Security in Semantic Web Services : Role of Security , Authorization , Privacy and Trust in Semantic

1
Security in Semantic Web Services Role of
Security , Authorization , Privacy and Trust in
Semantic Web

• Nima Dokoohaki

OASIS Adoption Forum London 2006
2
Agenda

• Semantic Web Services
• Concept and technologies
• Role of Semantic Web Services and current
  position of it
• Describing the Security Dimensions in the context
  of Semantic Web Services
• Defining and Describing an adoption model for
  standards defined in practice

3
Semantic Web Services

• Intelligent Distributed Systems
• Syntactic Vs. Semantic Web Services
• Impact of lack of semantics
• Lack of machine readability prevents their usage
  in Complex Business Contexts
• Adding rich formal description of Capabilities to
  Web services, solves this problem allowing them
  to be consumed and utilized by businesses without
  human intervention(main goal of bringing
  semantics to context of web services)
• Semantic Web Services (SWS) eliminates this
  obstacle by adding Web services ,rich formal
  descriptions of their capabilities, facilitating
  automated composition, discovery, dynamic
  binding, and invocation of services within an
  open environment
• Requirememt and Prequisite
• Emergence and evolution of
• A semantic execution environment
• (A real practical presentation of Semantic Web
  Vision)

4
Activities
Service Ontology
Pre-condition
Selection
output
Ontology Management
input
Deployment
Cost
Discovery
Atomic Service
Invocation
Post-condition
Composition
Composite Service
SWS
Publishing
Category
Register
Matchmaker
Invoker
Reasoner
Decomposer
Architecture
5
Agenda

• Semantic Web Services
• Concept and technologies
• Role of Semantic Web Services and current
  position of it
• Describing the Security Dimensions in the context
  of Semantic Web Services
• Defining and Describing an adoption model for
  standards defined in practice

6
The main and Original Motivation

• Enhance interoperability between heterogeneous
  information systems
• Two majors areas of application
• Enterprise Application Integration (EAI)
• Connecting separated systems quickly and at low
  costs
• Business to Business (B2B) Integration,
• Reducing costs and Enhancing flexibility of
  cooperation.
• Efficiency (Cost and Time)
• Human interaction between UDDI and web services ,
  lookup time
• Semantics can save time and cost
• Simple maintenance
• Promising

7
Semantics driven solutionsFinal Destination,or
Next Step?

• Semantic Business Services
• Making business web based
• Bringing the Web services and Semantic Web
  Services to the next level , to Semantic Business
  Services or Semantic e-Services
• Still a big challenge
• Large Scale Integration that consumes and
  utilizes multiple web services
• Bringing the businesses to their full potential
• Semantically enriching is a solution toward
  appropriate large scale integration

8
Current frameworks for Semantic Web Services and
their orientations

• Three Main frameworks for SWS
• IRS-III (The Internet Reasoning Service)
• Knowledge Based
• OWL-S (OWL-based Web Service Ontology)
• Agent oriented
• WSMF (Web Services Modelling framework)
• Business oriented
• Focusing on a set of ecommerce/ebusiness
  requirements for Web Services including
• trust and security.

9
Current progress Focus on WSMX

• WSMX (Web Services execution environment)
• Reference implementation of WSMO.
• An execution environment for business application
  integration, where enhanced web services are
  integrated for various business applications
• increase business processes automation in a very
  flexible manner while providing scalable
  integration solution

10
OASIS and Semantic works

• SEE
• ( Semantic Execution Environment ) technical
  committee
• Guidelines, Justifications and Implementation
  directions for an execution environment for
  Semantic Web services (proposed WSMX).
• SEE is Engineering a standardized
  globally-recognized architecture of an
  intelligent distributed system, where
  semantically-enriched components can be plugged
  in and executed according to dynamic execution
  semantics.
• A committee focusing on practical ebusiness
  applications of SWS

11
OASIS and Semantic worksProgress and
deliverables

• A brief intro to their past and ongoing work
• Infrastractural work for SWS Justifications,guide
  lines and also implementations for
  semantically-enriched SOA and SWS applications
• eHealth,
• eBanking,
• eGovernment services,
• GIS ( Geographical Information Systems )

