1 / 27

Trustworthy Semantic Webs

This lecture discusses the transition from the current web to the semantic web, including applications, technologies, and the layered approach. It also explores the role of web services, knowledge management, e-commerce, and personal agents. The lecture covers semantic web technologies such as explicit metadata, ontologies, and logic.

joanbjohnson
Télécharger la présentation

Trustworthy Semantic Webs

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Trustworthy Semantic Webs Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #3 Semantic Web, Web Services and Security

  2. Outline • Today’s Web • From web to semantic web • Applications and Technologies • Layered Approach • Web Services Introduction

  3. Today’s Web • High recall, low precision: Too many web pages resulting in searches, many not relevant • Sometimes low recall • Results sensitive to vocabulary: Different words even if they mean the same thing do not results in same web pages • Results are single web pages not linked web pages

  4. From Today’s Web to the Semantic Web • Machine understandable web pages • Activities on the web such as searching with little or no human intervention • Technologies for knowledge management, e-commerce, interoperability] • Solutions to the problems faced by today’s web • Retrieving appropriate web pages, sensitive to vocabulary etc. • Semantic web applications including

  5. Layered Approach: Tim Berners Lee’s Visionwww.w3c.org

  6. Applications: Web Services • Web Services refers to the technologies that allow for making connections. • Services are what you connect together using Web Services. • A service is the endpoint of a connection. • Also, a service has some type of underlying computer system that supports the connection offered. • The combination of services - internal and external to an organization - make up a service-oriented architecture. 

  7. Knowledge Management • Corporation Need • Searching, extracting and maintaining information, uncovering hidden dependencies, viewing information • Semantic web for knowledge management • Organizing knowledge, automated tools for maintaining knowledge, question answering, querying multiple documents, controlling access to documents

  8. Business to Consumer E-Commerce • Users shopping on the web; wrapper technology is used to extract information about user preferences etc. and display the products to the user • Use of semantic web: Develop software agents that can interpret privacy requirements, pricing and product information and display timely and correct information to the use; also provides information about the reputation of shops • Future: negotiation among the behalf of the user

  9. Business to Business E-Commerce • Organizations work together and carrying out transactions such as collaborating on a product, supply chains etc. With today’s web lack of standards for data exchange • Use of semantic web: XML is a big improvement, but need to agree on vocabulary. Future will be the use of ontologies to agree on meanings and interpretations

  10. Personal Agents • Agents are essentially processes that have evolved from object-oriented programming; agent is an active objects • Agents will use metadata to find resources on the web; ontologies will be used to interpret statements; logic will be used for drawing conclusions • Agents will not completely replace humans; but will make the tasks of the humans much easier. • Example: John is a president of a company. He needs to have a surgery for a serious but not a critical illness. With current web he has to check each web page for relevant information, make decisions depending on the information provided • With the semantic web, the agent will retrieve all the relevant information, synthesize the information, ask John if needed, and then present the various options to John and also makes recommendations

  11. Semantic Web Technologies • Explicit metadata • XML, RDF, etc. • Ontologies (e.g, OWL) • Logic/Rules (e.g., RuleML, SWRL)

  12. Explicit metadata • Metadata is data about data • Need metadata to be explicitly specified so that different groups and organizations will know what is on the web • Using metadata, one can then carry out various activities such as searching, integration and executing actions • Metadata specification languages include XML and RDF

  13. Ontologies • Explicit and formal specification of conceptualization describes a domain of discourse • Consists of concepts and prelateships between them • Web searches can exploit ontologies to facilitate the search process • Ontology languages include XML, RDF, OWL

  14. Ontology Engineering? • Tools and Techniques to • Create Ontologies • Specify Ontologies • Maintain Ontologies • Query Ontologies • Evolve Ontologies • Reuse Ontologies • Incorporate features such as security, data quality, integrity

  15. Logic • Logic can be used to specify facts as well as rules • New facts and derived from existing facts based on the inference rules • Descriptive Logic is the type of logic that has been developed for semantic web applications • Example Logic-based languages: SWRL, RuleML • Semantic web vs. Artificial Intelligence • Goal of Artificial Intelligence is to build an intelligent agent exhibiting human-level intelligence • Goal of the semantic web is to enable machine understandable web pages

  16. Overview of Web Services • Service Oriented Architectures • Web Services Description Language • UDDI • SOAP • WSDL with XML • Security • OASIS • Federated identity

  17. Service Oriented Architectures (SOA) • A service-oriented architecture is essentially a collection of services. ; These services communicate with each other. • A service is a function that is well-defined, self-contained, and does not depend on the context or state of other services • The communication can involve either simple data passing or it could involve two or more services coordinating some activity. Some means of connecting services to each other is needed. • The technology of web services is the most likely connection technology of service-oriented architectures. Web services essentially use XML Technology create a robust connection. • A service consumer sends a service request message to a service provider ; The service provider returns a response message to the service consumer. • The request and subsequent response connections are defined in some way that is understandable to both the service consumer and service provider. • A service provider can also be a service consumer. 

