPhone “president of company1” ?phone)} Is anybody's access to personal phone number of president of company ok?

14 Example queries (in OWL/QL) ● Finding a provider company that provides product1 Query: (“What partner provides product1”) Query Pattern: {(c:partner company1 ?partner) (c:product ?partner prd:product1)} Must-Bind Variables List: (?partner) May-Bind variables List: () Don't-Bind Variables List: () Answer Pattern: {(prd:prduct ?partner prd:product1)}

15 Example queries (in OWL/QL) ● Finding a provider company that provides product1 Query: (“What partner provides product1”) Query Pattern: {(c:partner company1 ?partner) (c:product ?partner prd:product1)} Must-Bind Variables List: (?partner) May-Bind variables List: () Don't-Bind Variables List: () Answer Pattern: {(prd:prduct ?partner prd:product1)} Is anybody's access to partner information ok?

16 Differences between traditional web and semantic web security ● Concepts are linked not web pages ● Query instead of search ● A query processor traverses a semantic web graph ● For each node in the graph a different access previlage may be assigned ● We don't want to repeat current web limitations ● Each different site has its own logon facility ● Single sign-on is introduced to solve this ● How to add security to SW?

17 Outline ● Semantic Web: a short introduction ● Security model in html document based web ● Security issues in a sample semantic web ● Analysis of solutions ● Query reformulation: centralized version ● Query reformulation: distributed version ● Building security aware inference engine

18 Ad-hoc solution ● Create several semantic webs: ● Separate non-public and public information ● This works but is not a general solution: ● Results in redundant information: creation, maintenamce, and other problems. ● It is not feasible when we have a distributed model (query processor should know about all security measures of involving sites)

19 Query reformulation (filtering) ● Using OWL/QL features of variable binding

20 Query reformulation (cont.) ● Merits: ● Easy to implement ● Has not a significant overhead on query processing ● Demerits ● Not applicable when a semantic model is distributed

21 Distributed query reformulation Query pattern Query processor Site1 filtering agent Site2 filtering agent SiteN filtering agent Query pattern Filtered Query pattern

22 Distributed query reformulation (cont.) ● Merits: ● No centeralized control on security is needed ● Applicable to semantic webs that are distributed ● Demerits ● Overhead of pre-prossesing ● The need for filtering agents at each site ● May introduce security holes (should be investigated further)

23 Security aware inference engines ● It is clear by now that the general solution is to add security at the level of inference engines ● To have a security model we need to have a formalism ● The basic formal model for SW is considered to be Description logic: ● A variable-free logic formalism ● A deciedable fragment of first-order logic ● All constructs are convertible to first-order logic unary and binary predicate

24 Security aware inference engines (cont.) ● Basic description logic AL (attributive language) description logic: Sample statements:

25 Security aware inference engines (cont.) ● Inference in Description Logic ● Tableau based reasoning algorithms has been developed ● This algorithms work based on expansion (completion) rules ● A tree is expanded starting from the original statement (i.e. Query) ● Algorithm stops when a clash appears (i.e. C and ~C in the same node)

26 Security aware inference engines (cont.) ● Example of inference

27 Security aware inference engines (cont.) ● Example of inference

28 Security aware inference engines (cont.) ● Example of inference

29 Security aware inference engines (cont.) ● Example of inference

30 Security aware inference engines (cont.) ● Example of inference

31 Security aware inference engines (cont.) ● Example of inference

32 Security aware inference engines (cont.) ● Example of inference

33 Security aware inference engines (cont.) ● Expansion rules for ALC

34 Security aware inference engines (cont.) ● Adding security semantics to expansion rules

35 Security aware inference engines (cont.) ● Security added tableau algorithm ● Output of reasoner depends on the way the processing is terminated: ● In case of a clash the output can be something like: The query is not answerable by the knowledge base ● In case of a security violation: You are not allowed to traverse parts of knowledge base needed to respond to your query apply completion rules in arbitrary order as long as possible: - stop in case of clash - stop in case of “security violation” - Terminate if no completion rule is applicable

36 Security aware inference engines (cont.) ● Merits: ● An algorithm based on a formal language ● Complexity is same as tableau ● Demerits ● ?

37 Conclusions ● Differences between security model of syntactic web and semantic web is recognized ● Several solutions proposed: ● Ad-hoc: applicable to small closed organizations ● Centeralized filtering: applicable to a small society of organizations ● Distributed filtering: applicable to any society of organizations but with preprocessing overhead ● Security aware inference engines: no limitations upto now is recognized

38 Thank you

Download ppt "Security in semantic web Hassan Abolhassani, Leila Sharif Sharif university of technology"

Similar presentations

Querying on the Web: XQuery, RDQL, SparQL Semantic Web - Spring 2006 Computer Engineering Department Sharif University of Technology.

