ESTIMATION OF THE SECURITY LEVEL IN A MOBILE AND UBIQUITOUS ENVIRONMENT BASED ON THE SEMANTIC WEB

Reijo Savola

Abstract

The emerging Semantic Web enables semantic discovery and systematic maintenance of information that can be used as reference data when estimating the security level of a network, or a part of it. Using suitable security metrics and ontologies, nodes can estimate the level of security from both their own and the network’s point of view. The most secure applications and communication peers can be selected based on estimation results. In this paper we discuss security level estimation in a mobile and ubiquitous environment based on the Semantic Web. An interdisciplinary security information framework can be built using the Semantic Web to offer metrics and security level information for product quality, the traffic and mobility situation, general statistical knowledge and research results having an effect on the security level.

References

  1. Berners-Lee, T., Hendler, J., and Lassila, O., 2001. The Semantic Web. In Scientific American, 284(5): 34-43.
  2. Blaze, M., Feigenbaum, J., Ioannidis, J., and Keromytis, A. D., 1999. The KeyNote Trust Management System, V 2. IETF RFC 2704, Available at: www.ietf.org
  3. Blaze, M., Feigenbaum, J., and Lacey, J., 1996. Decentralized Trust Management. In Proceedings of IEEE Symposium on Security and Privacy, 164-173.
  4. Capkun, S., Buttyán, L. and Hubaux, J-P., 20 03. SelfOrganized Public-Key Management for Mobile Ad Hoc Networks. In IEEE Transactions on Mobile Computing, Vol. 2, No. 1, 52-64.
  5. Chandrasekaran, B., Josephson, J.R., and Benjamins, V. R., 1999. What Are Ontologies, and Why Do We Need Them? In IEEE Intelligent Systems, Jan/Feb., 20-26.
  6. Ellison, C., Frantz, B., Lampson, B., Rivest, R., Thomas, B., and Ylönen, T., 1999. SPKI Certificate Theory. IETF RFC 2693, Sep. Available at: www.ietf.org
  7. Hendler, J., Berners-Lee, T., and Miller, Er., 2002. Integrating Applications on the Semantic Web. In Journal of the Institute of Electrical Engineers of Japan, Vol 122(10), October, p. 676-680.
  8. Henning, R. (ed.), 2001. Workshop on Information Security Scoring and Ranking. Information System Security Attribute Quantification or Ordering.
  9. Hubaux, J.-P., Buttyán, L., and Capkun, S., 2001. The Quest for Security in Mobile Ad Hoc Networks. In Proceedings of the 2nd ACM International Symposium of Mobile Ad Hoc Networking and Computing (MobiHoc), 146-155.
  10. Internet Engineering Task Force (IETF), 2004. MANET Working Group. Available at: www.ietf.org
  11. ISO/IEC 21827. 2002. Information Technology - Systems Security Engineering - Capability Maturity Model (SSE-CMM).
  12. Jelen, G., 2000. SSE-CMM Security Metrics. In NIST and CSSPAB Workshop, Washington, D.C..
  13. Jonsson, E., 2003. Dependability and Security Modelling and Metrics, Lecture Slides, Chalmers University of Technology, Sweden.
  14. Kagal, L., Finin, T., and Joshi, A., 2003. A Policy Language for a Pervasive Computing Environment. In Proceedings of the 4th Int. Workshop on Policies for Distributed Systems and Networks (POLICY'03).
  15. Li, N., Grosof, B. N., and Feigenbaum, J., 2003. Delegation Logic: A Logic-based Approach to Distribution Authorization. In ACM Transactions on Information and System Security, Vol. 6., No. 1., Feb., 128-171.
  16. Luo, H., Zerfos, P., Kong, J., and Zhang, L., 2002. SelfSecuring Ad Hoc Wireless Networks. In Proceedings of the 7th Int. Symposium on Computers and Communications (ISCC), 567-574.
  17. Savola, R., 2004. Estimation of the Security Level in Wireless E-Commerce Environment based on Ad Hoc Networks. In Proceedings of the 5th European Conference E-COMM-LINE, Bucharest, Romania, Oct. 21-22.
  18. U.S. Department of Defense, 1985. Trusted Computer System Evaluation Criteria (TCSEC) “Orange Book”, U. S. Department of Defense Standard, DoD 5200.28- std.
  19. Winslett, M., Yu, T., Seamons, K. E., Hess, A., Jacobson, J., Jarvis, R., Smith, B., and Yu, L., 2002. Negotiating Trust on the Web. In IEEE Internet Computing, Nov/Dec, 30-37.
  20. Yang, H., Luo, H., Ye, F., Lu, S., and Zhang, L., 2004. Security in Mobile Ad Hoc Networks: Challenges and Solutions. In IEEE Wireless Communications, Vol. 11, No.1, Feb., 38-47.
  21. Zhou, L., and Haas, Z. J., 1999. Securing Ad Hoc Networks. In IEEE Network Magazine, Vol. 13, No. 6, Nov/Dec, 24-30.
Download


Paper Citation


in Harvard Style

Savola R. (2005). ESTIMATION OF THE SECURITY LEVEL IN A MOBILE AND UBIQUITOUS ENVIRONMENT BASED ON THE SEMANTIC WEB . In Proceedings of the Seventh International Conference on Enterprise Information Systems - Volume 4: ICEIS, ISBN 972-8865-19-8, pages 256-262. DOI: 10.5220/0002551802560262


in Bibtex Style

@conference{iceis05,
author={Reijo Savola},
title={ESTIMATION OF THE SECURITY LEVEL IN A MOBILE AND UBIQUITOUS ENVIRONMENT BASED ON THE SEMANTIC WEB},
booktitle={Proceedings of the Seventh International Conference on Enterprise Information Systems - Volume 4: ICEIS,},
year={2005},
pages={256-262},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002551802560262},
isbn={972-8865-19-8},
}


in EndNote Style

TY - CONF
JO - Proceedings of the Seventh International Conference on Enterprise Information Systems - Volume 4: ICEIS,
TI - ESTIMATION OF THE SECURITY LEVEL IN A MOBILE AND UBIQUITOUS ENVIRONMENT BASED ON THE SEMANTIC WEB
SN - 972-8865-19-8
AU - Savola R.
PY - 2005
SP - 256
EP - 262
DO - 10.5220/0002551802560262