Lecture23 - The University of Texas at Dallas

Download Report

Transcript Lecture23 - The University of Texas at Dallas 

Building Trustworthy Semantic
Webs
Dr. Bhavani Thuraisingham
The University of Texas at Dallas
Semantic web technologies for secure interoperability
and digital libraries
March 2010
Outline
 Secure Digital libraries and semantic web
 Secure heterogeneous/federated data management and
semantic web
 Secure web portals
Secure Web data/information management
 Secure data models
- Secure XML, RDF, - - - - Relational, object-oriented, text, images, video, etc.
 Secure data management functions
- Secure query, transactions, storage, metadata
 Key components for secure digital libraries and
information retrieval/browsing
Secure Web Database Functions
Secure Query Processing
Secure Transaction Management
Secure Storage Management
Secure Web Data
Security and Integrity
Secure Metadata Management
Management
Secure Data Warehousing
Secure Interoperability
Secure Web Mining
Secure Query Management: Language Issues
 Query language to access the databases
- SQL extensions are being examined
- XML-based query languages combined with SQL are
emerging
Example: XML-QL
- Querying RDF Data
 XML extensions for Multimedia databases such as SMIL
(Synchronized Multimedia Interface Language)
-
 Mappings between multiple languages
 Web rules and query languages developed by W3C
 Security should be incorporated into all aspects
Security/Integrity Management
 Support for flexible security policies
 Negotiations between different database administrators
 Authorization and access control models such as role-
based access control
 Identification and authentication
 Privacy Control
 Copyright protection / Plagiarism
 Maintaining the quality of the data coming from foreign
sources
 Represent data and policies in XML, RDF, OWL and
reason to determine quality and ensure security
Secure Digital Libraries
 Digital libraries are e-libraries
- Several communities have developed digital libraries

