Harry S. Delugach

Conceptual Structures at Work

In Peirce’s account of the normative sciences, logical validity and truth ultimately rely upon – though they are not reduced to – ethical and esthetic insight. An examination of the relations among critical esthetics, ethics and logic in Peirce’s system suggests a possible account of the logic of creative discovery, which Peirce identified as abductive inference.

Specifying multiple-viewed software requirements with conceptual graphs

Abstract Among the phases of software development, requirements are particularly difficult to specify and analyze, since requirements for any large software system originate with many different people. Each persons view of the software requirements may be expressed in a different notation based on that persons knowledge, experience, and vocabulary. To perform a knowledge-based analysis of the requirements in combination, a single knowledge representation must be capable of capturing the information expressible in several existing requirements notations. This article introduces notation of conceptual graphs based on semantic networks that provides a general representation. Four common requirements notations are shown to be expressible using conceptual graphs; algorithms and examples are provided.

Wizard: a database inference analysis and detection system

The database inference problem is a well-known problem in database security and information system security in general. In order to prevent an adversary from inferring classified information from combinations of unclassified information, a database inference analyst must be able to detect and prevent possible inferences. Detecting database inference problems at database design time provides great power in reducing problems over the lifetime of a database. We have developed and constructed a system called Wizard to analyze databases for their inference problems. The system takes as input a database schema, its constituent instances (if available) and additional human-supplied domain information, and provides a set of associations between entities and/or activities that can be grouped by their potential severity of inference vulnerability. A knowledge acquisition process called microanalysis permits semantic knowledge of a database to be incorporated into the analysis using conceptual graphs. These graphs are then analyzed with respect to inference-relevant domains we call facets using tools we have developed. We can determine inference problems within single facets as well as some inference problems between two or more facets. The architecture of the system is meant to be general so that further refinements of inference information subdomains can be easily incorporated into the system.

Refereed paper: Protecting databases from inference attacks

This paper presents a model of database inference and a taxonomy of inference detection approaches. The Merlin inference detection system is presented as an example of an automated inference analysis tool that can assess inference vulnerabilities using the schema of a relational database. A manual inference penetration approach is then offered as a means of detecting inferences that involve instances of data or characteristics of groups of instances. These two approaches are offered as practical approaches that can be applied today to address the database inference problem. The final section discusses future directions in database inference research.

A Fast Algorithm for Detecting Second Paths in Database Inference Analysis

This paper presents an approach for detecting potential second-path inference problems in a way that is significantly faster than previous approaches. The algorithm uses a relational database schema and functional dependencies to detect the potential for second-path inferences. The second-path inference problem involves the ability to infer higher classified data from lower classified data within a relational database system using joins. In previous research, this type of inference vulnerability was detected by actually finding a path. The approach presented in this paper does not find the path, but detects the existence of a path by adapting a well known algorithm used in database design to test a relational decomposition for the lossless join property. The original lossless join algorithm has been extended to include subtypes. The paper compares the performance of the new algorithm with that of a conventional path-finding algorithm and shows that the new algorithm is 10 to 14 times faster than the path-finding approach using schemas that range from 33 to 48 relations. The final contribution of the paper is the presentation of an algorithm for automatically classifying the discovered paths into various groups, based on their potential for indicating a significant potential security vulnerability.

An approach to conceptual feedback in multiple viewed software requirements modeling

Software requirements analysis and specification is concerned with the exploratory phases of software development: namely, defining a problem and its domain, followed by the process of identifying what features and constraints must be embodied in any software that is expected to solve the problem. A multiple viewed requirements technique deals with requirements analysis based on having available diverse multiple descriptions of software requirements. Multiple views originate from the various people, perspectives and purposes involved in a system. Because these multiple descriptions are often expressed in differing notation schemes based on differing underlying paradigms and methodologies, the problem of consistency and completeness is a significant impediment to obtaining a reliable set of requirements. Although each view by itself may be demonstrated to be internally consistent and coherent, one view is not usually formally integrated with another. This paper outlines part of an approach to these multiple-viewed requirements that provides some structure for integrating and validating multiple views.

A framework for inference-directed data mining

This paper presents a second-path inference-detection approach based on association cardinalities.*It is applicable to the detection of second paths that do not involve functional dependencies or foreign keys. It provides for an analysis sieve that begins with the analysis of an object model of the database. The goal of the analysis is to detect cases in the database in which a small number of values in the target entity can be associated with a single value in the anchor entity. The number of values is called the association cardinality from anchor to target. Inference vulnerabilities occur for cases of small association cardinalities. The analysis sieve processes the data model of the database to detect cases of small association cardinality. For cases with high cardinality associations, the sieve mines the database to detect cases of small instance-level association cardinalities.

Towards Building Active Knowledge Systems with Conceptual Graphs

This paper outlines a vision for using conceptual graphs to build active knowledge systems that have the capability to solve practical and complex problems. A key ingredient in an active knowledge system is its ability to interact (not just interface) with the real world. Basic features of such systems go beyond logic to include support for data mining, intelligent agents, temporal actors, active sensors, a system for knowledge interchange and finally, support for knowledge-in-the-large.

Animating Conceptual Graphs

This paper addresses operational aspects of conceptual graph systems. This paper is an attempt to formalize operations within a conceptual graph system by using conceptual graphs themselves to describe the mechanism. We outline a unifying approach that can integrate the notions of a fact base, type definitions, actor definitions, messages, and the assertion and retraction of graphs. Our approach formalizes the notion of type expansion and actor definitions, and in the process also formalizes the notion for any sort of formal assertion in a conceptual graph system. We introduce definitions as concept types called assertional types which are animated through a concept type called an assertional event. We illustrate the assertion of a type definition, a nested definition and an actor definition, using one extended example. We believe this mechanism has immediate and far-reaching value in offering a self-contained, yet animate conceptual graph system architecture.

A Conceptual Graph Approach to Feature Modeling

A software product-line is a set of products built from a core set of software components. Although software engineers develop software product-lines for various application types, they are most commonly used for embedded systems development, where the variability of hardware features requires variability in the supporting firmware. Feature models are used to represent the variability in these software product-lines. Various feature modeling approaches have been proposed, including feature diagrams, domain specific languages, constraint languages, and the semantic web language OWL. This paper explores a conceptual graph approach to feature modeling in an effort to produce feature models that have a more natural, and more easily expressed mapping to the problem domain. It demonstrates the approach using a standard Graph Product-line problem that has been discussed in various software product-line papers. A conceptual graph feature model is developed for the graph product-line and it is compared to other feature models for this product-line.