The document discusses ontologies in ASSERT4SOA. It aims to use OWL-DL to describe security properties of software services and support comparison of different certificate types. It addresses design questions about the community, domain, and formalism used. An example ontology illustrates representing a certificate, security property, and service model in OWL-DL with properties. Reasoning over the ontology allows mapping certificates to properties, discovering relations, and checking consistency.
This document discusses the SECURE CHANGE project which aims to support software evolution while maintaining security. It proposes a change-driven security engineering process where risk assessment interplays with software development phases. Models are the basic unit of change and concepts are mapped between requirements and risk domains. When a change affects an interface concept, the change is propagated to the other domain. An example shows how a new ATM tool introduction leads to identifying new risks and defining security objectives and requirements in the risk and requirements models.
This document discusses the development of the Privacy Rules Definition Language (PRDL) to create rules addressing privacy concerns in the ENDORSE project. It aims to make privacy terms transparent to users and provide better data protection guarantees. Key challenges include identifying legal requirements and evaluating privacy rules in organizational systems. Example rules are presented along with choices around rule functionality and requirements gathering. The current meta rule model and progress on PRDL are also outlined.
The document discusses using assessment models to improve the usability and security of wireless sensor networks (WSNs). It proposes a model-based approach involving (1) collecting and mapping user security requirements, (2) describing component properties and how they compose, and (3) defining security models to assess whether requirements are satisfied. The approach aims to bridge the gap between users and technical implementation. An example security model uses attack trees to evaluate if attacks can be prevented or don't apply given the system and requirements.
- PoSecCo aims to model services for future internet security requirements from a service provider perspective. It takes into account security requirements from customers, laws/regulations, and suppliers.
- The modeling covers business, IT, and infrastructure layers. At the business layer, it models institutions, business processes, services, and information. At the IT layer, it models IT services and their components, interfaces, and relationships. At the infrastructure layer, it models physical and virtual resources, nodes, and the overall landscape topology.
- The goal is to support service providers by allowing reuse of services via standardized models and tools, while ensuring security policies are appropriately applied across customer instantiations.
The document describes an approach to analytical attack modeling using two main techniques: analytical modeling through generating multi-level attack graphs and service dependencies, and fine-grained modeling and simulation. It then outlines the key components of an attack modeling architecture, including generators for system specifications, attack graphs, and service dependencies, as well as modules for security evaluation, decision support, and interactive visualization.
The document summarizes a workshop organized by the Effectsplus Systems and Networks cluster to discuss different modeling approaches used in projects to assess security and privacy challenges. The workshop aims to identify areas of collaboration, publicly available models, and gaps for future research. The agenda outlines presentations on various modeling techniques from 11 projects on the first day and discussions on collaboration opportunities on the second day.
The document discusses the Trust in Digital Life (TDL) consortium, which aims to stimulate research and development of trustworthy information and communication technology (ICT) solutions. TDL has over 20 members from industry, academia, and government working to set a research agenda. The consortium's goals are to establish an inspiring and self-sustaining community to advance knowledge and collaborative projects, develop an innovative research agenda, enable public funding for related projects, and increase awareness through demonstrations. TDL will measure progress using key performance indicators like adoption rates of e-services and survey scores on consumer trust.
This document discusses the SECURE CHANGE project which aims to support software evolution while maintaining security. It proposes a change-driven security engineering process where risk assessment interplays with software development phases. Models are the basic unit of change and concepts are mapped between requirements and risk domains. When a change affects an interface concept, the change is propagated to the other domain. An example shows how a new ATM tool introduction leads to identifying new risks and defining security objectives and requirements in the risk and requirements models.
This document discusses the development of the Privacy Rules Definition Language (PRDL) to create rules addressing privacy concerns in the ENDORSE project. It aims to make privacy terms transparent to users and provide better data protection guarantees. Key challenges include identifying legal requirements and evaluating privacy rules in organizational systems. Example rules are presented along with choices around rule functionality and requirements gathering. The current meta rule model and progress on PRDL are also outlined.
The document discusses using assessment models to improve the usability and security of wireless sensor networks (WSNs). It proposes a model-based approach involving (1) collecting and mapping user security requirements, (2) describing component properties and how they compose, and (3) defining security models to assess whether requirements are satisfied. The approach aims to bridge the gap between users and technical implementation. An example security model uses attack trees to evaluate if attacks can be prevented or don't apply given the system and requirements.
- PoSecCo aims to model services for future internet security requirements from a service provider perspective. It takes into account security requirements from customers, laws/regulations, and suppliers.
- The modeling covers business, IT, and infrastructure layers. At the business layer, it models institutions, business processes, services, and information. At the IT layer, it models IT services and their components, interfaces, and relationships. At the infrastructure layer, it models physical and virtual resources, nodes, and the overall landscape topology.
- The goal is to support service providers by allowing reuse of services via standardized models and tools, while ensuring security policies are appropriately applied across customer instantiations.
The document describes an approach to analytical attack modeling using two main techniques: analytical modeling through generating multi-level attack graphs and service dependencies, and fine-grained modeling and simulation. It then outlines the key components of an attack modeling architecture, including generators for system specifications, attack graphs, and service dependencies, as well as modules for security evaluation, decision support, and interactive visualization.
The document summarizes a workshop organized by the Effectsplus Systems and Networks cluster to discuss different modeling approaches used in projects to assess security and privacy challenges. The workshop aims to identify areas of collaboration, publicly available models, and gaps for future research. The agenda outlines presentations on various modeling techniques from 11 projects on the first day and discussions on collaboration opportunities on the second day.
