Security in Semantic Web Services

Slide 1: Security in Semantic Web Services : Role of Security , Authorization , Privacy and Trust in Semantic Web Nima Dokoohaki OASIS Adoption Forum London 2006

Slide 2: Agenda • Semantic Web Services; Concept and technologies • Role of Semantic Web Services and current position of it • Describing the Security Dimensions in the context of Semantic Web Services • Defining and Describing an adoption model for standards defined in practice

Slide 3: Semantic Web Services • Intelligent Distributed Systems • Syntactic Vs. Semantic Web Services • Impact of lack of semantics; – Lack of machine readability prevents their usage in Complex Business Contexts • Adding rich formal description of Capabilities to Web services, solves this problem allowing them to be consumed and utilized by businesses without human intervention(main goal of bringing semantics to context of web services) • Semantic Web Services (SWS) eliminates this obstacle by adding Web services ,rich formal descriptions of their capabilities, facilitating automated composition, discovery, dynamic binding, and invocation of services within an open environment • Requirememt and Prequisite ; – Emergence and evolution of A semantic execution environment (A real practical presentation of Semantic Web Vision)

Slide 4: Activitie Service Ontology s Pre-condition Selection output Ontology input Deployment Management Cost Discovery Invocation Atomic Service Post-condition Composition SWS Composite Service Publishing Category Register Matchmaker Invoker Decomposer Reasoner Architecture

Slide 6: The main and Original Motivation • Enhance interoperability between heterogeneous information systems • Two majors areas of application: – Enterprise Application Integration (EAI) Connecting separated systems quickly and at low costs; – Business to Business (B2B) Integration, Integration Reducing costs and Enhancing flexibility of cooperation. • Efficiency (Cost and Time) – Human interaction between UDDI and web services , lookup time ; ”Semantics can save time and cost” • Simple maintenance • Promising

Slide 7: Semantics driven solutions; Final Destination,or Next Step? • Semantic Business Services – Making business web based • Bringing the Web services and Semantic Web Services to the next level , to Semantic Business Services or Semantic e- Services • Still a big challenge : – Large Scale Integration that consumes and utilizes multiple web services – Bringing the businesses to their full potential • Semantically enriching is a solution toward appropriate large scale integration

Slide 8: Current frameworks for Semantic Web Services and their orientations • Three Main frameworks for SWS: • IRS-III (The Internet Reasoning Service); • Knowledge Based • OWL-S (OWL-based Web Service Ontology) ; • Agent oriented • WSMF (Web Services Modelling framework) ; • Business oriented • Focusing on a set of ecommerce/ebusiness requirements for Web Services including ”trust and security”.

Slide 9: Current progress; Focus on WSMX • WSMX (Web Services execution environment): – Reference implementation of WSMO. • An execution environment for business application integration, where enhanced web services are integrated for various business applications: – increase business processes automation in a very flexible manner while providing scalable integration solution

Slide 10: OASIS and Semantic works • SEE ( Semantic Execution Environment ) technical committee – Guidelines, Justifications and Implementation directions for an execution environment for Semantic Web services (proposed WSMX). WSMX – SEE is Engineering a standardized globally-recognized architecture of an intelligent distributed system, where semantically-enriched components can be plugged in and executed according to dynamic execution semantics. • A committee focusing on practical ebusiness applications of SWS

Slide 11: OASIS and Semantic works: Progress and deliverables • A brief intro to their past and ongoing work: – Infrastractural work for SWS; Justifications,guidelines and also implementations for semantically-enriched SOA and SWS applications ; • eHealth, • eBanking, • eGovernment services, • GIS ( Geographical Information Systems )

Slide 13: SWS security requirements: Security,Privacy and Trust • Requirements are arising from three kinds of policies : – Security policies – Privacy policies – Trust-based policies • Functional: – Semantically described security policies. – Semantically described privacy policies. – Respecting individual client requirements. • Architectural: – Protocols for publication and description of service security policies and authentication requirements. – Semantic policy evaluation mechanisms. – Semantically controlled policy enforcement. – Trust-based authentication and authorization. – Communication and logging of security evaluation results

Slide 14: Role of OASIS in SWS Security • Fact1:OASIS Security works have the following properties: – Modularity : easier to implement as building block in a solution – Composability : easier solution engineering and maintenance • Fact2: OASIS has the history of converging many industry leading standards • Fact3: OASIS is a globally recognized the scenarios and usecases library • Fact4: ongoing work for semantics and security driven efforts is undergoing within OASIS • Conclusion: OASIS is where all efforts from different directions should and will merge and makeup tommorow’s Industry recognized standards and guidelines for any semantically driven service oriented architecture

Slide 15: Solution: Semantic Policy Framework • semantically-rich policy representations – Human error reduction, – Simplification of policy analysis, – policy conflicts reduction, – Interoperability facilitation • The adoption of a policy grounded-approach for controlling a system requires an appropriate policy representation and the design and development of a policy management framework, realizing the need for a Semantic Policy Framework • Policies will be increasingly important to the real world implementation of Semantic Web Services • Policy ontology is an enabler for Semantic policy framework

Slide 16: adoption of policy Ontologies :pros – Ontology simplifies the task of governing the behavior of complex ,Increasingly dynamic, multi -disciplinary business environments . – Adaptation with several kinds of business and workflow contexts – High-level management requirements – Simplification in many aspects of policy engineering such as policy description, analysis and access

Slide 17: adoption of policy Ontologies :cons • the adoption of Ontologies for policy specification requires addressing some technical difficulties in presentation and implementation; – Semantic web languages used for ontology representation still present a complex description making the code very difficult to read – The gap between the specification and the implementation of policies cannot be completely overcome in an automated manner.

