Designing Reliable Web Security Systems Using Rule-Based Systems Approach

  • Grzegorz J. Nalepa
  • Antoni Ligeza
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2663)


This paper shows that rule-based web security systems, such as firewalls, can be largely improved by using formal design and verification techniques. The principal idea consists of an integrated design and verification methodology, supported by an integrated graphical environment for rule-based systems development. System structure is described in a XML-based meta-level knowledge representation language. System domain knowledge and semantics is represented in RDF and Ontologies-based description. Formal properties of the system can be verified on-line by an integrated Prolog-based inference engine.


Security Policy Intrusion Detection System Decision Table Principal Idea Graphical Environment 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Andert, E.P.: Integrated knowledge-based system design and validation for solving problems in uncertain environments. Int. J. of Man-Machine Studies, 36, 1992, 357–373.CrossRefGoogle Scholar
  2. 2.
    Coenen, F.: Validation and verification of knowledge based systems: Report on EUROVAV’99. Knowledge Engineering Review, 15:2, 2000, 187–196.CrossRefGoogle Scholar
  3. 3.
    Ligeza, A.: Logical support for design of rule-based systems. Reliability and quality issues, ECAI-96 Workshop on Validation, Verification and Refinement of Knowledge-based Systems, ECAI’96, 1996, Budapest, 28–34.Google Scholar
  4. 4.
    Ligeza, A.: Intelligent data and knowledge analysis and verification; towards a taxonomy of specific problems. In [5], 1999, 313–325.Google Scholar
  5. 5.
    Vermesan, A. and F. Coenen (Eds.): Validation and Verification of Knowledge Based Systems — Theory, Tools and Practice. Kluwer Academic Publishers, Boston, 1999.Google Scholar
  6. 6.
    de Hoog, R.: Methodologies for Building Knowledge-Based Systems: Achievements and Prospectus. A Chapter in [7].Google Scholar
  7. 7.
    Liebowitz, J.: The Handbook of Applied Expert Systems. CRC Press, Boca Raton, 1998.zbMATHGoogle Scholar
  8. 8.
    Ligeza, A.: Toward logical analysis of tabular rule-based systems. International Journal of Intelligent Systems, Vol. 16, 333–360, 2001.zbMATHCrossRefGoogle Scholar
  9. 9.
    Ligeza A, Wojnicki I., Nalepa G.J., Tab-Trees: a CASE tool for the design of extended tabular systems Database and expert systems applications: 12th International Conference, DEXA 2001: Munich, September 3–5, 2001,: proceedings / eds. Heinrich C. Mayr [et al.]. — Berlin: Springer, 2001. — (Lecture Notes in Computer Science; 2113).Google Scholar
  10. 10.
    Nalepa G.J., Ligeza A, Graphical CASE tools for integrated design and verification of rule-based systems, Symposium on Methods of Artificial Intelligence: proceedings/ eds. Burczynski T. [et al.], Silesian University of Technology, Polish Association for Computational Mechanics, Gliwice, 2001.Google Scholar
  11. 11.
    Wielinga B. J., Schreiber A. Th. Breuker J. A.: KADS: A modeling approach to knowledge engineering. Readings in Knowledge Acquisition and Learning, Morgan Kaufmann 1992, Los Altos, CA.Google Scholar
  12. 12.
    Lee K. J., Boley H., Tabet S.: Issues in Semantic Web-based E-Commerce and Rule Markup Languages, ICEC 2001, Workshop on Semantic Web-based E-Commerce and Rules Markup Languages, November 2nd, 2001, Vienna, Austria.Google Scholar
  13. 13.
    Roesch M., Green C.,: Snort Users Manual Snort Release: 1.9.1, — The Open Source Network Intrusion Detection System, 2002.
  14. 14.
    Ott A., Fischer-Hubner S.: The Rule Set Based Access Control (RSBAC) Framework for Linux, Karlstad University Studies, 2001, (
  15. 15.
    Siminski R.: Knowledge-base verification based on the decision unit concept, Proceedings of Knowledge Engineering and Expert Systems, Z. Bubnicki and A. Grzech (Eds.), Wroclaw, 2000, Vol. II, 73–80 (in Polish).Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Grzegorz J. Nalepa
    • 1
  • Antoni Ligeza
    • 1
  1. 1.Institute of AutomaticsUniversity of Mining and MetallurgyKrakówPoland

Personalised recommendations