1 / 26

Secure Semantic Web: Trustworthy Data Applications and Privacy Challenges

This lecture introduces secure semantic web technologies, data security developments, challenges, and directions. Topics include data mining for security, secure databases, privacy constraints, and more.

raycoleman
Download Presentation

Secure Semantic Web: Trustworthy Data Applications and Privacy Challenges

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Building Trustworthy Semantic Webs Lecture #1: Introduction to Trustworthy Semantic Web Dr. Bhavani Thuraisingham January 14, 2011

  2. Outline • Data and Applications Security • Developments and Directions • Secure Semantic Web • XML Security; Other directions • Some Emerging Secure DAS Technologies • Secure Sensor Information Management; Secure Dependable Information Management • Some Directions for Privacy Research • Data Mining for handling security problems; Privacy vs. National Security; Privacy Constraint Processing; Foundations of the Privacy Problem • What are the Challenges?

  3. Developments in Data and Applications Security: 1975 - Present • Access Control for Systems R and Ingres (mid 1970s) • Multilevel secure database systems (1980 – present) • Relational database systems: research prototypes and products; Distributed database systems: research prototypes and some operational systems; Object data systems; Inference problem and deductive database system; Transactions • Recent developments in Secure Data Management (1996 – Present) • Secure data warehousing, Role-based access control (RBAC); E-commerce; XML security and Secure Semantic Web; Data mining for intrusion detection and national security; Privacy; Dependable data management; Secure knowledge management and collaboration

  4. Developments in Data and Applications Security: Multilevel Secure Databases - I • Air Force Summer Study in 1982 • Early systems based on Integrity Lock approach • Systems in the mid to late 1980s, early 90s • E.g., Seaview by SRI, Lock Data Views by Honeywell, ASD and ASD Views by TRW • Prototypes and commercial products • Trusted Database Interpretation and Evaluation of Commercial Products • Secure Distributed Databases (late 80s to mid 90s) • Architectures; Algorithms and Prototype for distributed query processing; Simulation of distributed transaction management and concurrency control algorithms; Secure federated data management

  5. Developments in Data and Applications Security: Multilevel Secure Databases - II • Inference Problem (mid 80s to mid 90s) • Unsolvability of the inference problem; Security constraint processing during query, update and database design operations; Semantic models and conceptual structures • Secure Object Databases and Systems (late 80s to mid 90s) • Secure object models; Distributed object systems security; Object modeling for designing secure applications; Secure multimedia data management • Secure Transactions (1990s) • Single Level/ Multilevel Transactions; Secure recovery and commit protocols

  6. Some Directions and Challenges for Data and Applications Security - I • Secure semantic web • Security models • Secure Information Integration • How do you securely integrate numerous and heterogeneous data sources on the web and otherwise • Secure Sensor Information Management • Fusing and managing data/information from distributed and autonomous sensors • Secure Dependable Information Management • Integrating Security, Real-time Processing and Fault Tolerance • Data Sharing vs. Privacy • Federated database architectures?

  7. Some Directions and Challenges for Data and Applications Security - II • Data mining and knowledge discovery for intrusion detection • Need realistic models; real-time data mining • Secure knowledge management • Protect the assets and intellectual rights of an organization • Information assurance, Infrastructure protection, Access Control • Insider cyber-threat analysis, Protecting national databases, Role-based access control for emerging applications • Security for emerging applications • Geospatial, Biomedical, E-Commerce, etc. • Other Directions • Trust and Economics, Trust Management/Negotiation, Secure Peer-to-peer computing,

  8. Coalition Data and Policy Sharing Data/Policy for Federation Export Export Data/Policy Data/Policy Export Data/Policy Component Component Data/Policy for Data/Policy for Agency A Agency C Component Data/Policy for Agency B

  9. Other Topics • Secure Semantic Web • Secure Cloud Computing • Mobile code security • Vulnerability Analysis • Infrastructure security • Power grid • Healthcare Security • Financial Security

  10. Semantic Web: Overview • According to Tim Berners Lee, The Semantic Web supports • Machine readable and understandable web pages • Enterprise application integration • Nodes and links that essentially form a very large database Premise: Semantic Web Technologies = XML, RDF, Ontologies, Rules Applications: Web Database Management, Web Services, Information Integration

  11. TRUST P R I V A C Y Logic, Proof and Trust Rules/Query Other Services RDF, Ontologies XML, XML Schemas URI, UNICODE Layered Architecture for Dependable Semantic Web • Adapted from Tim Berners Lee’s description of the Semantic Web

