Download presentation
Presentation is loading. Please wait.
Published byAdelia Montgomery Modified over 9 years ago
1
Dr. Bhavani Thuraisingham September 24, 2008 Building Trustworthy Semantic Webs Lecture #9: RDF and RDF Security
2
2 12/24/2015 07:26 Objective of the Unit 0 This unit will provide an overview of RDF and then discuss some security issues
3
3 12/24/2015 07:26 Outline of the Unit 0 Why RDF? 0 What is RDF? 0 RDF Specifications 0 RDF Schema (RFDS) 0 RDF Axiomatic Semantics and Inferencing 0 RQL 0 Policies in RDF 0 Summary and Directions 0 Examples throughout the lecture
4
4 12/24/2015 07:26 Why RDF? 0 XML cannot be used to specify semantics 0 Example: -Professor is a subclass of Academic Staff -Professor inherits all properties of Academic Staff 0 RDF was specified so that the inadequacies of XML could be handled 0 RDF uses XML Syntax 0 Additional constructs are needed for RDF
5
5 12/24/2015 07:26 RDF 0 Resource Description Framework is the essence of the semantic web 0 Adds semantics with the use of ontologies, XML syntax 0 RDF Concepts - Basic Model =Resources, Properties and Statements -Container Model =Bag, Sequence and Alternative
6
6 12/24/2015 07:26 RDF Basics 0 Resource: Everything is a resource -Person, Vehicle, etc. 0 Property: properties describe relationships between resources -E.g., Invented 0 Statement: (Object, Property, Value) Triple -Berners Lee invented the Semantic Web
7
7 12/24/2015 07:26 RDF Specification <rdf: RDF xmlns: rdf = “http://w3c.org/1999/02-22-rdf-syntax-ns#” xmlns: xsd = “http:// - - - xmlns: uni = “http:// - - - - <rdf: Description: rdf: about = “949352” Professor <rdf: Description rdf: about: “ZZZ” semantic web
8
8 12/24/2015 07:26 Example 0 The following example illustrates a part of an RDF document describing books: Building_Trustworthy_Semantic_Webs and Managing_and_Mining_Multimedia_Databases. They belong to Class ‘Book’ and have properties: author, publisher, year and ISBN. 0 0 <rdf:RDF 0 xmlns:book="http://www.example.com/book#" 0 xmlns:owl="http://www.w3.org/2002/07/owl#" 0 xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" 0 xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#"> 0 0 Bhavani Thuraisingham 0 Auerbach Publications 0 2007
9
9 12/24/2015 07:26 Example 0 0849350808 0 0 Bhavani Thuraisingham 0 CRC Press 0 2001 0 0849300371 0
10
10 12/24/2015 07:26 RDF Schema 0 Need RDF Schema to specify statements such as professor is a subclass of academic staff <rdfs: Class rdf: ID = “professor” The class of Professors All professors are Academic Staff Members.
11
11 12/24/2015 07:26 Example 0 <The RDF schema for the above RDF document is as follows: 0 0 <rdf:RDF xmlns:owl="http://www.w3.org/2002/07/owl#" 0 xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" 0 xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#" 0 xmlns:wsp="http://www.w3.org/2004/08/20-ws-pol-pos/ns#"> 0 0 Book Class 0
12
12 12/24/2015 07:26 Example 0 0 Author of the book 0 0 Publisher of the book 0
13
13 12/24/2015 07:26 Example 0 0 Year of first publication of the book 0 0 ISBN of the book 0
14
14 12/24/2015 07:26 RDF Container Model 0 Bag: Unordered container, may contain multiple occurrences -Rdf: Bag 0 Seq: Ordered container, may contain multiple occurrences -Rdf: Seq 0 Alt: a set of alternatives -Rdf: Alt
15
15 12/24/2015 07:26 RDF and Security 0 RDF specifications have been given for Attributes, Types Nesting, Containers, etc. 0 How can security policies be included in the specification 0 Example: consider the statement “Berners Les is the Author of the book Semantic Web” 0 Do we allow access to the connection between author and book? Do we allow access to the connection but not to the author name and book name?