The document discusses the Trust in Digital Life (TDL) consortium, which aims to stimulate research and development of trustworthy information and communication technology (ICT) solutions. TDL has over 20 members from industry, academia, and government working to set a research agenda. The consortium's goals are to establish an inspiring and self-sustaining community to advance knowledge and collaborative projects, develop an innovative research agenda, enable public funding for related projects, and increase awareness through demonstrations. TDL will measure progress using key performance indicators like adoption rates of e-services and survey scores on consumer trust.
The Aniketos project aims to help establish and maintain trustworthy and secure behavior in dynamically changing environments of composite services. It develops methods and tool support for the design and runtime composition of secure dynamic services. The project addresses challenges of composite security where individual services may be trustworthy but their composition is not clear. It proposes expressing security and trustworthiness requirements through models and generating security agreements. The Aniketos platform supports security definition, evaluation, monitoring, and adaptation for composite services.
This document discusses visual analytic techniques for representing large datasets to enhance network security. It describes the VIS-SENSE project which involves 6 partners from 4 countries developing tools for analyzing internet threat landscapes. The tools use clustering algorithms and similarity models to group related security events that may share common root causes. Examples are provided of how the tools can analyze rogue antivirus campaigns and relationships between spam botnets.
The document describes SysSec, a 4-year European Network of Excellence working to consolidate research on managing threats and vulnerabilities in the future Internet. SysSec aims to create a proactive research community, advance security research beyond the current reactive state, and establish a virtual center of excellence. Its goals are to anticipate attacks, predict future threats, collaborate with international researchers, and transfer technology to the security industry.
Workshop summary software assurance and trustfcleary
This document summarizes a technical workshop on software assurance and trust that was held by the Cloud & Services Cluster. The objectives of the workshop were to identify areas of collaboration between projects, publicly available models that could be reused, and gaps in existing approaches. The agenda included presentations from six European projects on topics like security SLAs, auditing, monitoring, and user-centered approaches to trust. Results included the potential for a joint paper and follow-up inter-project meetings on topics such as security SLAs and auditing.
The document discusses the Cyber Security Modeling Language (CySeMoL) tool developed by the VIKING project. The tool allows users to model their system architecture, visualize potential attacks, and calculate success probabilities of attacks. It consolidates security theory to identify the most important factors that influence attack success. The tool is currently being tested in real-life cases and the developers are seeking collaboration to improve the modeling language, calculation engine, and data collection capabilities.
This document provides an overview of the uTRUSTit project, which aims to develop usable trust in the Internet of Things. It introduces several smart home and office scenarios involving IoT devices. It then describes personas that were developed to represent different types of users. Focus groups were conducted to identify user requirements for trust and privacy. Examples of requirements include providing feedback on third party data access and having consistent user interfaces across devices. The outlook discusses further research needs in complexity reduction, trust modeling, and understanding user mental models of IoT systems.
The document describes the Virtual City Simulator (ViCiSi), which dynamically assesses societal costs related to outages in critical infrastructure. ViCiSi creates activity profiles for societies to model how an outage would decrease economic activity. It also contains virtual representations of electrical grids, buildings, streets and other infrastructure to simulate restoration of power and society after an outage. ViCiSi uses real economic and population statistics for EU countries as inputs to make the virtual society representative.
The document outlines a framework for a research roadmap on trust and security. It discusses establishing a framework to examine changes, vision, challenges, and solutions for trust and security. It also addresses gathering workshop output, key questions around structuring the full roadmap, and next steps.
1. PoSecCo security models provide complete knowledge of an auditee's infrastructure, technologies, policies and configurations.
2. This detailed information can be used to develop standardized, automatable audit programs by mapping auditee policies to technical configurations.
3. During audit execution, technical evidence can be automatically retrieved and checks can be executed to provide assurance and increase efficiency of the audit process.
This document outlines the goals and structure of the NESSoS Network of Excellence on Engineering Secure Future Internet Software Services and Systems. The key goals are to create a long-lasting research community, integrate partner research agendas and tools, and spread excellence through education and training. The network brings together experts from 13 organizations across Europe to conduct research on secure software engineering, architectures, programming, and risk/cost-aware development processes. Integration activities include a virtual research lab and tool workbench. Research focuses on security requirements, architectures, programming, assurance, and application scenarios. Spread of excellence activities encompass education, training, dissemination and standardization.
The document summarizes a workshop on models held by the EFFECTS+ Systems & Networks Cluster. The workshop aimed to identify publicly available models, areas of collaboration between projects, and gaps in existing approaches. Presentations covered various modeling approaches from different projects. Results included plans to classify models, publish a survey, hold follow-up meetings, and initiate specific multilateral cooperations between projects in areas like SCADA systems, privacy, services, and security evaluation.
Nicoletta Fornara and Fabio Marfia | Modeling and Enforcing Access Control Ob...semanticsconference
This document discusses modeling and enforcing access control obligations for SPARQL-DL queries. It proposes an approach using formal specifications of obligations to define fine-grained access control for inferred data in OWL 2 DL ontologies. An obligation enforcement module sits as a middle layer, rewriting queries before execution and enforcing obligations on results by modifying returned data based on obligation definitions. The approach allows complex queries while protecting inferred data through reasoning about access control conditions.
Semantic Web: Technolgies and Applications for Real-WorldAmit Sheth
Amit Sheth and Susie Stephens, "Semantic Web: Technolgies and Applications for Real-World," Tutorial at 2007 World Wide Web Conference, Banff, Canada.
Tutorial discusses technologies and deployed real-world applications through 2007.