  18. Query UDDI Service requestor BusinessService Web Services BusinessEntity <dsig:Signature> tModel BusinessService PublisherAssertion BindingTemplate Service provider

  19. Web Services Description Language • The Web Services Description Language (WSDL) forms the basis for Web Services. The steps involved in providing and consuming a service are: • A service provider describes its service using WSDL. This definition is published to a directory of services. The directory could use Universal Description, Discovery, and Integration (UDDI). Other forms of directories can also be used. • A service consumer issues one or more queries to the directory to locate a service and determine how to communicate with that service.  • Part of the WSDL provided by the service provider is passed to the service consumer. This tells the service consumer what the requests and responses are for the service provider. • The service consumer uses the WSDL to send a request to the service provider. • The service provider provides the expected response to the service consumer.

  20. UDDI • The UDDI registry is intended to eventually serve as a means of "discovering" Web Services described using WSDL . • The idea is that the UDDI registry can be searched in various ways to obtain contact information and the Web Services available for various organizations. • UDDI registry is a way to keep up-to-date on the Web Services your organization currently uses • Alternative to UDDI is ebXML Directory

  21. SOAP • All the messages are sent using SOAP. (SOAP at one time stood for Simple Object Access Protocol; Now, the letters in the acronym have no particular meaning .) • SOAP essentially provides the envelope for sending the Web Services messages. • SOAP generally uses HTTP , but other means of connection may be used. • HTTP is the familiar connection we all use for the Internet. • It is the pervasiveness of HTTP connections that will help drive the adoption of Web Services.

  22. WDSL with XML • WSDL uses XML to define messages. • XML has a tagged message format. • Both the service provider and service consumer use these tags. • In fact, the service provider could send the data in any order. • The service consumer uses the tags and not the order of the data to get the data values.

  23. Security • Security and authorization specifications include: • eXtensible Access Control Markup Language (XACML) • eXtensible Rights Markup Language (XrML) • Security Assertion Markup Language (SAML) • Service Protection Markup Language (SPML) • Web Services Security (WSS) • XML Common Biometric Format (XCBF) • XML Key Management Specification (XKMS)

  24. Security • Firewalls • Specialized XML firewalls offer the promise of protecting internal systems when using Web Services. • Traditional firewalls offer protection at the packet level and do not examine the contents of messages. • XML firewalls, on the other hand, examine the contents of messages. This includes the SOAP headers and the XML content. • They are designed to permit authorized content to pass through the firewall.

  25. Security: Examples XACML, SAML, WSS • XACML (OASIS Spec) • eXtensible Access Control Markup Language (XACML) provides fine grained control of authorized activities, the effect of characteristics of the access requestor, the protocol over which the request is made, authorization based on classes of activities, and content introspection. • SAML (OASIS Spec) • It is an XML framework for exchanging authentication and authorization information. It is used with WSS • WSS (OASIS Spec) • It describes enhancements to SOAP messaging in order to provide quality of protection through message integrity, and single message authentication. These mechanisms can be used to accommodate a wide variety of security models and encryption technologies.

  26. OASIS • Organization for the Advancement of Structured Information Standards (OASIS) • OASIS is a not-for-profit, global consortium that drives the development, convergence, and adoption of e-business standards. • Members themselves set the OASIS technical agenda, using a lightweight, open process expressly designed to promote industry consensus and unite disparate efforts. • OASIS produces worldwide standards for security, Web Services, XML conformance, business transactions, electronic publishing, topic maps, and interoperability within and between marketplaces. OASIS also hosts XML.org, which provides information about the application of XML, and The Cover Pages which is a reference collection supporting the SGML/XML family of markup language standards and their application.

  27. Federated Identity • Federated identity allows users to link identity information between accounts without centrally storing personal information. • Also, users can control when and how their accounts and attributes are linked and shared between domains and Service Providers, allowing for greater control over their personal data. • In practice, this means that users can be authenticated by one company or Web site and be recognized and delivered personalized content and services in other locations without having to re-authenticate or sign on with a separate username and password.  • Standards include Identity Web Services Framework (I-WSF)

More Related