Slide 19: OASIS Web Services Works OASIS Security Standards OASIS Semantics Effort Semantic Execution eGovernments, Semantic Web Businesses, Services Environment Citizens

Slide 20: Semantic Distributed Trust Execution (Web of Trust) Environment Trust Warehouse Distributed Registry (UDDI / ebXML RR) Trust Negotiation Domain Ontology Trust Policy Ontology Negotiator Service Discovery Authorization Service Manager Requester Distibuted Ontology Repository Semantic Web Service Service sends requester’s authorization info to requester Requester’s Semantic Authorization Service Invocation Requirements information

Slide 21: Remaining issues: policy framework obstacles • Approaches toward a common global semantic policy framework have generated divergent solutions ; – best suited for particular ranges of applications – discourage a common approach for all situations • it is still not clear ”why a common approach should succeed for policy specification,presentation and deployment”. – Clearly stating the need for standardization and convergence efforts

Slide 22: Remaining issues: semantic efforts • Immaturity of the most important of dimensions of SWS • Immaturity of essential standards supporting semantic web and semantic web services • The importance and efficiency of Semantical- enrichment has not yet realized by many industries and businesses • Most important, semantic efforts are progressing and are shaping but still semantic web services security research and development needs more attention and investment from academia and industry .

Slide 23: Role of OASIS : Creating the ”Concrete” for the road construction • Standardization of a common service execution environment, sets a great starting point for the implementation, deployment and most important ,convergence of ongoing, existing and future semantic works. • Liaisons with related standardizations and industrial consortia • “Clearly, the time to forge a common framework based on Semantic interoperability standards and e- Business web services standards is now.” Patrick Gannon, CEO and President, OASIS – Book foreword

Slide 24: Q&A • Question and answer – Frågar och svara • question et réponse –‫پرسشو پاسخ‬ »问题和解答

Slide 25: Thanks! • Thank you for participating

Slide 26: Contact Details Nima Dokoohaki Solution Architect M.Sc in Software Engineering of Distributed Systems Stockholm Sweden Mobile:+46762697630 Email:nimadokoohaki@gmail.com Skype:nimakth

Slide 27: Resources 1. Intelligent Web Services (Alun Preece, Stefan Decker),IEEE – http://www.csd.abdn.ac.uk/~apreece/research/down 2. Approaches to Semantic Web Services:An Overiew and Comparisons, Cabral et al. – http://kmi.open.ac.uk/projects/irs/cabralESWS04.pdf 3. Semantic Web Services, Processes and Applications ,Jorge Cardoso, Amit Sheth – http://dme.uma.pt/jcardoso/Books/Semantic-Web-Se 4. Semantic Driven Solutions • http://www.plirosoft.ethz.ch/services/BySubject/sem

Slide 28: Resources 1. OASIS SEE TC online resources • http://www.oasis-open.org/committees/tc_home.php?wg_ 2. The web services modelling framework. Fensel,Bussler • http://www.swsi.org/resources/wsmf-paper.pdf 3. Semantic Web Services Architecture RequirementsVersion 1.0 (1 June 2004) • http://www.daml.org/services/swsa/swsa-requirements.htm 4. Semantic Policy-based Security Framework for Business Processes,Huang • http://www.csee.umbc.edu/swpw/papers/huang.pdf 5. Semantic Descriptions ofWeb Services Security Constraints,Huang – http ://iaks-www.ira.uka.de/iaks-calmet/papers/huang06-2.pdf

Slide 29: Resources 1. Integration of KAoS Policy Services with Semantic Web Services,Uszok et al. • http://iswc2004.semanticweb.org/demos/08/paper.pdf 2. KAoS Policy Management for Semantic Web Services,Uszok et al http ://www.aiai.ed.ac.uk/project/ix/documents/2004/2004-ieee-is-u 3. Expressing Semantic web services authorization. patterson,miller http://lsdis.cs.uga.edu/~rsp/Expressing%20Authorization%20 5. OASIS and Web Services Standards, Patrick Gannon http://www.daml.org/services/swsa/working/oasis-semantic-w 8. Semantic Web Languages for Policy Representation and Reasoning: A Comparison of KAoS, Rei, and Ponder http://www.ihmc.us/research/projects/KAoS/FinalIHMC_DEIS.

Slide 30: Resources 1. Integration of KAoS Policy Services with Semantic Web Services,Uszok et al. • http://iswc2004.semanticweb.org/demos/08/paper.pdf 2. KAoS Policy Management for Semantic Web Services,Uszok et al http ://www.aiai.ed.ac.uk/project/ix/documents/2004/2004-ieee-is-u 3. Expressing Semantic web services authorization. patterson,miller http://lsdis.cs.uga.edu/~rsp/Expressing%20Authorization%20 5. OASIS and Web Services Standards, Patrick Gannon http://www.daml.org/services/swsa/working/oasis-semantic-w 8. Semantic Web Languages for Policy Representation and Reasoning: A Comparison of KAoS, Rei, and Ponder http://www.ihmc.us/research/projects/KAoS/FinalIHMC_DEIS.

Slideshare.net (beta)