12
Agenda

• Semantic Web Services
• Concept and technologies
• Role of Semantic Web Services and current
  position of it
• Describing the Security Dimensions in the context
  of Semantic Web Services
• Defining and Describing an adoption model for
  standards defined in practice

13
SWS security requirementsSecurity,Privacy and
Trust

• Requirements are arising from three kinds of
  policies
• Security policies
• Privacy policies
• Trust-based policies
• Functional
• Semantically described security policies.
• Semantically described privacy policies.
• Respecting individual client requirements.
• Architectural
• Protocols for publication and description of
  service security policies and authentication
  requirements.
• Semantic policy evaluation mechanisms.
• Semantically controlled policy enforcement.
• Trust-based authentication and authorization.
• Communication and logging of security evaluation
  results

14
Role of OASIS in SWS Security

• Fact1OASIS Security works have the following
  properties
• Modularity easier to implement as building
  block in a solution
• Composability easier solution engineering and
  maintenance
• Fact2 OASIS has the history of converging many
  industry leading standards
• Fact3 OASIS is a globally recognized the
  scenarios and usecases library
• Fact4 ongoing work for semantics and security
  driven efforts is undergoing within OASIS
• Conclusion
• OASIS is where all efforts from different
  directions should and will merge and makeup
  tommorows Industry recognized standards and
  guidelines for any semantically driven service
  oriented architecture

15
Solution Semantic Policy Framework

• semantically-rich policy representations
• Human error reduction,
• Simplification of policy analysis,
• policy conflicts reduction,
• Interoperability facilitation
• The adoption of a policy grounded-approach for
  controlling a system requires an appropriate
  policy representation and the design and
  development of a policy management framework,
  realizing the need for a Semantic Policy
  Framework
• Policies will be increasingly important to the
  real world implementation of Semantic Web
  Services
• Policy ontology is an enabler for Semantic policy
  framework

16
adoption of policy Ontologies pros

• Ontology simplifies the task of governing the
  behavior of complex ,Increasingly dynamic, multi
  -disciplinary business environments .
• Adaptation with several kinds of business and
  workflow contexts
• High-level management requirements
• Simplification in many aspects of policy
  engineering such as policy description, analysis
  and access

17
adoption of policy Ontologies cons

• the adoption of Ontologies for policy
  specification requires addressing some technical
  difficulties in presentation and implementation
• Semantic web languages used for ontology
  representation still present a complex
  description making the code very difficult to
  read
• The gap between the specification and the
  implementation of policies cannot be completely
  overcome in an automated manner.

18
Agenda

• Semantic Web Services
• Concept and technologies
• Role of Semantic Web Services and current
  position of it
• Describing the Security Dimensions in the context
  of Semantic Web Services
• Defining and Describing an adoption model for
  standards defined in practice

19
Semantic Web Services
OASIS Web Services Works
OASIS Security Standards
OASIS Semantics Effort
Semantic Execution Environment
eGovernments,Businesses,Citizens
20
Semantic Execution Environment
Trust Warehouse
Distributed Trust (Web of Trust)
Distributed Registry (UDDI / ebXML RR)
Trust Negotiation
Domain Ontology
Trust Negotiator
Policy Ontology
Service Discovery
Authorization Manager
Service Requester
Distibuted Ontology Repository
Semantic Web Service
Service sends requesters authorization info to
requester
Requesters Authorization information
Service Invocation
Semantic Requirements
21
Remaining issuespolicy framework obstacles

• Approaches toward a common global semantic policy
  framework have generated divergent solutions
• best suited for particular ranges of applications
• discourage a common approach for all situations
• it is still not clear why a common approach
  should succeed for policy specification,presentati
  on and deployment.
• Clearly stating the need for standardization and
  convergence efforts

22
Remaining issues semantic efforts

• Immaturity of the most important of dimensions of
  SWS
• Immaturity of essential standards supporting
  semantic web and semantic web services
• The importance and efficiency of
  Semantical-enrichment has not yet realized by
  many industries and businesses
• Most important, semantic efforts are progressing
  and are shaping but still semantic web services
  security research and development needs more
  attention and investment from academia and
  industry .

