Lecture 3 - The University of Texas at Dallas

Download Report

Transcript Lecture 3 - The University of Texas at Dallas

Trustworthy Semantic Webs
Dr. Bhavani Thuraisingham
The University of Texas at Dallas
Lecture #3
Semantic Web, Web Services and Security
 Today’s Web
 From web to semantic web
 Applications and Technologies
 Layered Approach
 Web Services Introduction
Today’s Web
 High recall, low precision: Too many web pages resulting in
searches, many not relevant
 Sometimes low recall
 Results sensitive to vocabulary: Different words even if they mean
the same thing do not results in same web pages
 Results are single web pages not linked web pages
From Today’s Web to the Semantic Web
 Machine understandable web pages
 Activities on the web such as searching with little or no human
 Technologies for knowledge management, e-commerce,
 Solutions to the problems faced by today’s web
- Retrieving appropriate web pages, sensitive to vocabulary etc.
- Semantic web applications including
Layered Approach: Tim Berners Lee’s Vision
Applications: Web Services
 Web Services refers to the technologies that allow for making
 Services are what you connect together using Web Services.
 A service is the endpoint of a connection.
 Also, a service has some type of underlying computer system
that supports the connection offered.
 The combination of services - internal and external to an
organization - make up a service-oriented architecture.
Knowledge Management
 Corporation Need
- Searching, extracting and maintaining information, uncovering
hidden dependencies, viewing information
 Semantic web for knowledge management
- Organizing knowledge, automated tools for maintaining
knowledge, question answering, querying multiple documents,
controlling access to documents
Business to Consumer E-Commerce
 Users shopping on the web; wrapper technology is used to extract
information about user preferences etc. and display the products to
the user
 Use of semantic web: Develop software agents that can interpret
privacy requirements, pricing and product information and display
timely and correct information to the use; also provides information
about the reputation of shops
 Future: negotiation among the behalf of the user
Business to Business E-Commerce
 Organizations work together and carrying out transactions such as
collaborating on a product, supply chains etc. With today’s web lack
of standards for data exchange
 Use of semantic web: XML is a big improvement, but need to agree
on vocabulary. Future will be the use of ontologies to agree on
meanings and interpretations
Personal Agents
 Agents are essentially processes that have evolved from
object-oriented programming; agent is an active objects
 Agents will use metadata to find resources on the web;
ontologies will be used to interpret statements; logic will be
used for drawing conclusions
 Agents will not completely replace humans; but will make the
tasks of the humans much easier.
 Example: John is a president of a company. He needs to have
a surgery for a serious but not a critical illness. With current
web he has to check each web page for relevant information,
make decisions depending on the information provided
 With the semantic web, the agent will retrieve all the relevant
information, synthesize the information, ask John if needed,
and then present the various options to John and also makes
Semantic Web Technologies
 Explicit metadata
- XML, RDF, etc.
 Ontologies (e.g, OWL)
 Logic/Rules (e.g., RuleML, SWRL)
Explicit metadata
 Metadata is data about data
 Need metadata to be explicitly specified so that different groups and
organizations will know what is on the web
 Using metadata, one can then carry out various activities such as
searching, integration and executing actions
 Metadata specification languages include XML and RDF
 Explicit and formal specification of conceptualization describes a
domain of discourse
 Consists of concepts and prelateships between them
 Web searches can exploit ontologies to facilitate the search process
 Ontology languages include XML, RDF, OWL
Ontology Engineering?
 Tools and Techniques to
- Create Ontologies
- Specify Ontologies
- Maintain Ontologies
- Query Ontologies
- Evolve Ontologies
- Reuse Ontologies
- Incorporate features such as security, data quality, integrity
 Logic can be used to specify facts as well as rules
 New facts and derived from existing facts based on the inference
 Descriptive Logic is the type of logic that has been developed for
semantic web applications
 Example Logic-based languages: SWRL, RuleML
 Semantic web vs. Artificial Intelligence
- Goal of Artificial Intelligence is to build an intelligent agent
exhibiting human-level intelligence
- Goal of the semantic web is to enable machine understandable
web pages
Overview of Web Services
 Service Oriented Architectures
 Web Services Description Language
 WSDL with XML
 Security
 Federated identity
Service Oriented Architectures (SOA)
 A service-oriented architecture is essentially a collection of services. ; These
services communicate with each other.
 A service is a function that is well-defined, self-contained, and does not
depend on the context or state of other services
 The communication can involve either simple data passing or it could involve
two or more services coordinating some activity. Some means of connecting
services to each other is needed.
