Title: Security in Semantic Web Services : Role of Security , Authorization , Privacy and Trust in Semantic
1Security in Semantic Web Services Role of
Security , Authorization , Privacy and Trust in
Semantic Web
OASIS Adoption Forum London 2006
2Agenda
- Semantic Web Services
- Concept and technologies
- Role of Semantic Web Services and current
position of it - Describing the Security Dimensions in the context
of Semantic Web Services - Defining and Describing an adoption model for
standards defined in practice
3Semantic Web Services
- Intelligent Distributed Systems
- Syntactic Vs. Semantic Web Services
- Impact of lack of semantics
- Lack of machine readability prevents their usage
in Complex Business Contexts - Adding rich formal description of Capabilities to
Web services, solves this problem allowing them
to be consumed and utilized by businesses without
human intervention(main goal of bringing
semantics to context of web services) - Semantic Web Services (SWS) eliminates this
obstacle by adding Web services ,rich formal
descriptions of their capabilities, facilitating
automated composition, discovery, dynamic
binding, and invocation of services within an
open environment - Requirememt and Prequisite
- Emergence and evolution of
- A semantic execution environment
- (A real practical presentation of Semantic Web
Vision)
4Activities
Service Ontology
Pre-condition
Selection
output
Ontology Management
input
Deployment
Cost
Discovery
Atomic Service
Invocation
Post-condition
Composition
Composite Service
SWS
Publishing
Category
Register
Matchmaker
Invoker
Reasoner
Decomposer
Architecture
5Agenda
- Semantic Web Services
- Concept and technologies
- Role of Semantic Web Services and current
position of it - Describing the Security Dimensions in the context
of Semantic Web Services - Defining and Describing an adoption model for
standards defined in practice
6The main and Original Motivation
- Enhance interoperability between heterogeneous
information systems - Two majors areas of application
- Enterprise Application Integration (EAI)
- Connecting separated systems quickly and at low
costs - Business to Business (B2B) Integration,
- Reducing costs and Enhancing flexibility of
cooperation. - Efficiency (Cost and Time)
- Human interaction between UDDI and web services ,
lookup time - Semantics can save time and cost
- Simple maintenance
- Promising
7Semantics driven solutionsFinal Destination,or
Next Step?
- Semantic Business Services
- Making business web based
- Bringing the Web services and Semantic Web
Services to the next level , to Semantic Business
Services or Semantic e-Services - Still a big challenge
- Large Scale Integration that consumes and
utilizes multiple web services - Bringing the businesses to their full potential
- Semantically enriching is a solution toward
appropriate large scale integration
8Current frameworks for Semantic Web Services and
their orientations
- Three Main frameworks for SWS
- IRS-III (The Internet Reasoning Service)
- Knowledge Based
- OWL-S (OWL-based Web Service Ontology)
- Agent oriented
- WSMF (Web Services Modelling framework)
- Business oriented
- Focusing on a set of ecommerce/ebusiness
requirements for Web Services including - trust and security.
9Current progress Focus on WSMX
- WSMX (Web Services execution environment)
- Reference implementation of WSMO.
- An execution environment for business application
integration, where enhanced web services are
integrated for various business applications - increase business processes automation in a very
flexible manner while providing scalable
integration solution
10OASIS and Semantic works
- SEE
- ( Semantic Execution Environment ) technical
committee - Guidelines, Justifications and Implementation
directions for an execution environment for
Semantic Web services (proposed WSMX). - SEE is Engineering a standardized
globally-recognized architecture of an
intelligent distributed system, where
semantically-enriched components can be plugged
in and executed according to dynamic execution
semantics. - A committee focusing on practical ebusiness
applications of SWS
11OASIS and Semantic worksProgress and
deliverables
- A brief intro to their past and ongoing work
- Infrastractural work for SWS Justifications,guide
lines and also implementations for
semantically-enriched SOA and SWS applications - eHealth,
- eBanking,
- eGovernment services,
- GIS ( Geographical Information Systems )
12Agenda
- Semantic Web Services
- Concept and technologies
- Role of Semantic Web Services and current
position of it - Describing the Security Dimensions in the context
of Semantic Web Services - Defining and Describing an adoption model for
standards defined in practice
13SWS security requirementsSecurity,Privacy and
Trust
- Requirements are arising from three kinds of
policies - Security policies
- Privacy policies
- Trust-based policies
- Functional
- Semantically described security policies.