23
Role of OASIS Creating the Concrete for the
road construction

• Standardization of a common service execution
  environment, sets a great starting point for the
  implementation, deployment and most important
  ,convergence of ongoing, existing and future
  semantic works.
• Liaisons with related standardizations and
  industrial consortia
• Clearly, the time to forge a common framework
  based on Semantic interoperability standards and
  e-Business web services standards is now.

Patrick Gannon, CEO and President, OASIS Book
foreword
24
QA

• Question and answer
• Frågar och svara
• question et réponse
• ????? ????
• ?????

25
Thanks!

• Thank you for participating

26
Contact Details

• Nima Dokoohaki
• Solution Architect
• M.Sc in Software Engineering of
• Distributed Systems
• Stockholm
• Sweden
• Mobile46762697630
• Emailnimadokoohaki_at_gmail.com
• Skypenimakth

27
Resources

• Intelligent Web Services (Alun Preece, Stefan
  Decker),IEEE
• http//www.csd.abdn.ac.uk/apreece/research/downlo
  ad/ieeeis2002.pdf
• Approaches to Semantic Web ServicesAn Overiew
  and Comparisons, Cabral et al.
• http//kmi.open.ac.uk/projects/irs/cabralESWS04.pd
  f
• Semantic Web Services, Processes and Applications
  ,Jorge Cardoso, Amit Sheth
• http//dme.uma.pt/jcardoso/Books/Semantic-Web-Serv
  ices-Processes-and-Applications/index.php?file19
• Semantic Driven Solutions
• http//www.plirosoft.ethz.ch/services/BySubject/se
  mdatamining/index_EN

v
28
Resources

• OASIS SEE TC online resources
• http//www.oasis-open.org/committees/tc_home.php?w
  g_abbrevsemantic-ex
• The web services modelling framework.
  Fensel,Bussler
• http//www.swsi.org/resources/wsmf-paper.pdf
• Semantic Web Services Architecture
  RequirementsVersion 1.0 (1 June 2004)
• http//www.daml.org/services/swsa/swsa-requirement
  s.html
• Semantic Policy-based Security Framework for
  Business Processes,Huang
• http//www.csee.umbc.edu/swpw/papers/huang.pdf
• Semantic Descriptions ofWeb Services Security
  Constraints,Huang
• http//iaks-www.ira.uka.de/iaks-calmet/papers/huan
  g06-2.pdf

29
Resources

• Integration of KAoS Policy Services with Semantic
  Web Services,Uszok et al.
• http//iswc2004.semanticweb.org/demos/08/paper.pdf
  
• KAoS Policy Management for Semantic Web
  Services,Uszok et al http//www.aiai.ed.ac.uk/proj
  ect/ix/documents/2004/2004-ieee-is-uszok-kaos.pdf
• Expressing Semantic web services authorization.
  patterson,miller
• http//lsdis.cs.uga.edu/rsp/Expressing20Authori
  zation20for20Semantic20Discovery20of20Web20S
  ervices.ppt
• OASIS and Web Services Standards, Patrick Gannon
• http//www.daml.org/services/swsa/working/oasis-s
  emantic-ws-briefing-040817-JBC.ppt
• Semantic Web Languages for Policy Representation
• and Reasoning A Comparison of KAoS, Rei, and
  Ponder
• http//www.ihmc.us/research/projects/KAoS/FinalIH
  MC_DEIS.pdf

30
Resources

• Integration of KAoS Policy Services with Semantic
  Web Services,Uszok et al.
• http//iswc2004.semanticweb.org/demos/08/paper.pdf
  
• KAoS Policy Management for Semantic Web
  Services,Uszok et al http//www.aiai.ed.ac.uk/proj
  ect/ix/documents/2004/2004-ieee-is-uszok-kaos.pdf
• Expressing Semantic web services authorization.
  patterson,miller
• http//lsdis.cs.uga.edu/rsp/Expressing20Authori
  zation20for20Semantic20Discovery20of20Web20S
  ervices.ppt
• OASIS and Web Services Standards, Patrick Gannon
• http//www.daml.org/services/swsa/working/oasis-s
  emantic-ws-briefing-040817-JBC.ppt
• Semantic Web Languages for Policy Representation
• and Reasoning A Comparison of KAoS, Rei, and
  Ponder
• http//www.ihmc.us/research/projects/KAoS/FinalIH
  MC_DEIS.pdf