Security and trust in semantic web
-
Upload
mostafa-arjmand -
Category
Internet
-
view
280 -
download
2
Transcript of Security and trust in semantic web
![Page 1: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/1.jpg)
SECURITY IN
SEMANTIC WEB
![Page 2: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/2.jpg)
THE PRESENTATION INCLUDE THE FOLLOWING :
▪ Introduction
▪ Security standards for the semantic web
▪ Categorization of models of trust
▪ Trust strategies for the Semantic Web
▪ Conclusion
![Page 3: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/3.jpg)
SECURITY STANDARDS FOR THE SEMANTIC WEB
![Page 4: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/4.jpg)
LAYERS FOR THE SECURE SEMANTIC WEB
Layer 1
Layer 2
Layer 3
Layer 4
Layer 5
Logic,Proof,Trust
Secure Ontologies, Secure Semantic Interoperability
RDF Security
XML Security, Secure XML Schemas
Secure TCP/IP, Secure Sockets, Secure HTML , Secure Agents
![Page 5: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/5.jpg)
SECURITY STANDARDS FOR THE SEMANTIC WEB
XML security
RDF security
Secure information interoperability
Trust for the semantic web
![Page 6: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/6.jpg)
CATEGORIZATION OF MODELS OF TRUST
![Page 7: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/7.jpg)
CATEGORIZATION OF MODELS OF TRUST
▪ Centralized modelA centralized node acts as a system manager.▪ Distributed modelNodes are responsible for obtaining mutual trust based on their direct interactions.Distributed models can be divided into: ▪ Global model
▪ Local model
![Page 8: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/8.jpg)
CENTRALIZED MODEL
▪ Manager acquires knowledge such as the ratings of reputation and the precedents of nodes
▪ The manager is responsible for collecting information from both sides involved in interactions
▪ An agent (a node) only communicates with the centralized node to collect information about other node’s reputations
▪ Each node asks the manager to receive trust rating
![Page 9: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/9.jpg)
DISTRIBUTED MODEL
▪ In this model there is no centralized system to govern the reputation The manager is responsible for collecting information from both sides involved in interactions
▪ If node A wants to know node B’s reputation, it has to ask other nodes to evaluate B
▪ Getting trust information about trustee from network
![Page 10: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/10.jpg)
GLOBAL MODEL
▪ This model is based on the degree of popularity of a node in the society
▪ Neighbors of the trustees know them due to their relationships in the past
▪ A node may have had interactions with its neighbors in the past and neighbors have profiles of their precedents
▪ Voting (aggregating the opinions of neighbors or users)is an example of evaluating trust ratings
▪ www.eBay.com and www.Amazon.com auctions have a special trust mechanism ▪ Both of these are implemented as a centralized rating system that manages reputation of each user
▪ But on the other hand the calculation of reputation is based on a global method which depends on the user’s rating
![Page 11: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/11.jpg)
LOCAL MODEL
▪ In this model trust is personal and beliefs vary between two people, personalization should improve the accuracy of the results
▪ Most research reports on trust mechanisms in the semantic web discuss those algorithms that calculate trust from the personal view
▪ The main idea here is that everybody trusts his/her friend’s belief more than a stranger’s belief
▪ According to small world hypothesis, any pair of nodes in a random network will be connected by a relatively short chain of random acquaintances
![Page 12: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/12.jpg)
TRUST STRATEGIES FOR THE SEMANTIC WEB
![Page 13: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/13.jpg)
TRUST STRATEGIES FOR THE SEMANTIC WEB
Optimistic Systems
Pessimistic Systems
Centralised Trust Systems
Trust Investigation Systems
Transitive Trust Systems
![Page 14: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/14.jpg)
OPTIMISTIC SYSTEMS
▪ Optimistic systems accept others unless there is reason not to trust
▪ If the benefits of cooperation are relatively large or the costs of betrayal are relatively small, risk is low, and the gains from trust massively outweigh the gains from distrust
![Page 15: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/15.jpg)
OPTIMISTIC SYSTEMS IDEA
▪ Optimism is a very simple strategy
▪ Basically it is the idea that an agent will trust another agent even if its performance is uncertain, unless there are positive reasons for not trusting it
