Advertisement

Towards Cross-Domain Security Properties Supported by Ontologies

  • York Sure
  • Jochen Haller
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3307)

Abstract

Security is considered as a major driver for the success of E-Business, especially in a business-to-business environment. Current research activities in this area are conducted in European Union funded research projects, such as TrustCoM putting an emphasis on the collaborative aspects of business processes across administrative and trust domains. With respect to the tendency of business partners to set up their own security islands, e.g. based on isolated Public Key Infrastructures (PKIs), this development introduces a contradiction for collaborative business process. Clearly expressed process related security requirements across domains can not be met by domain specific security infrastructures. This contribution explores the possibility to bridge the identified gap using semantic relationships contributed by ontologies.

Keywords

Business Process Security Property Trust Management Trusted Third Party Virtual Organization 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Herbert, J.: Introducing security to the small business enterprise. In: GIAC (2003)Google Scholar
  2. 2.
    Robinson, P., Haller, J.: Revisiting the firewall abolition act. HICCS-36 (2002) Google Scholar
  3. 3.
    SPKI-WorkingGroup: SPKI/SDSI. IETF RFC 2692 and 2693 (1996), available at, http://theworld.com/cme/html/spki.html#1-SPKI/SDSI
  4. 4.
    Uszok, A., Bradshaw, J., Jeffers, R., Suri, N., Hayes, P., Breedy, M., Bunch, L., Johnson, M., Kulkarni, S., Lott, J.: KAoS policy and domain services: Toward a description-logic approach to policy representation, deconfliction, and enforcement. In: Workshop on Web Services and Agent-based Engineering (2003)Google Scholar
  5. 5.
    Gutman, P.: Everything you never wanted to know about pki but were forced to find out (2001), available at, http://www.cs.auckland.ac.nz/pgut001/pubs/pkitutorial.pdf
  6. 6.
    Turnbull, J.: Cross-certification and pki policy networking. Entrust (2000)Google Scholar
  7. 7.
    Brickley, D., Guha, R.V.: X.509. IETF RFC 2459 (2004), available at, http://www.ietf.org/html.charters/pkix-charter.html
  8. 8.
    Strader, T., Lin, F., Shaw, M.: Information structure for electronic virtual organization management, decision support systems, pp. 75–94 (1998)Google Scholar
  9. 9.
    Gruber, T.: Towards principles for the design of ontologies used for knowledge sharing. International Journal of Human-Computer Studies 43 (1995)Google Scholar
  10. 10.
    Sure, Y., Angele, J., Staab, S.: OntoEdit: Multifaceted inferencing for ontology engineering. Journal on Data Semantics, 128–152 (2003)Google Scholar
  11. 11.
    Pinto, H., Tempich, C., Staab, S., Sure, Y.: DILIGENT: Towards a fine-grained methodology for DIstributed, Loosely-controlled and evolvInG Engingeering of oNTologies. In: Proceedings of the 16th European Conference on Artificial Intelligence (ECAI 2004), Valencia, Spain, August 22nd - 27th (2004)Google Scholar
  12. 12.
    Smith, M.K., Welty, C., McGuinness, D.: OWL Web Ontology Language Guide (2004) W3C Recommendation 10 February (2004), available at, http://www.w3.org/TR/owl-guide/
  13. 13.
    Kifer, M., Lausen, G., Wu, J.: Logical foundations of object-oriented and frame-based languages. Journal of the ACM 42, 741–843 (1995)zbMATHCrossRefMathSciNetGoogle Scholar
  14. 14.
    Decker, S., Erdmann, M., Fensel, D., Studer, R.: Ontobroker: Ontology Based Access to Distributed and Semi-Structured Information, pp. 351–369. Kluwer Academic Publisher, Dordrecht (1999)Google Scholar
  15. 15.
    Biskup, J., Karabulut, Y.: A hybrid pki model with an application for secure mediation. In: 16th Annual IFIP WG11.3 Working Conference on Data and Application Security, pp. 271–282 (2002)Google Scholar
  16. 16.
    Karabulut, Y.: Towards a next-generation trust management infrastructure for open computing systems. In: SPPC:Workshop on Security and Privacy in Pervasive Computing (2004)Google Scholar
  17. 17.
    Ahmedi, L., Marron, P.J., Lausen, G.: Ldap-based ontology for information integration. 9. Fachtagung Datenbank systeme in Buero, Technik und Wissenschaft (2001)Google Scholar
  18. 18.
    Josang, A.: Logic for uncertain probabilities. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems, 279–311 (2001), Available at, http://security.dstc.edu.au/papers/logunprob.pdf
  19. 19.
    McIlraith, S.A., Son, T.C., Zeng, H.: Semantic web services. IEEE Intelligent Systems 16, 46–53 (2001)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • York Sure
    • 1
  • Jochen Haller
    • 2
  1. 1.Institute AIFBUniversity of KarlsruheKarlsruheGermany
  2. 2.SAP ResearchKarlsruheGermany

Personalised recommendations