200 likes | 436 Views
Secure Knowledge Management and Trustworthy Semantic Web Technologies. Dr. Bhavani Thuraisingham The University of Texas at Dallas. December 2008. What is Knowledge Management?.
E N D
Secure Knowledge Management and Trustworthy Semantic Web Technologies Dr. Bhavani Thuraisingham The University of Texas at Dallas December 2008
What is Knowledge Management? • Knowledge management, or KM, is the process through which organizations generate value from their intellectual property and knowledge-based assets • KM involves the creation, dissemination, and utilization of knowledge • Reference: http://www.commerce-database.com/knowledge-management.htm?source=google
Knowledge Management Components Knowledge Components of Management: Components, Cycle and Technologies Cycle: Technologies: Components: Knowledge, Creation Expert systems Strategies Sharing, Measurement Collaboration Processes And Improvement Training Metrics Web
Knowledge Models • Level 1: Highest Level • Mental models utilized by psychologists • Social models (e.g. social network models) used by sociologists • Level 2: Mid-level • Models utilized by expert systems • Process modeling • Level: Bottom level • Models understood by machines • E.g., rule-based, frame-based, etc.
Organizational Learning Process Diffusion - Tacit, Explicit Integration Modification Identification Creation Metrics Action Incentives Source: Reinhardt and Pawlowsky also see: Tools in Organizational Learning http://duplox.wz-berlin.de/oldb/forslin.html
Knowledge Management Metrics - The Goal of Metrics • Measuring Success (How am I doing?) • Benchmarking (How am I comparatively doing?) • Tracking Improvement (Am I getting better?) • Direct • future investment (technology, employees) • strategy • alignment (culture, incentives) “One way to ensure your doing worse is to not measure” - Adapted from Pressman
Learning By-Product Measures • Papers in Competitive Journals and Magazines • Percentage New Technology compared to all Technology • Process Cycle Time • Employee Surveys • Involvement with decisions • Recognition for work achieved • Access to information • Rewarding risk taking • Overall Satisfaction • Employee Retention • ‘Employee Suggestion Process
Knowledge Management: Incentive-based Approaches • Receiver • Positive Incentives • Knowledge Gained • Can teach others what is learned • Teacher • Positive Incentives • “Knowledge Transfer Champion” prestige • Can improve knowledge • Negative Incentives • Time • Unqualified teacher • Negative Incentives • Time • Students not willing to learn
Knowledge Management: Strategies, Processes, Metrics and Tools Knowledge Management: Within and Across Corporations and Agencies Strategies e.g., Management Plans; Policies; Data sharing vs. Privacy Processes e.g., best practices Tools e.g., Semantic Web Metrics e.g., web usage
Knowledge Management Architecture Knowledge Creation and Acquisition Manager Knowledge Representation Manager Knowledge Dissemination and Sharing Manager Knowledge Manipulation Manager
Secure Knowledge Management • Protecting the intellectual property of an organization • Access control including role-based access control • Security for process/activity management and workflow • Users must have certain credentials to carry out an activity • Composing multiple security policies across organizations • Security for knowledge management strategies and processes • Risk management and economic tradeoffs • Digital rights management and trust negotiation
Trust Management and Negotiation • Design a Trust Model • Investigate the current trust models. Identify the inadequacies of current trust models and design a model for the semantic web/DIVO • Components include trust management, trust negotiation as well as economic tradeoffs • Design a Language for specifying Trust policies • Start with XML, RDF and Web Rules language and incorporate features for trust management and negotiation • Design and develop techniques for enforcing the trust policies • Automated Trust Negotiation: A attempts to access database D based on access control policies; However before A can access D, triggers go off and owner of D exchanges credential information with A (
Semantic E-Business • E-Business processes (e.g., order management, supply chain management, contracts management, workflow management) • Service oriented architectures • Apply semantic web technologies such as XML, RDF, Ontologies and RulesML to represent data and reason about the data for the e-business processes • Results in effective knowledge management as organization is getting benefits • The topic is called Semantic E-Business • IEEE Transactions on Systems, Man and Cybernetics, March 2006
Trustworthy Semantic Web Technologies • Beyond XML Security • Why do we need RDF, OWL Security? • Why do we need RDF and OWL? • More expressive as well as reasoning power than XML • Inferencing capabilities • Policies can be expressed in RDF and OWL • Need to secure RDF and OWL documents • Inference and Privacy problems can be better handled with RDF and OWL • Knowledge can be captured, updated and reused with semantic web technologies • Need security to protect the knowledge/intellectual property
Some Efforts - 1 • Messaging (ebMS) : This is a specialization of web services for business to business applications. • Business Process and Collaboration (ebBP) : This set of specification enables collaboration among business partners. • Collaboration Protocol Profile and Agreement (CPPA) : Their effort provides definitions for the sets of information used in business collaborations. • Registry and Repository : The goal of this effort is to come up with specification hat enable interoperable registries and repositories • Core Components (CCTS) : This effort focuses on technologies such as context and content assembly.