▪ The basic idea is that trust is the default attitude
![Page 16: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/16.jpg)
PESSIMISTIC SYSTEMS
▪ Given a quantity of such information, agents can be ranked in terms of their reliability
▪ Such systems in effect take a high rank as evidence of reason for trust; hence in such a system many trustworthy agents may fail to be trusted
![Page 17: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/17.jpg)
PESSIMISTIC SYSTEMS IDEA
▪ Pessimistic strategies restrict interactions with agents unless there is a reason to trust them
▪ Note that the pessimism corresponds to trust via personal acquaintance in the offline world, which is the basic model of trust
▪ Such a model of trust is not often capable of supporting and underlying very complex societies
![Page 18: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/18.jpg)
CENTRALISED TRUST SYSTEMS
▪ It provides them with a formalism for expressing agreement/disagreement, and the argumentative stance of the source
▪ This is then used to measure a context-sensitive evaluation of the source
▪ Relying on centralised institutions to measure trust takes the burden off the interactive agents when deciding which agents to trust
▪ One observation made in with respect to eBay is that users feedback is almost always positive. The authors note that most people do not like giving negative feedback, unless revenge is a motivation
![Page 19: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/19.jpg)
CENTRALISED TRUST SYSTEMS IDEA
▪ Centeralising trust involves laying off the costs of interacting with and investigating agents to a central institution or authority
▪ If the agent bears a certificate, then it could be trusted
▪ However, this does not obviate the need for trust, but the trust requirements are reduced
![Page 20: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/20.jpg)
TRUST INVESTIGATION SYSTEMS
▪ On P2P network, peers make recommendations to each other about where suitable files might be found
▪ The agents perform an investigation of the others in order to determine how likely it is that their recommendations will be useful
▪ Another example of this sort of approach is provided by systems that negotiate automatically to extract trust credentials from other parties
![Page 21: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/21.jpg)
TRUST INVESTIGATION SYSTEMS IDEA
▪ Trust is a response to uncertainty
▪ But trust imposes risks
▪ Hence, to avoid some risk, one strategy is to reduce uncertainty by investigating or evaluating other agents to determine some salient details of operation
▪ It is not passive; it actively tries to discover aspects of the environment that are relevant to reduce uncertainty
![Page 22: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/22.jpg)
TRANSITIVE TRUST SYSTEMS
▪ They use the small world theory , which hypothesises that any pair of objects in a random network will be connected by a relatively short chain of random acquaintances
▪ Social network analysis techniques are used in to measure trust over a Friend of a Friend (FOAF) network, extended with trust relations
▪ If A trusts B, and B trusts (and maybe recommends) C, nothing follows about whether A trusts C
![Page 23: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/23.jpg)
TRANSITIVE TRUST SYSTEMS IDEA
▪ The idea of this strategy is that an agent sends a message out about whether a potential agent is trustworthy
▪ he network of acquaintances of that agent will then either send back an opinion based on experience, or pass the message onto its acquaintances, many of which will be unknown to the first agent
![Page 24: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/24.jpg)
COSTS ESTIMATES FOR FIVE TRUST STRATEGIES
![Page 25: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/25.jpg)
Conclusion
![Page 26: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/26.jpg)
References :
▪ Kieron O’Hara, Harith Alani, Yannis Kalfoglou, and Nigel Shadbolt . 2010. Trust Strategies for the Semantic Web
▪ Saeedeh Shekarpour , S.D. Katebi . 2010. Modeling and evaluation of trust with an extension in semantic web
▪ Bhavani Thuraisingham, 2005. Security standards for the semantic web
▪ D. Artz, Y. Gil, 2007.A survey of trust in computer science and the Semantic Web
▪ J. Golbeck, B. Parsia, J. Hendler. 2003. Trust Networks on the Semantic Web
![Page 27: Security and trust in semantic web](https://reader035.fdocuments.in/reader035/viewer/2022070522/58ee83bd1a28abcd758b4649/html5/thumbnails/27.jpg)
THANK YOU FOR LISTENING