16
16 12/24/2015 07:26 RDF Policy Specification < rdf: RDF xmlns: rdf = “http://w3c.org/1999/02-22-rdf-syntax-ns#” xmlns: xsd = “http:// - - - xmlns: uni = “http:// - - - - <rdf: Description: rdf: about = “949352” Professor Level = L1 <rdf: Description rdf: about: “ZZZ” semantic web Level = L2
17
17 12/24/2015 07:26 Policy Specification 0 The examples we have discussed earlier show how certain policies may be specified for RDF documents. A more detailed example is given below. 0 0 <rdf:RDF 0 xmlns:book="http://www.example.com/book#" 0 xmlns:owl="http://www.w3.org/2002/07/owl#" 0 xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" 0 xmlns:rdfs="http://www.w3.org/2000/01/rdf-schema#"> 0 0 Bhavani Thuraisingham 0 Level = Secret 0 Auerbach Publications 0 Level = Confidential
18
18 12/24/2015 07:26 Policy Specification 0 2007 0 Level = Unclassified 0 0849350808 0 Level = Confidential 0 0 Level = Confidential 0 Bhavani Thuraisingham 0 Level = Secret 0 CRC Press 0 Level = Unclassified
19
19 12/24/2015 07:26 Policy Specification 0 2001 0 Level = Unclassified 0 0849300371 0 Level = Unclassified 0
20
20 12/24/2015 07:26 RDF Schema: Security Policies 0 How can security policies be specified? <rdfs: Class rdf: ID = “professor” The class of Professors All professors are Academic Staff Members. Level = L
21
21 12/24/2015 07:26 RDF Axiomatic Semantics 0 First order logic to specify formulas and inferencing -Built in functions (First) and predicates (Type) -Modus Ponens -From A and If A then B, deduce B 0 Example: All containers are Resources -Type(?C, Container) Type(?c, Resource) -If we have Type(A, Container) then we can infer (Type A, Resource)
22
22 12/24/2015 07:26 RDF Inferencing 0 While first order logic provides a proof system, it will be computationally infeasible 0 As a result horn clause logic was developed for logic programming; this is still computationally expensive 0 RDF uses If then Rules 0 IF E contains the triples (?u, rdfs: subClassof, ?v) and (?v, rdfs: subClassof ?w) THEN E also contains the triple (?u, rdfs: subClassOf, ?w) That is, if u is a subclass of v, and v is a subclass of w, then u is a subclass of w
23
23 12/24/2015 07:26 RDF Query 0 One can query RDF using XML, but this will be very difficult as RDF is much richer than XML 0 Is there an analogy between say XQuery and a query language for RDF? 0 RQL – an SQL-like language has been developed for RDF 0 Select from “RDF document” where some “condition”
24
24 12/24/2015 07:26 Policies in RDF 0 How can policies be specified? 0 Should policies be specified as shown in the examples, extensions to RDF syntax? 0 Should policies be specified as RDF documents? 0 Is there an analogy to XPath expressions for RDF policies? -
25
25 12/24/2015 07:26 Example Policies 0 Temporal Access Control -After 1/1/05, only doctors have access to medical records 0 Role-based Access Control -Manager has access to salary information -Project leader has access to project budgets, but he does not have access to salary information -What happens is the manager is also the project leader? 0 Positive and Negative Authorizations -John has write access to EMP -John does not have read access to DEPT -John does not have write access to Salary attribute in EMP -How are conflicts resolved?
26
26 12/24/2015 07:26 Privacy Policies 0 Privacy constraints processing -Simple Constraint: an attribute of a document is private -Content-based constraint: If document contains information about X, then it is private -Association-based Constraint: Two or more documents taken together is private; individually each document is public -Release constraint: After X is released Y becomes private 0 Augment a database system with a privacy controller for constraint processing
27
27 12/24/2015 07:26 Policies,in RDF 0 Now, in previous examples, we have specified policies for RDF documents. Now, can we use RDF to specify policies? That is, how can RDF be used to specify the following policy? 0 “Only those attending a class from a professor has read access to the lecture notes of the professor” 0 Below we specify this policy in RDF. 0 0 xmlns:uni=http://www.w3.org/2002/07/universityonto# 0 xmlns:policy="http://www.example.com/policyonto#" 0 xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> 0 0 Bhavani Thuraisingham 0
28
28 12/24/2015 07:26 Policies in RDF 0 <rdf:RDF 0 xmlns:uni=http://www.w3.org/2002/07/universityonto# 0 xmlns:policy="http://www.example.com/policyonto#" 0 xmlns:rdf=http://www.w3.org/1999/02/22-rdf-syntax-ns#> 0 0 Bhavani Thuraisingham 0
29
29 12/24/2015 07:26 Access Control Strategy 0 Subjects request access to RDF documents under two modes: Browsing and authoring -With browsing access subject can read/navigate documents -Authoring access is needed to modify, delete, append documents 0 Access control module checks the policy based and applies policy specs 0 Views of the document are created based on credentials and policy specs 0 In case of conflict, least access privilege rule is enforced 0 Works for Push/Pull modes 0 Query Modification?
30
30 12/24/2015 07:26 System Architecture for Access Control User Pull/Query Push/result RDF Documents RDF- Access RDF-Admin Admin Tools Policy base Credential base
31
31 12/24/2015 07:26 RDF Databases 0 Data is presented as RDF documents 0 Query language: RQL 0 Query optimization 0 Managing transactions on RDF documents 0 Metadata management: RDF Schemas? 0 Access methods and index strategies 0 RDF security and integrity management
32
32 12/24/2015 07:26 RDF Databases 0 select Book, NumInStock 0 from {Book} book:authoredBy {Author} 0. book:Stock {NumInStock} 0 Where Author Like “Bhavani*” 0 using namespace 0 book = http://www.example.com/book# 0 The requestor does not have access to the number of book copies in the stock. Therefore, new modified Query: 0 select Book 0 from {Book} book:authoredBy {Author} 0 Where Author Like “Bhavani*” 0 using namespace 0 book = http://www.example.com/book#
33
33 12/24/2015 07:26 Inference/Privacy Control Policies Ontologies Rules RDF Database RDF Documents Web Pages, Databases Inference Engine/ Rules Processor Interface to the Semantic Web Technology By UTD
34
34 12/24/2015 07:26 Summary and Directions 0 RDF is beginning to be used 0 Very little work on RDF security 0 How can we specify the policies discussed in this unit in RDF? 0 How can query modification be carried out for RDF documents? 0 Design access control for RDF databases
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.