Lecture 3 - The University of Texas at Dallas
Transcript Lecture 3 - The University of Texas at Dallas
Trustworthy Semantic Webs
Dr. Bhavani Thuraisingham
The University of Texas at Dallas
Semantic Web, Web Services and Security
From web to semantic web
Applications and Technologies
Web Services Introduction
High recall, low precision: Too many web pages resulting in
searches, many not relevant
Sometimes low recall
Results sensitive to vocabulary: Different words even if they mean
the same thing do not results in same web pages
Results are single web pages not linked web pages
From Today’s Web to the Semantic Web
Machine understandable web pages
Activities on the web such as searching with little or no human
Technologies for knowledge management, e-commerce,
Solutions to the problems faced by today’s web
- Retrieving appropriate web pages, sensitive to vocabulary etc.
- Semantic web applications including
Layered Approach: Tim Berners Lee’s Vision
Applications: Web Services
Web Services refers to the technologies that allow for making
Services are what you connect together using Web Services.
A service is the endpoint of a connection.
Also, a service has some type of underlying computer system
that supports the connection offered.
The combination of services - internal and external to an
organization - make up a service-oriented architecture.
- Searching, extracting and maintaining information, uncovering
hidden dependencies, viewing information
Semantic web for knowledge management
- Organizing knowledge, automated tools for maintaining
knowledge, question answering, querying multiple documents,
controlling access to documents
Business to Consumer E-Commerce
Users shopping on the web; wrapper technology is used to extract
information about user preferences etc. and display the products to
Use of semantic web: Develop software agents that can interpret
privacy requirements, pricing and product information and display
timely and correct information to the use; also provides information
about the reputation of shops
Future: negotiation among the behalf of the user
Business to Business E-Commerce
Organizations work together and carrying out transactions such as
collaborating on a product, supply chains etc. With today’s web lack
of standards for data exchange
Use of semantic web: XML is a big improvement, but need to agree
on vocabulary. Future will be the use of ontologies to agree on
meanings and interpretations
Agents are essentially processes that have evolved from
object-oriented programming; agent is an active objects
Agents will use metadata to find resources on the web;
ontologies will be used to interpret statements; logic will be
used for drawing conclusions
Agents will not completely replace humans; but will make the
tasks of the humans much easier.
Example: John is a president of a company. He needs to have
a surgery for a serious but not a critical illness. With current
web he has to check each web page for relevant information,
make decisions depending on the information provided
With the semantic web, the agent will retrieve all the relevant
information, synthesize the information, ask John if needed,
and then present the various options to John and also makes
Semantic Web Technologies
- XML, RDF, etc.
Ontologies (e.g, OWL)
Logic/Rules (e.g., RuleML, SWRL)
Metadata is data about data
Need metadata to be explicitly specified so that different groups and
organizations will know what is on the web
Using metadata, one can then carry out various activities such as
searching, integration and executing actions
Metadata specification languages include XML and RDF
Explicit and formal specification of conceptualization describes a
domain of discourse
Consists of concepts and prelateships between them
Web searches can exploit ontologies to facilitate the search process
Ontology languages include XML, RDF, OWL
Tools and Techniques to
- Create Ontologies
- Specify Ontologies
- Maintain Ontologies
- Query Ontologies
- Evolve Ontologies
- Reuse Ontologies
- Incorporate features such as security, data quality, integrity
Logic can be used to specify facts as well as rules
New facts and derived from existing facts based on the inference
Descriptive Logic is the type of logic that has been developed for
semantic web applications
Example Logic-based languages: SWRL, RuleML
Semantic web vs. Artificial Intelligence
- Goal of Artificial Intelligence is to build an intelligent agent
exhibiting human-level intelligence
- Goal of the semantic web is to enable machine understandable
Overview of Web Services
Service Oriented Architectures
Web Services Description Language
WSDL with XML
Service Oriented Architectures (SOA)
A service-oriented architecture is essentially a collection of services. ; These
services communicate with each other.
A service is a function that is well-defined, self-contained, and does not
depend on the context or state of other services
The communication can involve either simple data passing or it could involve
two or more services coordinating some activity. Some means of connecting
services to each other is needed.