- Semantically described privacy policies.
- Respecting individual client requirements.
- Architectural
- Protocols for publication and description of
service security policies and authentication
requirements. - Semantic policy evaluation mechanisms.
- Semantically controlled policy enforcement.
- Trust-based authentication and authorization.
- Communication and logging of security evaluation
results
14Role of OASIS in SWS Security
- Fact1OASIS Security works have the following
properties - Modularity easier to implement as building
block in a solution - Composability easier solution engineering and
maintenance - Fact2 OASIS has the history of converging many
industry leading standards - Fact3 OASIS is a globally recognized the
scenarios and usecases library - Fact4 ongoing work for semantics and security
driven efforts is undergoing within OASIS - Conclusion
- OASIS is where all efforts from different
directions should and will merge and makeup
tommorows Industry recognized standards and
guidelines for any semantically driven service
oriented architecture
15Solution Semantic Policy Framework
- semantically-rich policy representations
- Human error reduction,
- Simplification of policy analysis,
- policy conflicts reduction,
- Interoperability facilitation
- The adoption of a policy grounded-approach for
controlling a system requires an appropriate
policy representation and the design and
development of a policy management framework,
realizing the need for a Semantic Policy
Framework - Policies will be increasingly important to the
real world implementation of Semantic Web
Services - Policy ontology is an enabler for Semantic policy
framework
16adoption of policy Ontologies pros
- Ontology simplifies the task of governing the
behavior of complex ,Increasingly dynamic, multi
-disciplinary business environments . - Adaptation with several kinds of business and
workflow contexts - High-level management requirements
- Simplification in many aspects of policy
engineering such as policy description, analysis
and access
17adoption of policy Ontologies cons
- the adoption of Ontologies for policy
specification requires addressing some technical
difficulties in presentation and implementation - Semantic web languages used for ontology
representation still present a complex
description making the code very difficult to
read - The gap between the specification and the
implementation of policies cannot be completely
overcome in an automated manner.
18Agenda
- Semantic Web Services
- Concept and technologies
- Role of Semantic Web Services and current
position of it - Describing the Security Dimensions in the context
of Semantic Web Services - Defining and Describing an adoption model for
standards defined in practice
19Semantic Web Services
OASIS Web Services Works
OASIS Security Standards
OASIS Semantics Effort
Semantic Execution Environment
eGovernments,Businesses,Citizens
20Semantic Execution Environment
Trust Warehouse
Distributed Trust (Web of Trust)
Distributed Registry (UDDI / ebXML RR)
Trust Negotiation
Domain Ontology
Trust Negotiator
Policy Ontology
Service Discovery
Authorization Manager
Service Requester
Distibuted Ontology Repository
Semantic Web Service
Service sends requesters authorization info to
requester
Requesters Authorization information
Service Invocation
Semantic Requirements
21Remaining issuespolicy framework obstacles
- Approaches toward a common global semantic policy
framework have generated divergent solutions - best suited for particular ranges of applications
- discourage a common approach for all situations
- it is still not clear why a common approach
should succeed for policy specification,presentati
on and deployment. - Clearly stating the need for standardization and
convergence efforts
22Remaining issues semantic efforts
- Immaturity of the most important of dimensions of
SWS - Immaturity of essential standards supporting
semantic web and semantic web services - The importance and efficiency of
Semantical-enrichment has not yet realized by
many industries and businesses - Most important, semantic efforts are progressing
and are shaping but still semantic web services
security research and development needs more
attention and investment from academia and
industry .