Tutorial description at: http://www2007.org/tutorial-T11.php
Metadata for Terminology / KOS ResourcesMarcia Zeng
1. Why do we need metadata for terminology resources? 2. What do we need to know about a terminology resource? 3. Is there a standardized set of metadata elements for terminology resources?-- a presentation at the "New Dimensions in Knowledge Organization Systems", a Joint NKOS/ CENDI Workshop, World Bank, Washington, DC. September 11, 2008 http://nkos.slis.kent.edu/2008workshop/NKOS-CENDI2008.htm
Infrastructure and Workflow for the Formal Evaluation of Semantic Search Tech...Stuart Wrigley
This paper describes an infrastructure for the automated evaluation of semantic technologies and, in particular, semantic search technologies. For this purpose, we present an evaluation framework which follows a service-oriented approach for evaluating semantic technologies and uses the Business Process Execution Language (BPEL) to define evaluation workflows that can be executed by process engines. This framework supports a variety of evaluations, from different semantic areas, including search, and is extendible to new evaluations. We show how BPEL addresses this diversity as well as how it is used to solve specific challenges such as heterogeneity, error handling and reuse.
Presented at Data infrastructurEs for Supporting Information Retrieval Evaluation (DESIRE 2011) Workshop, Co-located with CIKM 2011, the 20th ACM Conference on Information and Knowledge Management
Friday 28th October 2011, Glasgow, UK
http://www.promise-noe.eu/events/desire-2011/
Ontology Building and its Application using HozoKouji Kozaki
The document provides information about an upcoming tutorial on ontology building and its applications using the Hozo ontology development tool. The tutorial will take place on November 9th, 2014 in Chiang Mai, Thailand and will cover how to build ontologies using Hozo, some characteristic functions of Hozo, and examples of ontology-based application developments. The tutorial agenda outlines the topics to be covered in each time block, including hands-on experience building ontologies with Hozo.
The document discusses the concept of service-oriented science and describes several key aspects:
1) People can create services (data, code, instruments), discover and decide whether to use existing services, and compose services to create new functions.
2) Services are hosted by "someone else" so individuals do not need expertise in operating services and computers. It is hoped this entity can manage security, reliability, and scalability.
3) Discovery, composition, publishing, and hosting of services are important aspects that enable service-oriented science. Standards, registries, tagging, and social networks help with discovery, while workflows, containers, and dynamic provisioning support composition and hosting at scale.
The document discusses sharing knowledge organization system (KOS) metadata using RSS formats. It proposes defining a simple KOS metadata standard using existing namespaces and making KOS available online through RSS feeds and web services in multiple formats like SKOS. This will allow for decentralized access to KOS through RSS aggregators that can filter and search across different KOS domains.
Integrating a Domain Ontology Development Environment and an Ontology Search ...Takeshi Morita
In order to reduce the cost of building domain ontologies manually, in this paper, we propose a method and a tool named DODDLE-OWL for domain ontology construction reusing texts and existing ontologies extracted by an ontology search engine: Swoogle. In the experimental evaluation, we applied the method to a particular field of law and evaluated the acquired ontologies.
Integration of Domain-Specific and Domain-Independent Ontologies for Colonosc...Jie Bao
The document discusses the integration of a domain-specific ontology (MST) and a domain-independent video ontology to enable annotation of colonoscopy videos. The MST ontology contains terminology for colonoscopy reports. The video ontology represents the semantic structure and attributes of videos. The two ontologies are integrated by linking domain terms to video entities. The combined integrated ontology for video annotation (IOVA) represented in OWL enables flexible indexing, retrieval and knowledge discovery from colonoscopy video data.
Epistenet: Facilitating Programmatic Access & Processing of Semantically Rela...Sauvik Das
Effective use of personal data is a core utility of modern smartphones. On Android, several challenges make developing compelling personal data applications difficult. First, personal data is stored in isolated silos. Thus, relationships between data from different providers are missing, data must be queried by source of origin rather than meaning and the persistence of different types of data differ greatly. Second, interfaces to these data are inconsistent and complex. In turn, developers are forced to interleave SQL with Java boilerplate, resulting in error- prone code that does not generalize. Our solution is Epistenet: a toolkit that (1) unifies the storage and treatment of mobile personal data; (2) preserves relationships between disparate data; (3) allows for expressive queries based on the meaning of data rather than its source of origin (e.g., one can query for all communications with John while at the park); and, (4) provides a simple, native query interface to facilitate development.
The Aniketos project aims to help establish and maintain trustworthy and secure behavior in dynamically changing environments of composite services. It develops methods and tool support for the design and runtime composition of secure dynamic services. The project addresses challenges of composite security where individual services may be trustworthy but their composition is not clear. It proposes expressing security and trustworthiness requirements through models and generating security agreements. The Aniketos platform supports security definition, evaluation, monitoring, and adaptation for composite services.
This document discusses visual analytic techniques for representing large datasets to enhance network security. It describes the VIS-SENSE project which involves 6 partners from 4 countries developing tools for analyzing internet threat landscapes. The tools use clustering algorithms and similarity models to group related security events that may share common root causes. Examples are provided of how the tools can analyze rogue antivirus campaigns and relationships between spam botnets.
The document describes SysSec, a 4-year European Network of Excellence working to consolidate research on managing threats and vulnerabilities in the future Internet. SysSec aims to create a proactive research community, advance security research beyond the current reactive state, and establish a virtual center of excellence. Its goals are to anticipate attacks, predict future threats, collaborate with international researchers, and transfer technology to the security industry.
