This document discusses security issues and trust strategies for the semantic web. It begins by outlining five layers of security standards for the semantic web, including XML security, RDF security, and trust mechanisms. It then categorizes models of trust as centralized, distributed, global, or local. Distributed models are further divided into global and local. Examples of trust strategies are provided, including optimistic systems, pessimistic systems, centralized trust systems, trust investigation systems, and transitive trust systems. The presentation concludes with a discussion of the costs associated with different trust strategies.

1. SECURITY IN
SEMANTIC WEB

2. THE PRESENTATION INCLUDE THE FOLLOWING :
▪ Introduction
▪ Security standards for the semantic web
▪ Categorization of models of trust
▪ Trust strategies for the Semantic Web
▪ Conclusion

3. SECURITY STANDARDS FOR THE
SEMANTIC WEB

4. LAYERS FOR THE SECURE SEMANTIC WEB
Layer 1
Layer 2
Layer 3
Layer 4
Layer 5
Logic,Proof,Trust
Secure Ontologies, Secure Semantic Interoperability
RDF Security
XML Security, Secure XML Schemas
Secure TCP/IP, Secure Sockets, Secure HTML , Secure Agents

5. SECURITY STANDARDS FOR THE SEMANTIC WEB
XML security
RDF security
Secure information interoperability
Trust for the semantic web

6. CATEGORIZATION OF MODELS OF TRUST

7. CATEGORIZATION OF MODELS OF TRUST
▪ Centralized model
A centralized node acts as a system manager.
▪ Distributed model
Nodes are responsible for obtaining mutual trust based on their direct interactions.
Distributed models can be divided into :
▪ Global model
▪ Local model

8. CENTRALIZED MODEL
▪ Manager acquires knowledge such as the ratings of
reputation and the precedents of nodes
▪ The manager is responsible for collecting information
from both sides involved in interactions
▪ An agent (a node) only communicates with the
centralized node to collect information about other
node’s reputations
▪ Each node asks the manager to receive trust rating

9. DISTRIBUTED MODEL
▪ In this model there is no centralized system to
govern the reputation The manager is responsible
for collecting information from both sides involved
in interactions
▪ If node A wants to know node B’s reputation, it
has to ask other nodes to evaluate B
▪ Getting trust information about trustee from
network

10. GLOBAL MODEL
▪ This model is based on the degree of popularity of a node in the society
▪ Neighbors of the trustees know them due to their relationships in the past
▪ A node may have had interactions with its neighbors in the past and neighbors have
profiles of their precedents
▪ Voting (aggregating the opinions of neighbors or users)is an example of evaluating
trust ratings
▪ www.eBay.com and www.Amazon.com auctions have a special trust mechanism
▪ Both of these are implemented as a centralized rating system that manages reputation of each user
▪ But on the other hand the calculation of reputation is based on a global method which depends on
the user’s rating

11. LOCAL MODEL
▪ In this model trust is personal and beliefs vary between two people, personalization
should improve the accuracy of the results
▪ Most research reports on trust mechanisms in the semantic web discuss those
algorithms that calculate trust from the personal view
▪ The main idea here is that everybody trusts his/her friend’s belief more than a
stranger’s belief
▪ According to small world hypothesis, any pair of nodes in a random network will be
connected by a relatively short chain of random acquaintances

12. TRUST STRATEGIES FOR THE SEMANTIC
WEB

13. TRUST STRATEGIES FOR THE SEMANTIC WEB
Optimistic Systems
Pessimistic Systems
Centralised Trust Systems
Trust Investigation Systems
Transitive Trust Systems

14. OPTIMISTIC SYSTEMS
▪ Optimistic systems accept others unless there is
reason not to trust
▪ If the benefits of cooperation are relatively large or
the costs of betrayal are relatively small, risk is low,
and the gains from trust massively outweigh the
gains from distrust

15. OPTIMISTIC SYSTEMS IDEA
▪ Optimism is a very simple strategy
▪ Basically it is the idea that an agent will trust another
agent even if its performance is uncertain, unless
there are positive reasons for not trusting it
▪ The basic idea is that trust is the default attitude

16. PESSIMISTIC SYSTEMS
▪ Given a quantity of such information, agents can be ranked
in terms of their reliability
▪ Such systems in effect take a high rank as evidence of
reason for trust; hence in such a system many trustworthy
agents may fail to be trusted

17. PESSIMISTIC SYSTEMS IDEA
▪ Pessimistic strategies restrict interactions with
agents unless there is a reason to trust them
▪ Note that the pessimism corresponds to trust via
personal acquaintance in the offline world, which is
the basic model of trust
▪ Such a model of trust is not often capable of
supporting and underlying very complex societies

18. CENTRALISED TRUST SYSTEMS
▪ It provides them with a formalism for expressing
agreement/disagreement, and the argumentative
stance of the source
▪ This is then used to measure a context-sensitive
evaluation of the source
▪ Relying on centralised institutions to measure trust
takes the burden off the interactive agents when
deciding which agents to trust
▪ One observation made in with respect to eBay is that
users feedback is almost always positive. The authors
note that most people do not like giving negative
feedback, unless revenge is a motivation

19. CENTRALISED TRUST SYSTEMS IDEA
▪ Centeralising trust involves laying off the costs of
interacting with and investigating agents to a central
institution or authority
▪ If the agent bears a certificate, then it could be
trusted
▪ However, this does not obviate the need for trust,
but the trust requirements are reduced

20. TRUST INVESTIGATION SYSTEMS
▪ On P2P network, peers make recommendations to
each other about where suitable files might be found
▪ The agents perform an investigation of the others in
order to determine how likely it is that their
recommendations will be useful
▪ Another example of this sort of approach is provided
by systems that negotiate automatically to extract
trust credentials from other parties

21. TRUST INVESTIGATION SYSTEMS IDEA
▪ Trust is a response to uncertainty
▪ But trust imposes risks
▪ Hence, to avoid some risk, one strategy is to reduce
uncertainty by investigating or evaluating other
agents to determine some salient details of
operation
▪ It is not passive; it actively tries to discover aspects
of the environment that are relevant to reduce
uncertainty

22. TRANSITIVE TRUST SYSTEMS
▪ They use the small world theory , which hypothesises
that any pair of objects in a random network will be
connected by a relatively short chain of random
acquaintances
▪ Social network analysis techniques are used in to
measure trust over a Friend of a Friend (FOAF)
network, extended with trust relations
▪ If A trusts B, and B trusts (and maybe recommends) C,
nothing follows about whether A trusts C

23. TRANSITIVE TRUST SYSTEMS IDEA
▪ The idea of this strategy is that an agent sends a
message out about whether a potential agent is
trustworthy
▪ he network of acquaintances of that agent will then
either send back an opinion based on experience, or
pass the message onto its acquaintances, many of
which will be unknown to the first agent

24. COSTS ESTIMATES FOR FIVE TRUST STRATEGIES

25. Conclusion

26. References :
▪ Kieron O’Hara, Harith Alani, Yannis Kalfoglou, and Nigel Shadbolt . 2010. Trust Strategies for the Semantic Web
▪ Saeedeh Shekarpour , S.D. Katebi . 2010. Modeling and evaluation of trust with an extension in semantic web
▪ Bhavani Thuraisingham, 2005. Security standards for the semantic web
▪ D. Artz, Y. Gil, 2007.A survey of trust in computer science and the Semantic Web
▪ J. Golbeck, B. Parsia, J. Hendler. 2003. Trust Networks on the Semantic Web

27. THANK YOU FOR
LISTENING