23Role of OASIS Creating the Concrete for the
road construction
- Standardization of a common service execution
environment, sets a great starting point for the
implementation, deployment and most important
,convergence of ongoing, existing and future
semantic works. - Liaisons with related standardizations and
industrial consortia - Clearly, the time to forge a common framework
based on Semantic interoperability standards and
e-Business web services standards is now.
Patrick Gannon, CEO and President, OASIS Book
foreword
24QA
- Question and answer
- Frågar och svara
- question et réponse
- ????? ????
- ?????
25Thanks!
- Thank you for participating
26Contact Details
- Nima Dokoohaki
- Solution Architect
- M.Sc in Software Engineering of
- Distributed Systems
- Stockholm
- Sweden
- Mobile46762697630
- Emailnimadokoohaki_at_gmail.com
- Skypenimakth
27Resources
- Intelligent Web Services (Alun Preece, Stefan
Decker),IEEE - http//www.csd.abdn.ac.uk/apreece/research/downlo
ad/ieeeis2002.pdf - Approaches to Semantic Web ServicesAn Overiew
and Comparisons, Cabral et al. - http//kmi.open.ac.uk/projects/irs/cabralESWS04.pd
f - Semantic Web Services, Processes and Applications
,Jorge Cardoso, Amit Sheth - http//dme.uma.pt/jcardoso/Books/Semantic-Web-Serv
ices-Processes-and-Applications/index.php?file19 - Semantic Driven Solutions
- http//www.plirosoft.ethz.ch/services/BySubject/se
mdatamining/index_EN
v
28Resources
- OASIS SEE TC online resources
- http//www.oasis-open.org/committees/tc_home.php?w
g_abbrevsemantic-ex - The web services modelling framework.
Fensel,Bussler - http//www.swsi.org/resources/wsmf-paper.pdf
- Semantic Web Services Architecture
RequirementsVersion 1.0 (1 June 2004) - http//www.daml.org/services/swsa/swsa-requirement
s.html - Semantic Policy-based Security Framework for
Business Processes,Huang - http//www.csee.umbc.edu/swpw/papers/huang.pdf
- Semantic Descriptions ofWeb Services Security
Constraints,Huang - http//iaks-www.ira.uka.de/iaks-calmet/papers/huan
g06-2.pdf
29Resources
- Integration of KAoS Policy Services with Semantic
Web Services,Uszok et al. - http//iswc2004.semanticweb.org/demos/08/paper.pdf
- KAoS Policy Management for Semantic Web
Services,Uszok et al http//www.aiai.ed.ac.uk/proj
ect/ix/documents/2004/2004-ieee-is-uszok-kaos.pdf - Expressing Semantic web services authorization.
patterson,miller - http//lsdis.cs.uga.edu/rsp/Expressing20Authori
zation20for20Semantic20Discovery20of20Web20S
ervices.ppt - OASIS and Web Services Standards, Patrick Gannon
- http//www.daml.org/services/swsa/working/oasis-s
emantic-ws-briefing-040817-JBC.ppt - Semantic Web Languages for Policy Representation
- and Reasoning A Comparison of KAoS, Rei, and
Ponder - http//www.ihmc.us/research/projects/KAoS/FinalIH
MC_DEIS.pdf
30Resources
- Integration of KAoS Policy Services with Semantic
Web Services,Uszok et al. - http//iswc2004.semanticweb.org/demos/08/paper.pdf
- KAoS Policy Management for Semantic Web
Services,Uszok et al http//www.aiai.ed.ac.uk/proj
ect/ix/documents/2004/2004-ieee-is-uszok-kaos.pdf - Expressing Semantic web services authorization.
patterson,miller - http//lsdis.cs.uga.edu/rsp/Expressing20Authori
zation20for20Semantic20Discovery20of20Web20S
ervices.ppt - OASIS and Web Services Standards, Patrick Gannon
- http//www.daml.org/services/swsa/working/oasis-s
emantic-ws-briefing-040817-JBC.ppt - Semantic Web Languages for Policy Representation
- and Reasoning A Comparison of KAoS, Rei, and
Ponder - http//www.ihmc.us/research/projects/KAoS/FinalIH
MC_DEIS.pdf