 The technology of web services is the most likely connection technology of
service-oriented architectures. Web services essentially use XML Technology
create a robust connection.
 A service consumer sends a service request message to a service provider ;
The service provider returns a response message to the service consumer.
 The request and subsequent response connections are defined in some way
that is understandable to both the service consumer and service provider.
 A service provider can also be a service consumer.
Web Services
Web Services Description Language
 The Web Services Description Language (WSDL) forms the basis for
Web Services. The steps involved in providing and consuming a
service are:
A service provider describes its service using WSDL. This definition is
published to a directory of services. The directory could use Universal
Description, Discovery, and Integration (UDDI). Other forms of
directories can also be used.
A service consumer issues one or more queries to the directory to locate
a service and determine how to communicate with that service.
Part of the WSDL provided by the service provider is passed to the
service consumer. This tells the service consumer what the requests
and responses are for the service provider.
The service consumer uses the WSDL to send a request to the service
The service provider provides the expected response to the service
 The UDDI registry is intended to eventually serve as a means
of "discovering" Web Services described using WSDL .
 The idea is that the UDDI registry can be searched in various
ways to obtain contact information and the Web Services
available for various organizations.
 UDDI registry is a way to keep up-to-date on the Web Services
your organization currently uses
 Alternative to UDDI is ebXML Directory
 All the messages are sent using SOAP. (SOAP at one time
stood for Simple Object Access Protocol; Now, the letters in
the acronym have no particular meaning .)
 SOAP essentially provides the envelope for sending the Web
Services messages.
 SOAP generally uses HTTP , but other means of connection
may be used.
 HTTP is the familiar connection we all use for the Internet.
 It is the pervasiveness of HTTP connections that will help
drive the adoption of Web Services.
 WSDL uses XML to define messages.
 XML has a tagged message format.
 Both the service provider and service consumer use these
 In fact, the service provider could send the data in any order.
 The service consumer uses the tags and not the order of the
data to get the data values.
 Security and authorization specifications include:
- eXtensible Access Control Markup Language (XACML)
- eXtensible Rights Markup Language (XrML)
- Security Assertion Markup Language (SAML)
- Service Protection Markup Language (SPML)
- Web Services Security (WSS)
- XML Common Biometric Format (XCBF)
- XML Key Management Specification (XKMS)
 Firewalls
- Specialized XML firewalls offer the promise of protecting
internal systems when using Web Services.
Traditional firewalls offer protection at the packet level
and do not examine the contents of messages.
XML firewalls, on the other hand, examine the contents of
messages. This includes the SOAP headers and the XML
They are designed to permit authorized content to pass
through the firewall.
Security: Examples XACML, SAML, WSS
- eXtensible Access Control Markup Language (XACML) provides
fine grained control of authorized activities, the effect of
characteristics of the access requestor, the protocol over which
the request is made, authorization based on classes of activities,
and content introspection.
- It is an XML framework for exchanging authentication and
authorization information. It is used with WSS
 WSS (OASIS Spec)
- It describes enhancements to SOAP messaging in order to
provide quality of protection through message integrity, and
single message authentication. These mechanisms can be used
to accommodate a wide variety of security models and
encryption technologies.
 Organization for the Advancement of Structured Information
Standards (OASIS)
 OASIS is a not-for-profit, global consortium that drives the
development, convergence, and adoption of e-business standards.
 Members themselves set the OASIS technical agenda, using a
lightweight, open process expressly designed to promote industry
consensus and unite disparate efforts.
 OASIS produces worldwide standards for security, Web Services,
XML conformance, business transactions, electronic publishing,
topic maps, and interoperability within and between marketplaces.
OASIS also hosts XML.org, which provides information about the
application of XML, and The Cover Pages which is a reference
collection supporting the SGML/XML family of markup language
standards and their application.
Federated Identity
 Federated identity allows users to link identity information
between accounts without centrally storing personal
 Also, users can control when and how their accounts and
attributes are linked and shared between domains and
Service Providers, allowing for greater control over their
personal data.
 In practice, this means that users can be authenticated by one
company or Web site and be recognized and delivered
personalized content and services in other locations without
having to re-authenticate or sign on with a separate username
and password.
 Standards include Identity Web Services Framework (I-WSF)