Workshop summary software assurance and trustfcleary
This document summarizes a technical workshop on software assurance and trust that was held by the Cloud & Services Cluster. The objectives of the workshop were to identify areas of collaboration between projects, publicly available models that could be reused, and gaps in existing approaches. The agenda included presentations from six European projects on topics like security SLAs, auditing, monitoring, and user-centered approaches to trust. Results included the potential for a joint paper and follow-up inter-project meetings on topics such as security SLAs and auditing.
The document discusses the Cyber Security Modeling Language (CySeMoL) tool developed by the VIKING project. The tool allows users to model their system architecture, visualize potential attacks, and calculate success probabilities of attacks. It consolidates security theory to identify the most important factors that influence attack success. The tool is currently being tested in real-life cases and the developers are seeking collaboration to improve the modeling language, calculation engine, and data collection capabilities.
This document provides an overview of the uTRUSTit project, which aims to develop usable trust in the Internet of Things. It introduces several smart home and office scenarios involving IoT devices. It then describes personas that were developed to represent different types of users. Focus groups were conducted to identify user requirements for trust and privacy. Examples of requirements include providing feedback on third party data access and having consistent user interfaces across devices. The outlook discusses further research needs in complexity reduction, trust modeling, and understanding user mental models of IoT systems.
The document describes the Virtual City Simulator (ViCiSi), which dynamically assesses societal costs related to outages in critical infrastructure. ViCiSi creates activity profiles for societies to model how an outage would decrease economic activity. It also contains virtual representations of electrical grids, buildings, streets and other infrastructure to simulate restoration of power and society after an outage. ViCiSi uses real economic and population statistics for EU countries as inputs to make the virtual society representative.
The document outlines a framework for a research roadmap on trust and security. It discusses establishing a framework to examine changes, vision, challenges, and solutions for trust and security. It also addresses gathering workshop output, key questions around structuring the full roadmap, and next steps.
1. PoSecCo security models provide complete knowledge of an auditee's infrastructure, technologies, policies and configurations.
2. This detailed information can be used to develop standardized, automatable audit programs by mapping auditee policies to technical configurations.
3. During audit execution, technical evidence can be automatically retrieved and checks can be executed to provide assurance and increase efficiency of the audit process.
This document outlines the goals and structure of the NESSoS Network of Excellence on Engineering Secure Future Internet Software Services and Systems. The key goals are to create a long-lasting research community, integrate partner research agendas and tools, and spread excellence through education and training. The network brings together experts from 13 organizations across Europe to conduct research on secure software engineering, architectures, programming, and risk/cost-aware development processes. Integration activities include a virtual research lab and tool workbench. Research focuses on security requirements, architectures, programming, assurance, and application scenarios. Spread of excellence activities encompass education, training, dissemination and standardization.
The document summarizes a workshop on models held by the EFFECTS+ Systems & Networks Cluster. The workshop aimed to identify publicly available models, areas of collaboration between projects, and gaps in existing approaches. Presentations covered various modeling approaches from different projects. Results included plans to classify models, publish a survey, hold follow-up meetings, and initiate specific multilateral cooperations between projects in areas like SCADA systems, privacy, services, and security evaluation.
Nicoletta Fornara and Fabio Marfia | Modeling and Enforcing Access Control Ob...semanticsconference
This document discusses modeling and enforcing access control obligations for SPARQL-DL queries. It proposes an approach using formal specifications of obligations to define fine-grained access control for inferred data in OWL 2 DL ontologies. An obligation enforcement module sits as a middle layer, rewriting queries before execution and enforcing obligations on results by modifying returned data based on obligation definitions. The approach allows complex queries while protecting inferred data through reasoning about access control conditions.
Semantic Web: Technolgies and Applications for Real-WorldAmit Sheth
Amit Sheth and Susie Stephens, "Semantic Web: Technolgies and Applications for Real-World," Tutorial at 2007 World Wide Web Conference, Banff, Canada.
Tutorial discusses technologies and deployed real-world applications through 2007.
Tutorial description at: http://www2007.org/tutorial-T11.php
Metadata for Terminology / KOS ResourcesMarcia Zeng
1. Why do we need metadata for terminology resources? 2. What do we need to know about a terminology resource? 3. Is there a standardized set of metadata elements for terminology resources?-- a presentation at the "New Dimensions in Knowledge Organization Systems", a Joint NKOS/ CENDI Workshop, World Bank, Washington, DC. September 11, 2008 http://nkos.slis.kent.edu/2008workshop/NKOS-CENDI2008.htm
Infrastructure and Workflow for the Formal Evaluation of Semantic Search Tech...Stuart Wrigley
This paper describes an infrastructure for the automated evaluation of semantic technologies and, in particular, semantic search technologies. For this purpose, we present an evaluation framework which follows a service-oriented approach for evaluating semantic technologies and uses the Business Process Execution Language (BPEL) to define evaluation workflows that can be executed by process engines. This framework supports a variety of evaluations, from different semantic areas, including search, and is extendible to new evaluations. We show how BPEL addresses this diversity as well as how it is used to solve specific challenges such as heterogeneity, error handling and reuse.
Presented at Data infrastructurEs for Supporting Information Retrieval Evaluation (DESIRE 2011) Workshop, Co-located with CIKM 2011, the 20th ACM Conference on Information and Knowledge Management
Friday 28th October 2011, Glasgow, UK
http://www.promise-noe.eu/events/desire-2011/
Ontology Building and its Application using HozoKouji Kozaki
The document provides information about an upcoming tutorial on ontology building and its applications using the Hozo ontology development tool. The tutorial will take place on November 9th, 2014 in Chiang Mai, Thailand and will cover how to build ontologies using Hozo, some characteristic functions of Hozo, and examples of ontology-based application developments. The tutorial agenda outlines the topics to be covered in each time block, including hands-on experience building ontologies with Hozo.
