Skip to main content
SpringerLink
Log in

Security Ontology to Facilitate Web Service Description and Discovery

  • Conference paper
Journal on Data Semantics IX

Part of the book series: Lecture Notes in Computer Science ((JODS,volume 4601))

Abstract

Annotation with security-related metadata enables discovery of resources that meet security requirements. This paper presents the NRL Security Ontology, which complements existing ontologies in other domains that focus on annotation of functional aspects of resources. Types of security information that could be described include mechanisms, protocols, objectives, algorithms, and credentials in various levels of detail and specificity. The NRL Security Ontology is more comprehensive and better organized than existing security ontologies. It is capable of representing more types of security statements and can be applied to any electronic resource. The class hierarchy of the ontology makes it both easy to use and intuitive to extend. We applied this ontology to a Service Oriented Architecture to annotate security aspects of Web service descriptions and queries. A refined matching algorithm was developed to perform requirement-capability matchmaking that takes into account not only the ontology concepts, but also the properties of the concepts.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. IA Architecture and Technical Framework: Executive Summary of the End-to-End IA Component of the GIG Integrated Architecture, National Security Agency Information Assurance Directorate (2004)

    Google Scholar 

  2. Kim, A., Luo, J., Kang, M.: Security Ontology for Annotating Resources. In: Meersman, R., Tari, Z. (eds.) On the Move to Meaningful Internet Systems 2005: CoopIS, DOA, and ODBASE. LNCS, vol. 3761, pp. 1483–1499. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  3. Kim, A., Luo, J., Kang, M.: Security Ontology for Annotating Resources. Naval Research Lab, NRL Memorandum Report, NRL/MR/5540-05-641, p. 51, Washington, DC (2005)

    Google Scholar 

  4. Denker, G., Kagal, L., Finin, T., Paolucci, M., Sycara, K.: Security for DAML Web Services: Annotation and Matchmaking. In: Fensel, D., Sycara, K.P., Mylopoulos, J. (eds.) ISWC 2003. LNCS, vol. 2870, pp. 335–350. Springer, Heidelberg (2003)

    Google Scholar 

  5. Denker, G., Nguyen, S., Ton, A.: OWL-S Semantics of Security Web Services: a Case Study. In: 1st European Semantic Web Symposium, Heraklion, Greece (2004)

    Google Scholar 

  6. Kagal, L., Paolucci, M., Srinivasan, N., Denker, G., Finin, T., Sycara, K.: Authorization and Privacy for Semantic Web Services. In: AAAI Spring Symposium, Workshop on Semantic Web Services, Stanford, California (2004)

    Google Scholar 

  7. W3C: DAML+OIL, Reference Description (March 2001), http://www.w3.org/TR/daml+oil-reference

  8. W3C: OWL Web Ontology Language Overview (2004), http://www.w3.org/TR/owl-features/

  9. IETF and W3C Working Group: XML Encryption (2001), http://www.w3c.org/Encryption/2001

  10. IETF and W3C Working Group: XML Signature (2003), http://www.w3c.org/Signature

  11. OASIS SSTC: Security Assertion Markup Language (SAML) 2.0 Technical Overview, Working Draft (2005), http://www.oasis-open.org/committees/download.php/12938/sstc-saml-tech-overview-2.0-draft-06.pdf

  12. Bishop, M.: Computer Security: Art and Science. Addison-Wesley, Boston, MA (2002)

    Google Scholar 

  13. Pfleeger, C.P., Pfleeger, S.L.: Security in Computing, 3rd edn. Prentice-Hall, New Jersey (2003)

    Google Scholar 

  14. Noy, N.F., McGuinness, D.L.: Ontology Development 101: A Guide to Creating Your First Ontology, Stanford Knowledge Systems Laboratory, KSL-01-05 (2001)

