Assert4soa cluster meeting

Ontologies in ASSERT4SOAOntologies in ASSERT4SOA

D. Presenza (ENG)D. Presenza (ENG)

July 4, 2011- AmsterdamJuly 4, 2011- Amsterdam

� ASSERT Ontology & Design Questions

� the Community

� the Domain

� the Formalism

� the Structure

� An ASSERT-O Example

� Reasoning support

� Conclusions

2 Ontologies in ASSERT4SOA ( D. Presenza), July 4th 2011

Outline

Ontologies in ASSERT4SOA

� ASSERT4SOA is investigating the use of OWL-DL to deliver

an ontology aimed to:

� describe security properties of software services. (Objective 1)

� support the interoperability and comparison of the different

kinds of certificate managed by the ASSERT4SOA software

framework (Objective 2)

Design Questions

� “An ontology is a formal explicit specification of a shared

conceptualization of a domain.” [Gruber 1993]

� Community (who is going to share it?)

� Domain (what is being conceptualised?)

� Formalism (which formalism for it?)

ASSERT Ontology who: the Community

ASSERT4SOAOntology

Service Providers

Service Counsumers

CertificationAuthorities

EvaluationBodies

ASSERT Ontology what: the Domain

Web Service

ASSERT

Security Property

about certifies

Web Service Model

ASSERT Ontology what: the Domain (SotA)

� Semantic Web Services technologies� OWL-S

� WSMO

� SAWSDL

� …

� Security Ontologies defining Security Objectives (a.k.a . Properties)� Naval Research Laboratory (NRL) Security Ontology [Kim et al. 2005]

� Information Security Ontology [Herzog et al. 2007]

� SecurityOntology [Fenz & Ekelhart 2009]

� …

� Certification & Accreditation Ontologies� DISTCAP Problem Domain Ontology (PDO) [Lee et al. 2006]

� Common Criteria (CC) Ontology [Ekelhart et al. 2007]

� …

ASSERT Ontology how: the Formalism

� OWL 2 is a class of languages (OWL 2 Full, OWL 2 DL) defined by W3C to formalise ontologies.

� OWL 2 DL semantic is an extension of SROIQ description logic.

� Datatypes and punning

� OWL 2 DL, as many Description Logics (DLs), is a decidable fragment of First Order Logic (FOL):

� Class Expression Satisfiability

� Class Expression Subsumption (is a concept a subset of another concept ?)

� Instance Checking (is a particular instance a member of a given concept ?)

� Boolean Conjunctive Query Answering

ASSERT4SOA Ontology: structure

ASSERT4SOA Top Ontology

ASSERT-EOntology

ASSERT-MOntology

ASSERT-OOntology

ASSERT-*Certificate instances

ASSERT-* specific Terms/Concepts e.g. Test Unit, Role, Agent, …

General Terms/Concepts e.g. Event, Document, Actor, Time-Span, …

WP3 Objective 1WP3 Objective 2

ASSERT4SOA Ontology: structure

ASSERT4SOA Top OntologyGeneral Terms/Concepts e.g. Event, Document, Actor, Time-Span, …

Open CYC 2 (OWL-DL)

WSDL CCWS-Policy

A4S FL

Ontology-base Certificate (ASSERT-O): an Example

� Web Service� ClassAssertion( :certificateXYZ : ASSERT_O)

� ObjectPropertyAssertion( :scheme :certificateXYZ : CommonCriteriaCertificate)

� ObjectPropertyAssertion( : about :certificateXYZ :remoteSecureStorage)

� Security Property Assertion� ClassAssertion( :remoteSecureStorage : AuthenticityPreservingSystem)

� Service/System Model� ObjectPropertyAssertion( : hasRole :remoteSecureStorage :R1)

� ObjectPropertyAssertion( : hasRole :remoteSecureStorage :R2)

� ObjectPropertyAssertion( : trusts :R1 :R2)

� ObjectPropertyAssertion( : performs :R1 :A)

� ObjectPropertyAssertion( : performs :R2 :B)

� ObjectPropertyAssertion( : precedes :A :B)

� …

ASSERT-O: an Example

� ObjectPropertyAssertion( :scheme :certificateXYZ : CommonCriteriaCertificate)