Some Efforts - 2 • Semantic web technologies have many applications in knowledge management. For example, we need ontologies to capture the represent knowledge and reason about the knowledge. • Paul Warren gives an example on how ”a political scientist, Sally who wants to research the extent to which British Prime Minister Tony Blair's stance on Zimbabwe has changed over a year and what factors might have caused that change.” • He further states that “in the world of the Semantic Web, Sally could search for everything written by Blair on this topic over a specific time period. She could also search for transcripts of his speeches. Information markup wouldn't stop at the article or report level but would also exist at the article section level. So, Sally could also locate articles written by political commentators that contain transcripts of Blair's speeches”
Some Efforts: OBELIX • Ontologies have also been developed for e-commerce applications specified in languages such as RDF, RDF-S, OWL and OWL-S • For example, in the Obelix project a very good description of e-business and ontologies is provided. The authors state that a problem with e-commerce is the vague ideas that lack precise description they then discuses their approach which they call e3value which is based on requirements engineering and they define ontologies for e-commerce. • It is stated that “OBELIX is the first ontology-based e-business system of its kind in the world to provide smart, scaleable integration and interoperability capabilities”. • It is also stated that this project “ incorporates ontology management and configuration, an e-business application server and ontology-based e-application tools as well as an e-business library.” • OBLEIX is a European Commission project and the goal is to automate e-business services in a semantic web environment which has come to be called semantic e-business.
Secure Knowledge Management with Semantic Web: Architecture Interface to the Secure Knowledge Manager Technology By UTDallas Security Engine/ Rules Processor Policies Ontologies Rules Additional knowledge XML, RDF, OWL Documents Web Pages, Databases Capture knowledge Semantic web engine
Revisiting: Confidentiality, Privacy and Trust CPT • Trust • Trust is established between say a web site and a user based on credentials or reputations. • Privacy • When a user logs into a website to make say a purchase, the web site will specify that its privacy policies are. The user will then determine whether he/she wants to enter personal information. • That is, if the web site will give out say the user’s address to a third party, then the user can decide whether to enter this information. • However before the user enters the information, the user has to decide whether he trusts the web site. • This can be based on the credential and reputation. • if the user trusts the web site, then the user can enter his private information if he is satisfied with the policies. If not, he can choose not to enter the information. • Confidentiality • Here the user is requesting information from the web site; • the web site checks its confidentiality policies and decides what information to release to the user. • The web set can also check the trust it has on the user and decide whether to give the information to the user.
Status and Directions • Knowledge management has exploded due to the web • Knowledge Management has different dimensions • Technology, Business • Tools are emerging • Need effective partnerships between business leaders, technologists and policy makers • Security is critical • Major direction is on integrating E-Business processes and semantic web technologies with security for secure knowledge management