Aditya Bagchi

Design of a Data Model for Social Network Applications

A social network defines the structure of a social community like an organization or institution, covering its members and their inter-relationships. Social relationships among the members of a community can be of different types like friendship, kinship, professional, academic, and so forth. Traditionally, a social network is represented by a directed graph. Analysis of graph structure representing a social network is done by the sociologists to study a community. Hardly any effort has been made to design a data model to store and retrieve social-network-related data. In this paper, an object-relational graph data model has been proposed for modeling a social network. The objective is to illustrate the power of this generic model to represent the common structural and node-based properties of different social network applications. A novel, multi-paradigm architecture has been proposed to efficiently manage the system. New structural operators have been defined in the paper and the application of these operators has been illustrated through query examples. The completeness and the minimality of the operators have also been shown.

Complex Queries on Web Graph representing a Social Network

A social network represents a social community as a directed graph. Formation of Web-communities and referral systems has exploited Web as a source of social network. Efforts have been made to represent Web as a social network and then to analyze the corresponding digraph. Authors of this paper have earlier proposed a data model for Web- based social network. Present paper describes index structures relevant to such data model. Query examples have been provided to show the efficacy of the proposed query operators.

A formal methodology for detection of vulnerabilities in an enterprise information system

From information security point of view, an enterprise is considered as a collection of assets and their interrelations. These interrelations may be built into the enterprise information infrastructure, as in the case of connection of hardware elements in network architecture, or installation of software or information assets in hardware. As a result, access to one element may enable access to another if they are connected. An enterprise may specify conditions on the access of certain assets in certain mode (read, write etc.) as policies. The interconnection of assets, along with specified policies, may lead to managerial vulnerabilities in the enterprise information system. These vulnerabilities, if exploited by threats, may cause disruption to the normal functioning of information systems. This paper presents a formal method for detection of managerial vulnerabilities of enterprise information systems in linear time.

Association against dissociation: some pragmatic considerations for frequent itemset generation under fixed and variable thresholds

Traditionally, support is considered to be the standard measure for frequent itemset generation in Association Rule mining. This paper provides a new measure called togetherness where dissociation among items is also considered as a parameter in the frequent itemset generation process. Results of performance analysis show that association against dissociation is a more pragmatic approach and discovers truly associated candidate itemsets. Second part of the paper extends this togetherness measure to the domain of variable threshold. Here, like variable minimum support, a variable minimum togetherness has been proposed where this minimum value decreases as the itemset size increases. A simple and pragmatic process has been described, which can be easily implemented. It also provides ample control facilities in the hand of the users. Necessary change and extension of the existing algorithms have been made to establish the concepts. Here as well, results of performance analysis justify the approach.

A Formal Methodology for Detecting Managerial Vulnerabilities and Threats in an Enterprise Information System

From information security point of view, an enterprise is considered as a collection of assets and their interrelationships. These interrelationships may be built into the enterprise information infrastructure, as in the case of connection of hardware elements in network architecture, or in the installation of software or in the information assets. As a result, access to one element may enable access to another if they are connected. An enterprise may specify conditions on the access of certain assets in certain mode (read, write etc.) as policies. The interconnection of assets, along with specified policies, may lead to managerial vulnerabilities in the enterprise information system. These vulnerabilities, if exploited by threats, may cause disruption to the normal functioning of information systems. This paper presents a formal methodology for detection of managerial vulnerabilities of, and threats to, enterprise information systems in linear time.

Controlled Access over Documents for Concepts Having Multiple Parents in a Digital Library Ontology

This paper proposes a solution to a problem present in Digital Library ontology for accessing concepts having multiple parents. Instead of considering the underlying structure as a tree, authors consider a DAG structure for concept nodes having multiple parents. A hashing mechanism has been developed to avoid change in document annotations against change in ontological structure. The paper highlights the problem and describes the methodologies avoiding the algorithmic details for paucity of space.

A Methodology for Conversion of Enterprise-Level Information Security Policies to Implementation-Level Policies/Rule

An enterprise is considered as a collection of assets and their interrelationships. To ensure security, enterprise-level information security policies are specified. An information security procedure details the steps needed to implement a security policy. Implementation of security procedures needs a set of low-level (implementation-level) policies defining authorizations of subjects over objects. For a large enterprise, manual specification of low-level policies may lead to errors and conflicts. This study presents a methodology for the conversion of security procedures to low-level policies, the methodology also validates policies based on information security requirements of enterprises.

A graph-based formalism for controlling access to a digital library ontology

This paper presents a graph-based formalism for an Ontology Based Access Control (OBAC) system applied to Digital Library (DL) ontology. It uses graph transformations, a graphical specification technique based on a generalization of classical string grammars to nonlinear structures. The proposed formalism provides an executable specification that exploits existing tools of graph grammar to verify the properties of a graph-based access control mechanism applicable to a digital library ontology description. It also provides a uniform specification for controlling access not only at the concept level but also at the level of the documents covered by the concepts including node obfuscation, if required.

Resolving authorization conflicts by ontology views for controlled access to a digital library

– This paper provides a new Digital Library architecture that supports polyhierarchic ontology structure where a child concept representing an interdisciplinary subject area can have multiple parent concepts. The paper further proposes an access control mechanism for controlled access to different concepts by different users depending on the authorizations available to each such user. The proposed model thus provides a better knowledge representation and faster searching possibility of documents for modern Digital Libraries with controlled access to the system. , – Since the proposed Digital Library Architecture considers polyhierarchy, the underlying hierarchical structure becomes a Directed Acyclic Graph instead of a tree. A new access control model has been developed for such a polyhierarchic ontology structure. It has been shown that such model may give rise to undecidability problem. A client specific view generation mechanism has been developed to solve the problem. , – The paper has three major contributions. First, it provides better knowledge representation for present-day digital libraries, as new interdisciplinary subject areas are getting introduced. Concepts representing interdisciplinary subject areas will have multiple parents, and consequently, the library ontology introduces a new set of nodes representing document classes. This concept also provides faster search mechanism. Secondly, a new access control model has been introduced for the ontology structure where a user gets authorizations to access a concept node only if its credential supports it. Lastly, a client-based view generation algorithm has been developed so that a client’s access remains limited to its view and avoids any possibility of undecidability in authorization specification. , – The proposed model, in its present form, supports only read and browse facilities. It would later be extended for addition and update of documents. Moreover, the paper explains the model in a single user environment. It will be augmented later to consider simultaneous access from multiple users. , – The paper emphasizes the need for changing the present digital library ontology to a polyhierarchic structure to provide proper representation of knowledge related to the concepts covering interdisciplinary subject areas. Possible implementation strategies have also been mentioned. This design method can also be extended for other semantic web applications. , – This paper offers a new knowledge management strategy to cover the gradual proliferation of interdisciplinary subject areas along with a suitable access control model for a digital library ontology. This methodology can also be extended for other semantic web applications.

Resolving conflicts between role-hierarchy and concept-hierarchy in a Digital Library ontology

Permitting a child concept to have multiple parent concepts in a Digital Library ontology, this paper ventures to propose solutions to conflicts between role hierarchy of the users and concept hierarchy of the ontology.