The technology of web services is the most likely connection technology of
service-oriented architectures. Web services essentially use XML Technology
create a robust connection.
A service consumer sends a service request message to a service provider ;
The service provider returns a response message to the service consumer.
The request and subsequent response connections are defined in some way
that is understandable to both the service consumer and service provider.
A service provider can also be a service consumer.
Web Services Description Language
The Web Services Description Language (WSDL) forms the basis for
Web Services. The steps involved in providing and consuming a
A service provider describes its service using WSDL. This definition is
published to a directory of services. The directory could use Universal
Description, Discovery, and Integration (UDDI). Other forms of
directories can also be used.
A service consumer issues one or more queries to the directory to locate
a service and determine how to communicate with that service.
Part of the WSDL provided by the service provider is passed to the
service consumer. This tells the service consumer what the requests
and responses are for the service provider.
The service consumer uses the WSDL to send a request to the service
The service provider provides the expected response to the service
The UDDI registry is intended to eventually serve as a means
of "discovering" Web Services described using WSDL .
The idea is that the UDDI registry can be searched in various
ways to obtain contact information and the Web Services
available for various organizations.
UDDI registry is a way to keep up-to-date on the Web Services
your organization currently uses
Alternative to UDDI is ebXML Directory
All the messages are sent using SOAP. (SOAP at one time
stood for Simple Object Access Protocol; Now, the letters in
the acronym have no particular meaning .)
SOAP essentially provides the envelope for sending the Web
SOAP generally uses HTTP , but other means of connection
may be used.
HTTP is the familiar connection we all use for the Internet.
It is the pervasiveness of HTTP connections that will help
drive the adoption of Web Services.
WDSL with XML
WSDL uses XML to define messages.
XML has a tagged message format.
Both the service provider and service consumer use these
In fact, the service provider could send the data in any order.
The service consumer uses the tags and not the order of the
data to get the data values.
Security and authorization specifications include:
- eXtensible Access Control Markup Language (XACML)
- eXtensible Rights Markup Language (XrML)
- Security Assertion Markup Language (SAML)
- Service Protection Markup Language (SPML)
- Web Services Security (WSS)
- XML Common Biometric Format (XCBF)
- XML Key Management Specification (XKMS)
- Specialized XML firewalls offer the promise of protecting
internal systems when using Web Services.
Traditional firewalls offer protection at the packet level
and do not examine the contents of messages.
XML firewalls, on the other hand, examine the contents of
messages. This includes the SOAP headers and the XML
They are designed to permit authorized content to pass
through the firewall.
Security: Examples XACML, SAML, WSS
XACML (OASIS Spec)
- eXtensible Access Control Markup Language (XACML) provides
fine grained control of authorized activities, the effect of
characteristics of the access requestor, the protocol over which
the request is made, authorization based on classes of activities,
and content introspection.
SAML (OASIS Spec)
- It is an XML framework for exchanging authentication and
authorization information. It is used with WSS
WSS (OASIS Spec)
- It describes enhancements to SOAP messaging in order to
provide quality of protection through message integrity, and
single message authentication. These mechanisms can be used
to accommodate a wide variety of security models and
Organization for the Advancement of Structured Information
OASIS is a not-for-profit, global consortium that drives the
development, convergence, and adoption of e-business standards.
Members themselves set the OASIS technical agenda, using a
lightweight, open process expressly designed to promote industry
consensus and unite disparate efforts.
OASIS produces worldwide standards for security, Web Services,
XML conformance, business transactions, electronic publishing,
topic maps, and interoperability within and between marketplaces.
OASIS also hosts XML.org, which provides information about the
application of XML, and The Cover Pages which is a reference
collection supporting the SGML/XML family of markup language
standards and their application.
Federated identity allows users to link identity information
between accounts without centrally storing personal
Also, users can control when and how their accounts and
attributes are linked and shared between domains and
Service Providers, allowing for greater control over their
In practice, this means that users can be authenticated by one
company or Web site and be recognized and delivered
personalized content and services in other locations without
having to re-authenticate or sign on with a separate username
Standards include Identity Web Services Framework (I-WSF)