Alfred Ka Yiu Wong

Ontology mapping for the interoperability problem in network management

Interoperability between different network management domains, heterogeneous devices, and various management systems is one of the main requirements for managing complex enterprise services. While substantial advances have been made in low-level device and data interoperability using common data formats and specifications such as simple network management protocols (SNMPs) SMI and TMFs SID, various interoperability issues including semantic interoperability offer interesting research challenges. While semantic interoperability is a difficult problem in its own right, the semantic web that incorporates intelligent agents necessitates an interoperability solution requiring agents to communicate unambiguously and reason intelligently to perform cooperative management tasks. Agents need a formal representation of knowledge; an ontology is capable of modeling the rich semantics of the managed environment (and especially, relationships between managed entities) so that agents can act on them. This paper presents an ontology-driven approach for solving the semantic interoperability problem in the management of enterprise services, illustrated here with a router configuration management application.

Rules and Ontology in Compliance Management

Compliance management (CM) is the management process that an organization implements to ensure organizational compliance with relevant requirements and expectations. It is a continual, manual and labor intensive process that is proved to be of great challenge for many organizations. CM affects almost every aspect of an organization and is in nature a complex problem due to voluminous knowledge and data involved. In our attempts to automate and simplify compliance, we propose and examine a semantic rule-based approach for modeling compliance knowledge with the use of semantic Web rules (SWRL) and Web ontology language (OWL). We study the use of exception handling approach to create a more robust rule base to deal with data incompleteness in the semantic Web.

Ontology mapping for network management systems

The existence of various network equipment vendors, such as Cisco and Nortel, introduces an additional layer of complexity to the problem of integrating heterogeneous management information models that are applied in different network domains. The problem of using a mixture of different protocols, such as SNMP (simple network management protocol) and CMIP (common management information protocol), has already been attempted and solved by previous research, New interoperability issues can arise within a single domain when network specialists are required to manage network equipments using different sets of terminologies and via different interfaces. The objective of the paper is to address ontological issues that may arise in an integrated network management application. Ontology is applied first to model the semantics of vendor specific terms, and secondly, to aid in automating the mapping between the terms, in order to create a unified application information base such that management of various brands of network equipments can be performed through a single gateway.

Corporate Security Compliance in a Heterogeneous Environment

Organizations often have to audit and assess their information system security as a corporate compliance process based on a range of standards. The growing number of security standards such as CobiT, ISO17799 and BSI raises the potential interoperability problem in a heterogeneous environment. Often different standards are needed to satisfy different regional regulatory and obligatory requirements. In this paper, we present an ontology based approach to deal with the interoperability problem

Towards Robust and Adaptive Semantic-Based Compliance Auditing

Compliance management (CM) is the management process that an organization implements to ensure organizational compliance with relevant requirements and expectations. Compliance auditing (CA) is a child-process of CM where compliance rules and policies are individually checked against the organization to determine the level of compliance achieved by the organization. In this paper, we arrange organizational knowledge and facts within OWL ontologies and model compliance rules as adaptive semantic-based rules for compliance audit automation. We study the issues of uncertainty and inconsistency in compliance and propose an adaptive human-like strategy for mimicking conventional compliance auditing.

TOWARDS AN ONTOLOGY MAPPING APPROACH FOR SECURITY MANAGEMENT

In the past decade, ontology has been actively researched in various domains. The different ontological tasks range from simple language modeling in the linguistic domain, to semantic integration in the semantic web, and recently to application-specific tasks such as financial fraud management. We follow the trend and attempt to tackle some of the ontological problems in security management. The most complicated problem out of all is the semantic interoperability problem that is evident in the existence of various types of security elements such as IDS, firewall and virus scanner. Another problem is related to the semantic modeling tasks required for autonomous and intelligent reasoning. Semantic modeling of security events is essential for automatic and intelligent event correlation tasks that analyze semantically the different sources of security information to more accurately present the holistic network security status. We present in this paper a novel and formal ontology mapping approach and security ontology for the supporting and possibly resolution of these problems.