The document discusses the concept of service-oriented science and describes several key aspects:
1) People can create services (data, code, instruments), discover and decide whether to use existing services, and compose services to create new functions.
2) Services are hosted by "someone else" so individuals do not need expertise in operating services and computers. It is hoped this entity can manage security, reliability, and scalability.
3) Discovery, composition, publishing, and hosting of services are important aspects that enable service-oriented science. Standards, registries, tagging, and social networks help with discovery, while workflows, containers, and dynamic provisioning support composition and hosting at scale.
The document discusses sharing knowledge organization system (KOS) metadata using RSS formats. It proposes defining a simple KOS metadata standard using existing namespaces and making KOS available online through RSS feeds and web services in multiple formats like SKOS. This will allow for decentralized access to KOS through RSS aggregators that can filter and search across different KOS domains.
Integrating a Domain Ontology Development Environment and an Ontology Search ...Takeshi Morita
In order to reduce the cost of building domain ontologies manually, in this paper, we propose a method and a tool named DODDLE-OWL for domain ontology construction reusing texts and existing ontologies extracted by an ontology search engine: Swoogle. In the experimental evaluation, we applied the method to a particular field of law and evaluated the acquired ontologies.
Integration of Domain-Specific and Domain-Independent Ontologies for Colonosc...Jie Bao
The document discusses the integration of a domain-specific ontology (MST) and a domain-independent video ontology to enable annotation of colonoscopy videos. The MST ontology contains terminology for colonoscopy reports. The video ontology represents the semantic structure and attributes of videos. The two ontologies are integrated by linking domain terms to video entities. The combined integrated ontology for video annotation (IOVA) represented in OWL enables flexible indexing, retrieval and knowledge discovery from colonoscopy video data.
Epistenet: Facilitating Programmatic Access & Processing of Semantically Rela...Sauvik Das
Effective use of personal data is a core utility of modern smartphones. On Android, several challenges make developing compelling personal data applications difficult. First, personal data is stored in isolated silos. Thus, relationships between data from different providers are missing, data must be queried by source of origin rather than meaning and the persistence of different types of data differ greatly. Second, interfaces to these data are inconsistent and complex. In turn, developers are forced to interleave SQL with Java boilerplate, resulting in error- prone code that does not generalize. Our solution is Epistenet: a toolkit that (1) unifies the storage and treatment of mobile personal data; (2) preserves relationships between disparate data; (3) allows for expressive queries based on the meaning of data rather than its source of origin (e.g., one can query for all communications with John while at the park); and, (4) provides a simple, native query interface to facilitate development.
ONTOLOGY VISUALIZATION PROTÉGÉ TOOLS – A REVIEWijait
The document discusses ontology visualization tools in Protégé. It reviews four main visualization methods used in Protégé tools: indented list, node-link and tree, zoomable, and focus+context. It then examines specific Protégé tools that use each method, including their key features and limitations. The tools discussed are Protégé Class Browser (indented list), Protégé OntoViz and OntoSphere (node-link and tree), Jambalaya (zoomable), and Protégé TGVizTab (focus+context). The document aims to categorize the characteristics of existing Protégé visualization tools to assist in method selection and promote future research.
ONTOLOGY VISUALIZATION PROTÉGÉ TOOLS – A REVIEW ijait
The document discusses ontology visualization tools in Protégé. It reviews four main visualization methods used in Protégé tools: indented list, node-link and tree, zoomable, and focus+context. It then examines specific Protégé tools that use each method, including their key features and limitations. The tools assessed are Protégé Class Browser (indented list), Protégé OntoViz and OntoSphere (node-link and tree), Jambalaya (zoomable), and Protégé TGVizTab (focus+context). The document concludes by summarizing and comparing the visualization characteristics of these Protégé tools.
247th ACS Meeting: Experiment Markup Language (ExptML)Stuart Chalk
To integrate science into the semantic web it is important to capture the context of research as it is done. ExptML is designed to store information and workflows from the scientific process.
Elasticsearch is a distributed, RESTful, free and open source search engine based on Apache Lucene. It allows for fast full text searches across large volumes of data. Documents are indexed in Elasticsearch to build an inverted index that allows for fast keyword searches. The index maps words or numbers to their locations in documents for fast retrieval. Elasticsearch uses Apache Lucene to create and manage the inverted index.
The document discusses using ontology to enhance management of operating system services. It proposes an ontology-based architecture to classify and organize various operating system services. The architecture divides services into the kernel and exokernel layers. Individual service ontologies are developed for search, backup, security, and networking and then merged into a universal ontology. This approach aims to improve service development, deployment and management by adding semantics and enabling knowledge sharing and reusability across operating systems.
Semantic Web in Action: Ontology-driven information search, integration and a...Amit Sheth
Amit Sheth's Keynote talk given at: “Semantic Web in Action: Ontology-driven information search, integration and analysis,” Net Object Days 2003 and MATES03, Erfurt, Germany, September 23, 2003. http://knoesis.org
Note: slides 51-55 have audio.
Previewing OWL Changes and Refactorings Using a Flexible XML DatabaseChristoph Lange
The document discusses using a flexible XML database called TNTBase to preview changes and refactorings to ontologies. TNTBase allows editing ontologies through "virtual documents" that define editable XML views of ontology content. This enables refactoring ontologies by previewing the effects of changes like extracting subclasses into a new module before making the changes live. The document provides examples of refactoring an ontology in this way and describes the underlying library functions that power the refactoring previews.