� …

Security Property described asOWL-DL Class within the ASSERT-O Ontology

� ObjectPropertyAssertion( :scheme :certificateXY : CommonCriteriaCertificate)

OWL-DL description of Web Service (i.e. remoteSecureStorage)

� ClassAssertion( :certificateXYZ : CommonCriteriaCertificate)

� …

OWL-DL Properties described within ASSERT-O Ontology

ASSERT Ontology: Reasoning

Web Service

ASSERT

Security Property

about certifies

Web Service Model

ASSERT -* Mapping(Class Expression Subsumption)

Property Relations Discovery(Class Expression Subsumption)

Model/Property Consistency (Instance Checking)

ASSERT Ontology: Reasoning

Web Service

ASSERT

Security Property

about certifies

Web Service Model

ASSERT -* Mapping(Class Expression Subsumption)

Property Relations Discovery(Class Expression Subsumption)

Model/Property Consistency (Instance Checking)

Objective 2

Objective 1

ASSERT Ontology: Lifecycle

Security Property

Security Pattern

provides

Web Service Model

pattern

structure

Security Control

ASSERT

about certifies

Web Service

ASSERT Ontology: Contributors

Security Property

Security Pattern

provides

Web Service Model

pattern

structure

Security Control

ASSERT

about certifies

Web Service

Conclusions

� ASSERT4SOA is investigating the use of OWL-DL to deliver

an ontology aimed to:

� describe security properties of software services. (Objective 1)

� support the interoperability and comparison of the different

kinds of certificate managed by the ASSERT4SOA software

framework (Objective 2)

� Certificates, Security Properties and model of Services

represented by means of OWL-DL class/properties

� Use off-the-shelf OWL-DL reasoners to map certificates,

discover relations, check consistency.

End of Presentation

� Thank you!

Backup slide SROIQ & “punning”

� “Punning”� ClassAssertion( : Father :John)

� ClassAssertion( :SocialRole : Father)

� Description languages are distinguished by the

constructs they provide.

SSSS AL: Attributive LanguageC: NegationR+: Transitive roles (predicates)

--“hasAncestor”

RRRR Intersection of Roles (predicates)

OOOO one-of The class MyBirthDayGuests contains only Bill, John, Mary

IIII Inverse roles (predicates) Property “hasChild” is ithe nverse of “hasParent”

QQQQ Qualified number number restriction The class of persons having at least two male childs

Assert4soa cluster meeting

Education

Transcript of Assert4soa cluster meeting

Integrated Deal Construction: Cluster CCNY Sales Meeting

Logistics Cluster Global Meeting NOTE FOR THE RECORD · · 2017-06-16Logistics Cluster Global Meeting ... 3 GLOBAL MEETING ACTION POINTS ... these aims drive targeted enhancements

National Health Cluster Coordination Meeting

Social Media: Cluster CCNY Sales Meeting

2013 National Cluster Meeting Brochure

Health Cluster Meeting - HumanitarianResponse · Health Cluster Meeting 5th August Action Items Person Responsible Health Information. Maternal mortality and stillbirths. Maternal

Banadir Sub-National Food Security Cluster Meeting

Global Health Cluster Newsletter January 2013 · Global Health Cluster Newsletter January 2013 What’s new from the Global Health Cluster? GHC meeting. The GHC held a meeting at

VIKING cluster meeting 1

Posecco cluster meeting

120215 Cluster Meeting

Education Sub-Cluster-Hudaydah Meeting Minutes-Hudaydah Hub … · 2020-04-19 · Education Sub-Cluster-Hudaydah Meeting Minutes-Hudaydah Hub 19 April 2020 Venue: Zoom Meeting (Online)

Vis sense cluster meeting

EYFS Cluster Meeting: Learning and Developing through I.C.T.

SDK Cluster Ontology Working Group Meeting Welcome

Kelly Hunt Cluster Leaders Meeting Presentation.pdf

National Education Cluster meeting - humanitarianresponse.info · National Education Cluster meeting Monday 15th May 2017 aaljibara@unicef.org 0780 921 4815 ... • Participatory,

Shelter Cluster meeting CEBU - HumanitarianResponse Cluster meeting CEBU ... Tesda:"training"curriculum"! ... One"to"one"discussion"on"design"per"interested"agency"!

Cluster meeting fall 2013 final monroe

Cluster Meeting 2