Transcript KM-talk - The University of Texas at Dallas

Secure Knowledge Management
and
Trustworthy Semantic Web
Technologies
Dr. Bhavani Thuraisingham
The University of Texas at Dallas
December 2008
3/28/2016 18:09
2
What is Knowledge Management?
0 Knowledge management, or KM, is the process through which
organizations generate value from their intellectual property and
knowledge-based assets
0
KM involves the creation, dissemination, and utilization of
knowledge
0 Reference: http://www.commerce-database.com/knowledge-
management.htm?source=google
3/28/2016 18:09
3
Knowledge Management Components
Knowledge
Components of
Management:
Components,
Cycle and
Technologies
Components:
Strategies
Processes
Metrics
Cycle:
Knowledge, Creation
Sharing, Measurement
And Improvement
Technologies:
Expert systems
Collaboration
Training
Web
3/28/2016 18:09
4
Knowledge Models
0 Level 1: Highest Level
- Mental models utilized by psychologists
- Social models (e.g. social network models) used by sociologists
0 Level 2: Mid-level
- Models utilized by expert systems
- Process modeling
0 Level: Bottom level
- Models understood by machines
- E.g., rule-based, frame-based, etc.
3/28/2016 18:09
5
Organizational Learning Process
Diffusion Tacit, Explicit
Identification
Creation
Source:
Reinhardt and Pawlowsky
Metrics
Integration
Modification
Action
also see: Tools in Organizational Learning
http://duplox.wz-berlin.de/oldb/forslin.html
3/28/2016 18:09
6
Knowledge Management Metrics The Goal of Metrics
 Measuring Success (How am I doing?)
 Benchmarking (How am I comparatively doing?)
 Tracking Improvement (Am I getting better?)
 Direct
 future investment (technology, employees)
 strategy
 alignment (culture, incentives)
“One way to ensure your doing worse is to not measure” Adapted from Pressman
3/28/2016 18:09
7
Learning By-Product Measures
 Papers in Competitive Journals and Magazines
 Percentage New Technology compared to all Technology
 Process Cycle Time
 Employee Surveys
 Involvement with decisions
 Recognition for work achieved
 Access to information
 Rewarding risk taking
 Overall Satisfaction
 Employee Retention
 ‘Employee Suggestion Process
3/28/2016 18:09
8
Knowledge Management: Incentive-based
Approaches
Receiver
Teacher
Positive Incentives
Positive Incentives
• Knowledge Gained
• Can teach others
what is learned
Negative Incentives
• “Knowledge Transfer
Champion” prestige
•Can improve knowledge
Negative Incentives
•Time
•Time
•Unqualified teacher
•Students not willing to
learn
3/28/2016 18:09
Knowledge Management: Strategies, Processes,
Metrics and Tools
Knowledge Management: Within and Across
Corporations and Agencies
Strategies
e.g., Management
Plans; Policies;
Data sharing vs. Privacy
Metrics
e.g., web usage
Processes
e.g., best
practices
Tools
e.g., Semantic
Web
9
3/28/2016 18:09
10
Knowledge Management Architecture
Knowledge
Creation and
Acquisition
Manager
Knowledge
Dissemination
and Sharing
Manager
Knowledge
Representation
Manager
Knowledge
Manipulation
Manager
3/28/2016 18:09
11
Secure Knowledge Management
0 Protecting the intellectual property of an organization
0 Access control including role-based access control
0 Security for process/activity management and workflow
- Users must have certain credentials to carry out an activity
0 Composing multiple security policies across organizations
0 Security for knowledge management strategies and processes
0 Risk management and economic tradeoffs
0 Digital rights management and trust negotiation
3/28/2016 18:09
12
Trust Management and Negotiation
0 Design a Trust Model
- Investigate the current trust models. Identify the inadequacies of current
trust models and design a model for the semantic web/DIVO
= Components include trust management, trust negotiation as well as
economic tradeoffs
0 Design a Language for specifying Trust policies
- Start with XML, RDF and Web Rules language and incorporate features
for trust management and negotiation
0 Design and develop techniques for enforcing the trust policies
- Automated Trust Negotiation: A attempts to access database D based on
access control policies; However before A can access D, triggers go off
and owner of D exchanges credential information with A (
3/28/2016 18:09
13
Semantic E-Business
0 E-Business processes (e.g., order management, supply chain
management, contracts management, workflow management)
0 Service oriented architectures
0 Apply semantic web technologies such as XML, RDF, Ontologies and
RulesML to represent data and reason about the data for the ebusiness processes
0 Results in effective knowledge management as organization is
getting benefits
0 The topic is called Semantic E-Business
0 IEEE Transactions on Systems, Man and Cybernetics, March 2006
3/28/2016 18:09
14
Trustworthy Semantic Web Technologies
0 Beyond XML Security
- Why do we need RDF, OWL Security?