The document describes an ontology evolution process for classifying web services. It uses three techniques - TF/IDF, web context extraction, and free text descriptor verification - to analyze web service descriptions and automatically generate concepts and relationships for the ontology. TF/IDF and web context extraction are used to identify significant concepts from the descriptions. The free text descriptor is then used to validate these concepts and resolve any conflicts with the existing ontology. The combined approach aims to accurately define and evolve the ontology over time as new web services are added.
This document summarizes the objectives and proceedings of the 2nd Effectsplus Cluster event held in Amsterdam on July 4-5, 2011. 22 research projects attended to discuss collaboration opportunities in two parallel workshops on systems/networks models and services/cloud trust and assurance. The event aimed to identify areas for collaboration, publicly available examples, and gaps for future research. Presentations were given on several projects to promote awareness, including the BIC project which coordinates international cooperation on trustworthy ICT between the EU and countries like Brazil, India and South Africa.
The document discusses assessment models to improve the usability of security in wireless sensor networks. It presents a model-based approach to security assessment that involves (1) collecting and mapping user requirements, (2) describing component and system attributes, and (3) defining security models. The goal is to bridge the gap between application needs and technological capabilities by enabling non-experts to assess security.
The document discusses collaborative security for protecting financial critical infrastructures. It describes how financial institutions are increasingly exposed to coordinated cyber attacks. It then introduces the CoMiFin platform, which uses semantic rooms to allow financial organizations to collaboratively monitor for threats, detect fraud, and share threat information in real time. Key features of the CoMiFin platform include its use of private and public cloud deployments, its complex event processing capabilities through tools like AGILIS and Esper, and its semantic rooms for detecting specific attacks like stealthy port scanning and correlating fraud events across organizations. The platform has received several awards and has been evaluated positively by major financial organizations for its potential business value.
Jim Clarke from the Waterford Institute of Technology presented on the EU BIC project, which aims to build international cooperation in trustworthy ICT through workshops with countries like Brazil, India, and South Africa to develop research priorities and involve stakeholders. The project seeks to provide input for future research programs, establish an international advisory group, and build an international community through activities over the next 12 months.
The document argues that as homes and vehicles become certified, consumers should also seek out certified services. It suggests that as people's lives involve more certified products and systems, they should be wary of using uncertified services due to security and reliability concerns. Certification provides assurances that certified entities meet standards.
This document proposes a general framework for security-aware analysis of services using semirings. It outlines how business processes can be transformed into trees and then modeled as semirings to analyze them using different security metrics like risk, probability of attacks, trust, and latency. This uniform approach allows selecting the best process, aggregating metric values, and performing various types of analyses. Future work areas include improving the modeling to handle non-deterministic choices, considering additional metrics and analysis types, and investigating interoperability between metrics.
This document outlines the agenda for the Effectsplus 2nd Technical Cluster Meeting held on July 4th and 5th in Amsterdam. The agenda includes welcome remarks, presentations on various Effectsplus clusters, parallel breakout sessions for two clusters, and a wrap-up plenary session. Day 1 focuses on cluster workshops and a strategy board meeting. Day 2 continues the cluster workshops, includes a security roadmapping presentation and a research project analysis, before concluding with closing remarks. The document provides logistical details for the event across its five pages.
Philippine Edukasyong Pantahanan at Pangkabuhayan (EPP) CurriculumMJDuyan
(𝐓𝐋𝐄 𝟏𝟎𝟎) (𝐋𝐞𝐬𝐬𝐨𝐧 𝟏)-𝐏𝐫𝐞𝐥𝐢𝐦𝐬
𝐃𝐢𝐬𝐜𝐮𝐬𝐬 𝐭𝐡𝐞 𝐄𝐏𝐏 𝐂𝐮𝐫𝐫𝐢𝐜𝐮𝐥𝐮𝐦 𝐢𝐧 𝐭𝐡𝐞 𝐏𝐡𝐢𝐥𝐢𝐩𝐩𝐢𝐧𝐞𝐬:
- Understand the goals and objectives of the Edukasyong Pantahanan at Pangkabuhayan (EPP) curriculum, recognizing its importance in fostering practical life skills and values among students. Students will also be able to identify the key components and subjects covered, such as agriculture, home economics, industrial arts, and information and communication technology.
𝐄𝐱𝐩𝐥𝐚𝐢𝐧 𝐭𝐡𝐞 𝐍𝐚𝐭𝐮𝐫𝐞 𝐚𝐧𝐝 𝐒𝐜𝐨𝐩𝐞 𝐨𝐟 𝐚𝐧 𝐄𝐧𝐭𝐫𝐞𝐩𝐫𝐞𝐧𝐞𝐮𝐫:
-Define entrepreneurship, distinguishing it from general business activities by emphasizing its focus on innovation, risk-taking, and value creation. Students will describe the characteristics and traits of successful entrepreneurs, including their roles and responsibilities, and discuss the broader economic and social impacts of entrepreneurial activities on both local and global scales.
A Visual Guide to 1 Samuel | A Tale of Two HeartsSteve Thomason
These slides walk through the story of 1 Samuel. Samuel is the last judge of Israel. The people reject God and want a king. Saul is anointed as the first king, but he is not a good king. David, the shepherd boy is anointed and Saul is envious of him. David shows honor while Saul continues to self destruct.