    Google Scholar 

  15. Naval Research Lab 4SEA Project: NRL Ontology Files (2005), http://chacs.nrl.navy.mil/projects/4SEA/ontology.html

  16. W3C Recommendation: OWL Web Ontology Language Guide, vol. 2005, W3C (2004)

    Google Scholar 

  17. DAML Ontology Library, http://www.daml.org/ontologies/

  18. Schneier, B.: Applied Cryptography, 2nd edn. John Wiley and Sons, Inc., New York (1996)

    Google Scholar 

  19. Ferraiolo, D.F., Kuhn, D.R., Chandramouli, R.: Role-Based Access Control. Artech House, Norwood, MA (2003)

    MATH  Google Scholar 

  20. Committee on National Security Systems: National Information Assurance (IA) Glossary, Ft. Meade, MD, p. 85 (2003), http://www.cnss.gov/Assets/pdf/cnssi_4009.pdf

  21. Martin, D., Burstein, M., Hobbs, J., Lassila, O., McDermott, D., McIlraith, S., Narayanan, S., Paolucci, M., Parsia, B., Payne, T., Sirin, E., Srinivasan, N., Sycara, K.: OWL-S: Semantic Markup for Web Services (2003), http://www.daml.org/services/owl-s/1.1/overview/

  22. DAML: OWL-S 1.1, DAML Program.

    Google Scholar 

  23. Luo, J., Montrose, B., Kang, M.: An Approach for Semantic Query Processing with UDDI. In: Meersman, R., Tari, Z., Herrero, P. (eds.) On the Move to Meaningful Internet Systems 2005: OTM 2005 Workshops. LNCS, vol. 3762, pp. 89–98. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  24. Luo, J., Montrose, B., Kim, A., Khashnobish, A., Kang, M.: Adding OWL-S Support to the Existing UDDI Infrastructure. In: IEEE International Conference on Web Services (ICWS 2006), Chicago, USA (2006)

    Google Scholar 

  25. Kang, M., Kim, A., Luo, J., Montrose, B., Khashnobish, A.: Ontology-based Security Specification Tools for SOA. In: 17th Information Resource Management Association Conference (IRMA 2006), Washington, DC (2006)

    Google Scholar 

  26. Srinivasan, N., Paolucci, M., Sycara, K.: Adding OWL-S to UDDI, Implementation and Throughput. In: Cardoso, J., Sheth, A.P. (eds.) SWSWPC 2004. LNCS, vol. 3387, Springer, Heidelberg (2005)

    Google Scholar 

  27. Jaeger, M., Tang, S.: Ranked Matching for Service Descriptions using DAML-S. In: Enterprise Modelling and Ontologies for Interoperability (EMOI), INTEROP 2004, Riga, Latvia (2004)

    Google Scholar 

  28. Paolucci, M., Kawamura, T., Payne, T.R., Sycara, K.: Importing the Semantic Web in UDDI. In: Web Services, E-business and Semantic Web Workshop (ESSW 2002) (2002)

    Google Scholar 

  29. Sivashanmugam, K., Verma, K., Sheth, A., Miller, J.: Adding Semantics to Web Service Standards. In: 1st International Conference on Web Service (ICWS 2003), Las Vegas, Nevada (2003)

    Google Scholar 

  30. Colgrave, J., Akkiraju, R., Goodwin, R.: External Matching in UDDI. In: Proceedings of the International Conferences on Web Services (ICWS 2004), San Diego, California, USA (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Center for High Assurance Computer Systems, Naval Research Laboratory, Washington, DC 20375,  

    Anya Kim, Jim Luo & Myong Kang

Authors
  1. Anya Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jim Luo
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Myong Kang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Stefano Spaccapietra Paolo Atzeni François Fages Mohand-Saïd Hacid Michael Kifer John Mylopoulos Barbara Pernici Pavel Shvaiko Juan Trujillo Ilya Zaihrayeu

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kim, A., Luo, J., Kang, M. (2007). Security Ontology to Facilitate Web Service Description and Discovery. In: Spaccapietra, S., et al. Journal on Data Semantics IX. Lecture Notes in Computer Science, vol 4601. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74987-5_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-74987-5_6

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-74982-0

  • Online ISBN: 978-3-540-74987-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation