Juan Jim Tan

Dynamic security reconfiguration for the semantic web

There is a plethora of security standards for protecting network services, specified by numerous standards consortia. These standards support different security requirements and use various syntaxes to represent the security information for different software infrastructures and applications. Open systems often require a more sophisticated security analysis and configuration to safeguard distributed services. A security framework constituting both semantic and meta-reasoning models is investigated in order to reason about the security requirements and security operation of interacting entities within open service environments. Security requirements are defined using security profiles that describe the interlinking of security policies to instances of services. Meta-reasoning refers to the reflection at a conceptual level at which the domain knowledge (ontology) is separated from the control knowledge (profiles): systems can manage and reconfigure themselves without affecting their underlying implementation. Such reasoning is particularly useful within open service infrastructures as it enables us to detect, analyse and resolve multiple-policy conflicts, to decide if a change in the environment necessitates a security reconfiguration, and to decide if a suitable level of security interoperability between heterogeneous systems is achievable. This paper describes a meta-reasoning model for semantic open service environments, an application and an evaluation of the framework and its performance.

AN INTEGRATED APPROACH TO USER-CENTERED PRIVACY FOR MOBILE INFORMATION SERVICES

The evolution of powerful portable networked devices allows nomadic users seamless access to business and leisure information any time and any where. This drives service infrastructures to similarly evolve to meet new service management challenges in order to adapt information delivery to a richer spatial, temporal, and user context whilst balancing the concerns of the different stakeholders. This paper presents the use of a multi-agent system service infrastructure and associated privacy model to maintain the balance between the service providers need to maximize its knowledge of the user context against the need for the users privacy to be protected.

Policy Driven Systems for Dynamic Security Reconfiguration

Meta-reasoning models are investigated in order to deliberate about the security requirements and interoperability within open service environments. This is particularly useful within such infrastructures as it enables us to: detect, analyse and resolve multiple policy conflicts; decide if a change in the environment necessitates a security reconfiguration and to decide if a suitable level of security interoperability between heterogeneous systems is achievable.

A SEMANTIC APPROACH TO HARMONIZING SECURITY MODELS FOR OPEN SERVICES

There is a plethora of different security standards proposed by a range of standards consortia, including the IETF, W3C, and OASIS. There are also sometimes multiple configuration settings for a given security specification. In a heterogeneous open service environment, the variety of security standards and possible settings used can hinder security interoperability, because a common security configuration may not be able to be agreed upon in advance. In this paper, we have developed a generic security model expressed in an XML extension (DAML) and have investigated how to ground this in order to reuse the security specifications from various standards consortia. We have applied this model to support security discovery and dynamic security reconfiguration for use within open service infrastructures.

Securing agent-based e-banking services

Services being developed by the EU Agentcities project require, and would benefit from having security. This paper focuses on analysing and specifying agent security services for an Agentcities e-Banking service. In this version of the service we have defined a set of requirements for core, general and Multi-Multi Agent Systems (MMAS) scenarios to support confidentiality, integrity, and authentication interactions. We have applied an Abstract Security Model for mapping relationships between Assets, Safeguards, and Threats. Profiles define the mapping between these entities in order to meet the system requirements and policies represent collaboration rules to achieve the goal of meeting the requirements. Consequently, the Security Model implementation in this scenario has demonstrated that agent based commerce services are plausible in MMAS environments.

Middleware for semantic-based security and safety management of open services

The trend towards ubiquitous public services is driving the deployment of large-scale, heterogeneous, distributed information services. In order to support automated information access and processing, this information is marked up using semantic metadata models represented using ontology languages such as OWL. The use of such a semantic metadata model is twofold: to enable content-based access and to provide services that enable users and applications to select, employ, compose and monitor web-based resources automatically. Deployment of a semantic model consists of the semantic metadata model itself and the semantic services to leverage the semantic metadata within application services. The main objective of this paper is to show how an existing semantic-based security management of open services framework has been extended to improve the safety of services using a semantic error management model. It has been applied to an application that queries multiple distributed environmental database resources.

A Profile Based Security Model for the Semantic Web

The trend towards ubiquitous public services is driving the deployment of large scale, heterogeneous, semantic distributed service infrastructures. The critical and valuable assets of open services need to be protected using heterogeneous security models such as multiple domain-specific authorisation and access control mechanisms. A dynamic approach to managing inter-domain security to support openness is required. A semantic model that uses profiles, that supports policy type constraints and that supports profile-based security information interchange for multi-domain services has been developed.

Ontology mediation in heterogeneous venue services

Dynamic service synthesis is one of the key aims of the EU Agentcities project [1]. This seeks to generate new services through reusing and combining existing services. Agent-based services are commonly represented and accessed using specific ontologies and they are advertised using terms from these same ontologies. Some event-based services such as a wedding or concert, seeks to organise the event across multiple venues, it forms a horizontal layer that cuts across multiple vertical service instances such as hotel, cinema and restaurant. Hence some services naturally require the use of multiple ontologies. This paper focuses on analysing and specifying a support for ontology mediation for composing heterogeneous venue-based services. The term ontology mediation refers to the co-ordinated matching of generalised ontology name-values across multiple ontology instances. In this version of the service, the core interoperability between services is addressed by applying ontology mediation techniques where relationships, semantics and mappings of arbitrary venue ontology definitions are mediated. Consequently, the implementation demonstrates the use of dynamic creation of proxy venue agents, and this supports interoperability for venue finder agents to query, book, negotiate, and aggregate services both locally and in open service domains.