Gender and Mental Health - Counselling and Family Therapy Applications and In...PsychoTech Services
A proprietary approach developed by bringing together the best of learning theories from Psychology, design principles from the world of visualization, and pedagogical methods from over a decade of training experience, that enables you to: Learn better, faster!
How Barcodes Can Be Leveraged Within Odoo 17Celine George
In this presentation, we will explore how barcodes can be leveraged within Odoo 17 to streamline our manufacturing processes. We will cover the configuration steps, how to utilize barcodes in different manufacturing scenarios, and the overall benefits of implementing this technology.
Temple of Asclepius in Thrace. Excavation resultsKrassimira Luka
The temple and the sanctuary around were dedicated to Asklepios Zmidrenus. This name has been known since 1875 when an inscription dedicated to him was discovered in Rome. The inscription is dated in 227 AD and was left by soldiers originating from the city of Philippopolis (modern Plovdiv).
1. Ontologies in ASSERT4SOA
D. Presenza (ENG)
D. Presenza (ENG)
July 4, 2011- Amsterdam
July 4, 2011- Amsterdam
2. Outline
ASSERT Ontology & Design Questions
the Community
the Domain
the Formalism
the Structure
An ASSERT-O Example
Reasoning support
Conclusions
2 j
Ontologies in ASSERT4SOA ( D. Presenza), July 4th 2011
3. Ontologies in ASSERT4SOA
ASSERT4SOA is investigating the use of OWL-DL to deliver
an ontology aimed to:
describe security properties of software services. (Objective 1)
support the interoperability and comparison of the different
kinds of certificate managed by the ASSERT4SOA software
framework (Objective 2)
3 j
Ontologies in ASSERT4SOA ( D. Presenza), July 4th 2011
4. Design Questions
“An ontology is a formal explicit specification of a shared
conceptualization of a domain.” [Gruber 1993]
Community (who is going to share it?)
Domain (what is being conceptualised?)
Formalism (which formalism for it?)
4 j
Ontologies in ASSERT4SOA ( D. Presenza), July 4th 2011
5. ASSERT Ontology who: the Community
Service Certification
Counsumers Authorities
ASSERT4SOA
Ontology
Service
Evaluation Providers
Bodies
5 j
Ontologies in ASSERT4SOA ( D. Presenza), July 4th 2011
6. ASSERT Ontology what: the Domain
ASSERT
about certifies
Web Service Security Property
proof
Web Service Model
6 j
Ontologies in ASSERT4SOA ( D. Presenza), July 4th 2011
7. ASSERT Ontology what: the Domain (SotA)
Semantic Web Services technologies
OWL-S
WSMO
SAWSDL
…
Security Ontologies defining Security Objectives (a.k.a .
Properties)
Naval Research Laboratory (NRL) Security Ontology [Kim et al. 2005]
Information Security Ontology [Herzog et al. 2007]
SecurityOntology [Fenz & Ekelhart 2009]
…
Certification & Accreditation Ontologies
DISTCAP Problem Domain Ontology (PDO) [Lee et al. 2006]
Common Criteria (CC) Ontology [Ekelhart et al. 2007]
…
7 j
Ontologies in ASSERT4SOA ( D. Presenza), July 4th 2011
8. ASSERT Ontology how: the Formalism
OWL 2 is a class of languages (OWL 2 Full, OWL 2 DL)
defined by W3C to formalise ontologies.
OWL 2 DL semantic is an extension of SROIQ description
logic.
Datatypes and punning
OWL 2 DL, as many Description Logics (DLs), is a decidable
fragment of First Order Logic (FOL):
Class Expression Satisfiability
Class Expression Subsumption (is a concept a subset of another
concept ?)
Instance Checking (is a particular instance a member of a given
concept ?)
Boolean Conjunctive Query Answering
8 j
Ontologies in ASSERT4SOA ( D. Presenza), July 4th 2011
9. ASSERT4SOA Ontology: structure
General Terms/Concepts
ASSERT4SOA Top Ontology e.g. Event, Document,
Actor, Time-Span, …
ASSERT-E ASSERT-O ASSERT-M ASSERT-* specific
Ontology Ontology Ontology Terms/Concepts
e.g. Test Unit, Role, Agent, …
ASSERT-*
Certificate instances
WP3 Objective 2
WP3 Objective 1
9 j
Ontologies in ASSERT4SOA ( D. Presenza), July 4th 2011
10. ASSERT4SOA Ontology: structure
ASSERT4SOA Top Ontology
General Terms/Concepts
e.g. Event, Document, Actor, Time-Span, …
Open CYC 2 (OWL-DL)
WS-
WSDL CC A4S FL
Policy
10 j
Ontologies in ASSERT4SOA ( D. Presenza), July 4th 2011
11. Ontology-base Certificate (ASSERT-O): an Example
Web Service
ClassAssertion( :certificateXYZ :ASSERT_O)
ObjectPropertyAssertion( :scheme :certificateXYZ :CommonCriteriaCertificate)
ObjectPropertyAssertion( :about :certificateXYZ :remoteSecureStorage)
Security Property Assertion
ClassAssertion( :remoteSecureStorage :AuthenticityPreservingSystem)
Service/System Model
ObjectPropertyAssertion( :hasRole :remoteSecureStorage :R1)
ObjectPropertyAssertion( :hasRole :remoteSecureStorage :R2)
ObjectPropertyAssertion( :trusts :R1 :R2)
ObjectPropertyAssertion( :performs :R1 :A)
ObjectPropertyAssertion( :performs :R2 :B)