0 Why do we need RDF and OWL?
0
0
0
0
0
- More expressive as well as reasoning power than XML
- Inferencing capabilities
Policies can be expressed in RDF and OWL
Need to secure RDF and OWL documents
Inference and Privacy problems can be better handled with RDF
and OWL
Knowledge can be captured, updated and reused with semantic
web technologies
Need security to protect the knowledge/intellectual property
3/28/2016 18:09
15
Some Efforts - 1
0 Messaging (ebMS) : This is a specialization of web services
0
0
0
0
for business to business applications.
Business Process and Collaboration (ebBP) : This set of
specification enables collaboration among business partners.
Collaboration Protocol Profile and Agreement (CPPA) : Their
effort provides definitions for the sets of information used in
business collaborations.
Registry and Repository : The goal of this effort is to come up
with specification hat enable interoperable registries and
repositories
Core Components (CCTS) : This effort focuses on
technologies such as context and content assembly.
3/28/2016 18:09
16
Some Efforts - 2
0 Semantic web technologies have many applications in knowledge
management. For example, we need ontologies to capture the
represent knowledge and reason about the knowledge.
0 Paul Warren gives an example on how ”a political scientist, Sally
who wants to research the extent to which British Prime Minister
Tony Blair's stance on Zimbabwe has changed over a year and what
factors might have caused that change.”
0 He further states that “in the world of the Semantic Web, Sally could
search for everything written by Blair on this topic over a specific
time period. She could also search for transcripts of his speeches.
Information markup wouldn't stop at the article or report level but
would also exist at the article section level. So, Sally could also
locate articles written by political commentators that contain
transcripts of Blair's speeches”
3/28/2016 18:10
17
Some Efforts: OBELIX
0 Ontologies have also been developed for e-commerce applications specified
in languages such as RDF, RDF-S, OWL and OWL-S
0 For example, in the Obelix project a very good description of e-business and
ontologies is provided. The authors state that a problem with e-commerce is
the vague ideas that lack precise description they then discuses their
approach which they call e3value which is based on requirements
engineering and they define ontologies for e-commerce.
0 It is stated that “OBELIX is the first ontology-based e-business system of its
kind in the world to provide smart, scaleable integration and interoperability
capabilities”.
0 It is also stated that this project “ incorporates ontology management and
configuration, an e-business application server and ontology-based eapplication tools as well as an e-business library.”
0 OBLEIX is a European Commission project and the goal is to automate e-
business services in a semantic web environment which has come to be
called semantic e-business.
3/28/2016 18:10
18
Secure Knowledge Management with
Semantic Web: Architecture
Technology
By UTDallas
Interface to the Secure Knowledge
Manager
Security Engine/
Rules Processor
Policies
Ontologies
Rules
Additional
knowledge
Semantic web
engine
XML, RDF, OWL
Documents
Web Pages,
Databases
Capture
knowledge
3/28/2016 18:10
19
Revisiting: Confidentiality, Privacy and Trust CPT
0 Trust
- Trust is established between say a web site and a user based on credentials or
reputations.
0 Privacy
- When a user logs into a website to make say a purchase, the web site will specify
that its privacy policies are. The user will then determine whether he/she wants to
enter personal information.
- That is, if the web site will give out say the user’s address to a third party, then the
user can decide whether to enter this information.
- However before the user enters the information, the user has to decide whether he
trusts the web site.
- This can be based on the credential and reputation.
- if the user trusts the web site, then the user can enter his private information if he
is satisfied with the policies. If not, he can choose not to enter the information.
0 Confidentiality
- Here the user is requesting information from the web site;
- the web site checks its confidentiality policies and decides what information to
release to the user.
- The web set can also check the trust it has on the user and decide whether to give
the information to the user.
3/28/2016 18:10
20
Status and Directions
0 Knowledge management has exploded due to the web
0 Knowledge Management has different dimensions
- Technology, Business
0 Tools are emerging
0 Need effective partnerships between business leaders, technologists
and policy makers
0 Security is critical
0 Major direction is on integrating E-Business processes and semantic
web technologies with security for secure knowledge management