Security ontology to facilitate web service description and discovery

Authors:
Anya Kim;Jim Luo;Myong Kang
Affiliations:
Center for High Assurance Computer Systems, Naval Research Laboratory, Washington, DC;Center for High Assurance Computer Systems, Naval Research Laboratory, Washington, DC;Center for High Assurance Computer Systems, Naval Research Laboratory, Washington, DC
Venue:
Journal on data semantics IX
Year:
2007

Citing 7
Cited 3

Security in Computing

Security in Computing
Importing the Semantic Web in UDDI

CAiSE '02/ WES '02 Revised Papers from the International Workshop on Web Services, E-Business, and the Semantic Web
Role-Based Access Control

Role-Based Access Control
External Matching in UDDI

ICWS '04 Proceedings of the IEEE International Conference on Web Services
Adding OWL-S Support to the Existing UDDI Infrastructure

ICWS '06 Proceedings of the IEEE International Conference on Web Services
An approach for semantic query processing with UDDI

OTM'05 Proceedings of the 2005 OTM Confederated international conference on On the Move to Meaningful Internet Systems
Security ontology for annotating resources

OTM'05 Proceedings of the 2005 OTM Confederated international conference on On the Move to Meaningful Internet Systems: CoopIS, COA, and ODBASE - Volume Part II

Basis for an integrated security ontology according to a systematic review of existing proposals

Computer Standards & Interfaces
Domain-Specific multi-modeling of security concerns in service-oriented architectures

WS-FM'11 Proceedings of the 8th international conference on Web Services and Formal Methods
Ontology-based representation of reusable security requirements for developing secure web applications

International Journal of Internet Technology and Secured Transactions

Quantified Score

Hi-index	0.00

Visualization

Abstract

Annotation with security-related metadata enables discovery of resources that meet security requirements. This paper presents the NRL Security Ontology, which complements existing ontologies in other domains that focus on annotation of functional aspects of resources. Types of security information that could be described include mechanisms, protocols, objectives, algorithms, and credentials in various levels of detail and specificity. The NRL Security Ontology is more comprehensive and better organized than existing security ontologies. It is capable of representing more types of security statements and can be applied to any electronic resource. The class hierarchy of the ontology makes it both easy to use and intuitive to extend. We applied this ontology to a Service Oriented Architecture to annotate security aspects of Web service descriptions and queries. A refined matching algorithm was developed to perform requirement-capability matchmaking that takes into account not only the ontology concepts, but also the properties of the concepts.