ObjectPropertyAssertion( :precedes :A :B)
…
11 j
Ontologies in ASSERT4SOA ( D. Presenza), July 4th 2011
12. ASSERT-O: an Example
Web Service
ClassAssertion( :certificateXYZ :ASSERT_O)
ObjectPropertyAssertion( :scheme :certificateXYZ :CommonCriteriaCertificate)
ObjectPropertyAssertion( :about :certificateXYZ :remoteSecureStorage)
Security Property Assertion
ClassAssertion( :remoteSecureStorage :AuthenticityPreservingSystem)
Security Property described as
OWL-DL Class
Service/System Model within the ASSERT-O Ontology
ObjectPropertyAssertion( :hasRole :remoteSecureStorage :R1)
ObjectPropertyAssertion( :hasRole :remoteSecureStorage :R2)
ObjectPropertyAssertion( :trusts :R1 :R2)
ObjectPropertyAssertion( :performs :R1 :A)
ObjectPropertyAssertion( :performs :R2 :B)
ObjectPropertyAssertion( :precedes :A :B)
…
12 j
Ontologies in ASSERT4SOA ( D. Presenza), July 4th 2011
13. ASSERT-O: an Example
Web Service
ClassAssertion( :certificateXYZ :ASSERT_O)
ObjectPropertyAssertion( :scheme :certificateXY :CommonCriteriaCertificate)
ObjectPropertyAssertion( :about :certificateXYZ :remoteSecureStorage)
Security Property Assertion
ClassAssertion( :remoteSecureStorage :AuthenticityPreservingSystem)
Service/System Model
ObjectPropertyAssertion( :hasRole :remoteSecureStorage :R1)
ObjectPropertyAssertion( :hasRole :remoteSecureStorage :R2)
ObjectPropertyAssertion( :trusts :R1 :R2)
ObjectPropertyAssertion( :performs :R1 :A)
ObjectPropertyAssertion( :performs :R2 :B)
ObjectPropertyAssertion( :precedes :A :B)
OWL-DL description of Web Service (i.e. remoteSecureStorage)
13 j
Ontologies in ASSERT4SOA ( D. Presenza), July 4th 2011
14. ASSERT-O: an Example
Web Service
ClassAssertion( :certificateXYZ :ASSERT_O)
ClassAssertion( :certificateXYZ :CommonCriteriaCertificate)
ObjectPropertyAssertion( :about :certificateXYZ :remoteSecureStorage)
Security Property Assertion
ClassAssertion( :remoteSecureStorage :AuthenticityPreservingSystem)
Service/System Model
ObjectPropertyAssertion( :hasRole :remoteSecureStorage :R1)
ObjectPropertyAssertion( :hasRole :remoteSecureStorage :R2)
ObjectPropertyAssertion( :trusts :R1 :R2)
ObjectPropertyAssertion( :performs :R1 :A)
ObjectPropertyAssertion( :performs :R2 :B)
ObjectPropertyAssertion( :precedes :A :B)
…
OWL-DL Properties described within ASSERT-O Ontology
14 j
Ontologies in ASSERT4SOA ( D. Presenza), July 4th 2011
15. ASSERT Ontology: Reasoning
ASSERT -* Mapping
(Class Expression Subsumption)
Property Relations Discovery
(Class Expression Subsumption)
ASSERT
about certifies
Web Service Security Property
proof
Model/Property Consistency
(Instance Checking)
Web Service Model
15 j
Ontologies in ASSERT4SOA ( D. Presenza), July 4th 2011
16. ASSERT Ontology: Reasoning
ASSERT -* Mapping
(Class Expression Subsumption)
Objective 2 Property Relations Discovery
(Class Expression Subsumption)
ASSERT
about certifies
Web Service Security Property
proof
Objective 1
Model/Property Consistency
(Instance Checking)
Web Service Model
16 j
Ontologies in ASSERT4SOA ( D. Presenza), July 4th 2011
17. ASSERT Ontology: Lifecycle
Web Service ASSERT Security Property
about certifies
proof provides
Security pattern
Control
Security
structure Pattern
Web Service Model
17 j
Ontologies in ASSERT4SOA ( D. Presenza), July 4th 2011
18. ASSERT Ontology: Contributors
Web Service ASSERT Security Property
about certifies
proof provides
Security pattern
Control
Security
structure Pattern
Web Service Model
18 j
Ontologies in ASSERT4SOA ( D. Presenza), July 4th 2011
19. Conclusions
ASSERT4SOA is investigating the use of OWL-DL to deliver
an ontology aimed to:
describe security properties of software services. (Objective 1)
support the interoperability and comparison of the different
kinds of certificate managed by the ASSERT4SOA software
framework (Objective 2)
Certificates, Security Properties and model of Services
represented by means of OWL-DL class/properties
Use off-the-shelf OWL-DL reasoners to map certificates,
discover relations, check consistency.
19 j
Ontologies in ASSERT4SOA ( D. Presenza), July 4th 2011
20. End of Presentation
Thank you!
20 j
Ontologies in ASSERT4SOA ( D. Presenza), July 4th 2011
21. Backup slide SROIQ & “punning”
“Punning”
ClassAssertion( :Father :John)
ClassAssertion( :SocialRole :Father)
Description languages are distinguished by the
constructs they provide.
S AL: Attributive Language -
C: Negation -
R+: Transitive roles (predicates) “hasAncestor”
R Intersection of Roles (predicates)
O one-of The class MyBirthDayGuests contains only Bill,
John, Mary
I Inverse roles (predicates) Property “hasChild” is ithe nverse of
“hasParent”
Q Qualified number number restriction The class of persons having at least two male
childs
21 j
Ontologies in ASSERT4SOA ( D. Presenza), July 4th 2011