Querying on the Web: XQuery, RDQL, SparQL Semantic Web - Spring 2006 Computer Engineering Department Sharif University of Technology.
Schema Matching and Query Rewriting in Ontology-based Data Integration Zdeňka Linková ICS AS CR Advisor: Július Štuller.

Schema Matching and Query Rewriting in Ontology-based Data Integration Zdeňka Linková ICS AS CR Advisor: Július Štuller.
The 20th International Conference on Software Engineering and Knowledge Engineering (SEKE2008) Department of Electrical and Computer Engineering

The 20th International Conference on Software Engineering and Knowledge Engineering (SEKE2008) Department of Electrical and Computer Engineering
The Logic of Intelligence Pei Wang Department of Computer and Information Sciences Temple University.

The Logic of Intelligence Pei Wang Department of Computer and Information Sciences Temple University.
CMSC 104, Version 8/061L04Algorithms1.ppt Algorithms, Part 1 of 3 Topics Definition of an Algorithm Algorithm Examples Syntax versus Semantics Reading.

CMSC 104, Version 8/061L04Algorithms1.ppt Algorithms, Part 1 of 3 Topics Definition of an Algorithm Algorithm Examples Syntax versus Semantics Reading.
CSE 425: Semantic Analysis Semantic Analysis Allows rigorous specification of a program’s meaning –Lets (parts of) programming languages be proven correct.

CSE 425: Semantic Analysis Semantic Analysis Allows rigorous specification of a program’s meaning –Lets (parts of) programming languages be proven correct.
Research topics Semantic Web - Spring 2007 Computer Engineering Department Sharif University of Technology.

Research topics Semantic Web - Spring 2007 Computer Engineering Department Sharif University of Technology.
Searching the Semantic Web. Introduction  Research Focuses: IE Ontologies (creating, languages, merging, storing, querying)  Next Sep: Using the Semantic.

Searching the Semantic Web. Introduction  Research Focuses: IE Ontologies (creating, languages, merging, storing, querying)  Next Sep: Using the Semantic.
Soft computing Lecture 6 Introduction to neural networks.

Soft computing Lecture 6 Introduction to neural networks.
Xyleme A Dynamic Warehouse for XML Data of the Web.

Xyleme A Dynamic Warehouse for XML Data of the Web.
SECTIONS 21.4 – 21.5 Sanuja Dabade & Eilbroun Benjamin CS 257 – Dr. TY Lin INFORMATION INTEGRATION.

SECTIONS 21.4 – 21.5 Sanuja Dabade & Eilbroun Benjamin CS 257 – Dr. TY Lin INFORMATION INTEGRATION.
Dynamic Ontologies on the Web Jeff Heflin, James Hendler.

Dynamic Ontologies on the Web Jeff Heflin, James Hendler.
Relational Data Mining in Finance Haonan Zhang CFWin03-37 03/04/2003.

Relational Data Mining in Finance Haonan Zhang CFWin /04/2003.
Visual Web Information Extraction With Lixto Robert Baumgartner Sergio Flesca Georg Gottlob.

Visual Web Information Extraction With Lixto Robert Baumgartner Sergio Flesca Georg Gottlob.
We Need Smart XML Processing HTML has ultra-complex semantics XML has no semantics Something must bridge the gap  A program ?  A clear set of data semantics?

We Need Smart XML Processing HTML has ultra-complex semantics XML has no semantics Something must bridge the gap  A program ?  A clear set of data semantics?
CS 331 / CMPE 334 – Intro to AI CS 531 / CMPE 531 - AI Course Outline.

CS 331 / CMPE 334 – Intro to AI CS 531 / CMPE AI Course Outline.
CIS101 Introduction to Computing Week 11. Agenda Your questions Copy and Paste Assignment Practice Test JavaScript: Functions and Selection Lesson 06,

CIS101 Introduction to Computing Week 11. Agenda Your questions Copy and Paste Assignment Practice Test JavaScript: Functions and Selection Lesson 06,
Information Extraction from HTML: General Machine Learning Approach Using SRV.

Information Extraction from HTML: General Machine Learning Approach Using SRV.
Parsing SLP Chapter 13. 7/2/2015 Speech and Language Processing - Jurafsky and Martin 2 Outline  Parsing with CFGs  Bottom-up, top-down  CKY parsing.

Parsing SLP Chapter 13. 7/2/2015 Speech and Language Processing - Jurafsky and Martin 2 Outline  Parsing with CFGs  Bottom-up, top-down  CKY parsing.
CS580: Building Web Based Information Systems Roger Alexander & Adele Howe The purpose of the course is to teach theory and practice underlying the construction.

CS580: Building Web Based Information Systems Roger Alexander & Adele Howe The purpose of the course is to teach theory and practice underlying the construction.

Similar presentations

Ads by Google