Medical, Social, Library of Congress
 Components technologies
- Web data management, Multimedia, information retrieval,
indexing, browsing, -- -  Security has to be incorporated into all aspects
- Secure models for digital libraries, secure functions
Secure Information Retrieval
Secure Query
Processor
Secure
Metadata
Manager
Secure Update
Processor
Secure Browser/
Editor
Secure
Storage
Manager
Security/
Integrity
Manager
Secure Browsing
 Browser augments a multimedia system to develop a hypermedia
system
 Search space consist of nodes and links with different access
control rules and/or classification levels
 May be represented as RDF Graphs
 Can a user traverse a link or access the contents of a node?
- What authorization does he/she have?
Interoperability of Heterogeneous Database
Systems
Database System A
Database System B
(Relational)
(ObjectOriented)
Network
Transparent access
to heterogeneous
databases both users
and application
programs;
Query, Transaction
processing
Database System C
(Legacy)
Technical Issues on the Interoperability of
Heterogeneous Database Systems
 Heterogeneity with respect to data models, schema, query
processing, query languages, transaction management,
semantics, integrity, and security policies
 Federated database management
- Collection of cooperating, autonomous, and possibly
heterogeneous component database systems, each
belonging to one or more federations
 Interoperability based on client-server architectures
Federated Database Management
Database System A
Database System B
Federation
F1
Cooperating database
systems yet maintaining
some degree of
autonomy
Federation
F2
Database System C
Schema Integration and Transformation in a
Federated Environment
External
Schema 1.1
External
Schema 2.1
External
Schema 1.2
Federated Schema
for FDS - 2
Federated Schema
for FDS - 1
Export Schema
for Component A
Generic Schema
for Component A
Component Schema
for Component A
External
Schema 2.2
Export Schema I
for Component B
Export Schema II
for Component B
Export Schema
for Component C
Generic Schema
for Component B
Generic Schema
for Component C
Component Schema
for Component B
Component Schema
for Component C
Adapted from Sheth and Larson, ACM Computing Surveys, September 1990
Transforming Secure Data Models
EMP: Level = Secret
SS# Ename
Salary
D#
1
John
20K
10
2
Paul
30K
20
3
Mary
40K
20
Class EMP is Secret
It has 3 instances:
John, Paul and Mary
Class DEPT is Unclassified
DEPT
Mgr
Level
It has 2 instances Math and Physics
D#
Dname
10
Math
Smith
U
Math is Unclassified
20
Physics
Jones
C
Physics is Confidential
Secure Schema Integration
Security must be maintained during transformations
Layer 5
Layer 4
Layer 3
Layer 2
Layer 1
External schemas: Schemas
for the various classes of users
Federated schemas: integrate export schemas
of the components of the federation
Export schemas for the components:
e.g., export schemas for components A, B, and C
(note: component may export different schemas
to different federations)
Generic schemas for the components:
e.g., generic schemas for components A, B, and C
Secure Schemas at the Component
level: e.g., Component schemas
for components A, B, and C
Security Policy Integration
Layer 5
Layer 4
Layer 3
Layer 2
Layer 1
External policies: Policies
for the various classes of users
Federated policies: integrate export policies
of the components of the federation
Export policies for the components:
e.g., export policies for components A, B, and C
(note: component may export different policies
to different federations)
Generic policies for the components:
e.g., generic policies for components A, B, and C
Policies at the Component
level: e.g., Component policies
for components A, B, and C
Federated Data and Policy Management
Data/Policy for Federation
Export
Data/Policy
Export
Data/Policy
Export
Data/Policy
Component
Data/Policy for
Agency A
Component
Data/Policy for
Agency C
Component
Data/Policy for
Agency B
Inference Control
Federated Inference Controller
Federated Data Management
Export
Engine
Export
Engine
Export
Engine
Inference
Controller
Component
Data System
for Agency A
Inference
Controller
Inference
Controller
Component
Data System
For Agency C
Component
Data System
for Agency B
Applications of Semantic Web Technologies
 Specify generic policies and schema in RDF, OWL
 Integrate the generic policies and schemas for federated
policies and schemas
 Apply reasoning strategies for RDF and OWL for inference
control in distributed environments
What are web portals?
 A portal, or enterprise information portal (EIP), is a Web site
that integrates an organization's knowledge base and all
related applications into a single user-customizable
environment.
 This environment acts as a one-stop shop, or "gateway," for
users' information and system needs.
 An organization's entire content database; search facilities;
collaboration tools; individual department, workgroup, and
project-specific intranets; online applications; and security
mechanisms fused into one cohesive environment that's
accessible from a single starting point.
 Enterprise information portals gives large amounts of
disparate content and applications unity and continuity.
 EIP differs from say a well-developed content managed
intranet with respect to “personalization”.
Personalization
 EIP differs from say a well-developed content managed
intranet with respect to “personalization”. EIPs allow users to
customize their portal environment to deliver only the content
they're interested in.
 This means every user who logs onto the portal will have a
different view of the system and its content. For example, a
Human Resources Manager will not need to see revisions of
some engineering drawing but would like to receive news on
the latest salary compensation trends.
 My Yahoo! and MSN are good examples of Internet portals.
 EIPs are developed specifically to work within business
environments, often integrating standard corporate
collaboration tools e-mail, shared calendars, discussion
forums, and online meetings into the suite .
Virtual Workspaces
 Portals are important for knowledge sharing and virtual
workspaces
 Firms are increasingly leveraging their globally distributed
knowledge resources through deployment of distributed teams.
 Since face-to-face meetings are increasingly less common among
distributed teams, team members are more frequently sharing their
knowledge through the use of “virtual workspaces”
 Virtual workspaces are an integrated set of tools that offer a variety
of communication support capabilities including a common team
repository organized for easy search and retrieval, application
sharing, electronic whiteboards and group discussion forums
 Security and privacy policies determine what information is shared
and with whom
Semantic Web Applications for Web Portals
 Web portals and Mashups – Web 2.0 and beyond
 Utilizes semantic web technologies for information
representation and reasoning
 RDF and OWL technologies ate being used
 Security investigation for web portals and Mashups is
relatively new
 Need to develop appropriate policies, represent them using
semantic web technologies