  12. Privacy Confidentiality Trust Dependability Relationships between Dependability, Confidentiality, Privacy, Trust Dependability: Security, Privacy, Trust, Real-time Processing, Fault Tolerance; also sometimes referred to as “Trustworthiness” Confidentiality: Preventing the release of unauthorized information considered sensitive Privacy: Preventing the release of unauthorized information about individuals considered sensitive Trust: Confidence one has that an individual will give him/her correct information or an individual will protect sensitive information

  13. What is XML all about? • XML is needed due to the limitations of HTML and complexities of SGML • It is an extensible markup language specified by the W3C (World Wide Web Consortium) • Designed to make the interchange of structured documents over the Internet easier • Key to XML is Document Type Definitions (DTDs) • Defines the role of each element of text in a formal model • Allows users to bring multiple files together to form compound documents

  14. Example XML Document Year: 2002 Asset report Name: U. Of X Assets Patents Equipment Other assets Dept Funds Patent news Name: CS Expenses Contracts ID Author title Grants

  15. Specifying User Credentials in XML <Professor credID=“9” subID = “16: CIssuer = “2”> <name> Alice Brown </name> <university> University of X <university/> <department> CS </department> <research-group> Security </research-group> </Professor> <Secretary credID=“12” subID = “4: CIssuer = “2”> <name> John James </name> <university> University of X <university/> <department> CS </department> <level> Senior </level> </Secretary>

  16. Specifying Security Policies in XML <? Xml VERSION = “1.0” ENCODING = “utf-8”?> <Policy–base> <policy-spec cred-expr = “//Professor[department = ‘CS’]” target = “annual_ report.xml” path = “//Patent[@Dept = ‘CS’]//Node()” priv = “VIEW”/> <policy-spec cred-expr = “//Professor[department = ‘CS’]” target = “annual_ report.xml” path = “//Patent[@Dept = ‘EE’] /Short-descr/Node() and //Patent [@Dept = ‘EE’]/authors” priv = “VIEW”/> <policy-spec cred-expr = - - - - <policy-spec cred-expr = - - -- </Policy-base> Explantaion: CS professors are entitled to access all the patents of their department. They are entitled to see only the short descriptions and authors of patents of the EE department

  17. RDF • Resource Description Framework is the essence of the semantic web • Adds semantics with the use of ontologies, XML syntax • RDF Concepts • Basic Model • Resources, Properties and Statements • Container Model • Bag, Sequence and Alternative

  18. Ontology Mappings • Common definitions for any entity, person or thing • Several ontologies have been defined and available for use • Defining common ontology for an entity is a challenge • Mappings have to be developed for multiple ontologies • Specific languages have been developed for ontologies including RDF and OIL (Ontology Interface Language)

  19. Rules Processing User Interface Manager XML Database Design Tool Constraints during database design operation Constraint Manager Rules/ Constraints Update Processor: Constraints during update operation Query Processor: Constraints during query and release operations XML Document Manager XML Database

  20. Rule-Processing (Concluded) Interface to the Semantic Web Technology By W3C Inference Engine/ Rules Processor Policies Ontologies Rules XML, RDF Documents Web Pages, Databases Semantic Web Engine

  21. Semantic Web Database Management • Database access through the semantic web • XML, RDF technologies • Query, indexing and transaction management for web databases • E.g., New kinds of transaction models for E-commerce applications • Index strategies for unstructured data • Query languages and data models • XML has become the standard document interchange language • Managing XML/RDF databases on the web • XML-QL, Extensions to XML, Query and Indexing strategies

  22. Web Services • Web Services are about services on the web for carrying out many functions including directory management, source location, subscribe and publish, etc. • Web services description language (WSDL) exists for web services specification • Web services architectures have been developed • Challenge now is to compose web services; how do you integrate multiple web services and provide composed web service in a seamless fashion • Ultimate goal is to have web services for information integration

  23. Publish Query UDDI Answer Request the service Service providers Web service architecture Service requestor

  24. Query UDDI Service requestor BusinessService Secure Web Service Architecture Confidentiality, Authenticity, Integrity BusinessEntity <dsig:Signature> tModel BusinessService PublisherAssertion BindingTemplate Service provider

  25. Example Web Service • Publish/Subscribe Service

  26. Information Integration • Data Integration: • Integrate the data from the heterogeneous databases and data sources • Challenges: Common data model, Mappings between data models, Schema integration, Semantic heterogeneity, Handling heterogeneous query models, transaction strategies, security policies, etc. • Information Integration • Integrate heterogeneous information sources • Knowledge integration • Integrate heterogeneous knowledge sources

More Related