Enhanced Security Over Semantic Web

Published Date: 02 Nov 2017

Abstract— the importance of the semantic web technology for enterprises activities and other business sectors is addressing new patters which demand a security concern among these sectors. The security standard in the semantic web enterprises is a step towards satisfying this demand. Meanwhile, the existing security techniques used for describing security properties of the semantic web that restricts security policy specification and intersection. Furthermore, it’s common for enterprises environments to have loosely-coupled components in the security. RSA used widely to in the enterprises applications to secure long keys and the use of up-to-date implementations, but this algorithm unable to provide a high level of security among the enterprise semantic web. However, different researchers unable to identify whether they can interact in a secure manner based on RSA. Hence, this study aimed to design a new encryption model for securing the enterprise semantic web with taking in account the current RSA technique as a main source of this study.

Keywords: Agent systems, RSA, ECC, recommendation method, XML, RDF, OWL, enterprise application.

Introduction

The threats to security are increasing with the emergence of new technologies such as software agents. There have been many attacks in past where malicious agents entered into agent platforms and destroyed other active agents. Most of researchers refer to the real world scenario where malicious agent destroyed the other agents on the platform [7]. It will be very critical to focus on security when agents will be used for mission critical systems [3]. In that scenario, a security leak could cause a big harm especially among the enterprise applications over semantic web [6]. A software agent knows as an important part of semantic web [11]. The agents help to get and understand information from different semantic constructs, for instance ontologies, Resource Description Framework (RDF) and (XML).

Therefore it is important to secure data and other relevant technologies for safe enterprise semantic web. Multi-agent systems are an environment where different agents collaborate to perform a specific task [5]. The interaction leaves agents in a different enterprise semantic web vulnerable state, where malicious agent can enter to the system. For example, a malicious agent can enter in an agent platform and kill an agent that was used to perform sales. After killing that agent, this malicious agent can process the order and send the payment to wrong party [17].

The rest of this paper is organized as follows. Issues of the study are presented in section 2. Section 3 presents the proposed model. The Expected benefits are presented in section 4. Conclusion also introduced in section 5 followed by the references.

Issues of the Study

Often there has been a need to protect information from 'prying eyes'. Moreover, enterprises applications always require a high level of security. There exist several techniques and frameworks for agents' communication, among enterprise semantic web, but none of those provide cross-platform security [1]. For instance, to encrypt data communication between agents. In their technique both source and destination platforms must have a same cryptography algorithm. Most of these approaches negatively affect the performance agent’s communication. There are a number of users around the globe using the semantic web applications and a number of agents are created by those users [1]. Therefore, to reduce the bottlenecks, an ad-hoc based authentication is required for agent communication.

Enterprise Semantic Applications

The enterprise semantic applications defined as platform-independent for supporting semantic web application which written in different programming languages [8] [11]. The semantic web platform consists of a set of services and protocols that provide the functionality for developing multitiered.

The main enterprise semantic web application features can be addressed into the following:

Working together with the HTML based application that consists on RDF, OWL, and XML to build the HTML web relation or other formatted data for the client.

Provide external storage platforms’ that are transparent to the author.

Provide database connectivity, for managing and classifying the data contents.

These technologies are the important constituents of semantic web services. It is therefore very likely that these services will be agent based in the near future. The success of enterprise application will highly rely on the implementation and usage of these web services [16]. Agents can use intelligent collaborations in order to achieve global optimization while adhering to local requirements.

Figure 1 presents the enterprise communication network among its components.

Fig 1. Enterprise communication network

Encryption over Semantic Web

Generally, several methods can be used to encrypt data streams, all of which can easily be implemented through software, but not so easily decrypted when either the original or its encrypted data stream are unavailable [13]. (When both source and encrypted data are available, code breaking becomes much simpler, though it is not necessarily easy). The best encryption methods have little effect on system performance, and may contain other benefits (such as data compression) built in.

The current adopting of the new technology have brought a new ideal integration for securing and simplifying the data sharing for all components of enterprise applications [9]. The elements of enterprise application which can be possibly configured within slandered Crypto methods, Table 1 stated the Crypto algorithms comparison:

Table 1. Crypto algorithms comparison [14]

Parameter/algorithm

RSA

ECC

XTR

Key length (bits)

1024

161

Comparable with ECC

Key generation time (processor

clocks)

1 261 261 261

40 540 540,5

Less than ECC

Encryption time (processor clocks)

11 261 261,3

3 243 243 243

Comparable with ECC

RSA over Semantic Web

Because of the need to ensure that only those eyes intended to view sensitive information can ever see this information, and to ensure that the information arrives unaltered, security systems have often been employed in computer systems for governments, corporations, and even individuals [18]. Encryption schemes can be broken, but making them as hard as possible to break is the job of a good cipher designer. Figure 2 presents the RSA security process from client to server. As shown, the encrypted client data requested public key from the web decrypts using private key over the internet [15].

Fig 2. The RSA security over semantic web

This process (encryption) happens when client requests private key from server user name and password. In this way everything client type in and click on can only be decrypted by server through private key.

1>> n = pq, where p and q are distinct primes.

2>>phi, φ = (p-1)(q-1)

3>> e < n such that gcd(e, phi)=1

4>> d = e-1 mod phi.

5>> c = me mod n, 1<m<n.

6>> m = cd mod n.

RSA Crypto example

The Proposed Model

As known, the representing and accessing of the web contents among platforms are determined to be a more recent innovation; most of this representation involves the use of other techniques such as (RDF, XML, and OWL) these technologies works together to link systems together. Enterprise application platform independent facing several security problems in data sharing and accessing which enable web services to work across low level of security. However, the communication process in these platforms (Enterprise application) from the client to the service uses certain technology that helps to translate the client data and assign its security level based XML as the common language. This allows one application to call the services of another application over the network by sending an XML message to it.

Thus, our proposed model will be more efficient in a way that there is no need for agents communication by encrypting the client requests into public store, which reduces the processing and communication time. Also our proposed model will be platform independent because there is no need to maintain standards for cross-platform agents’ communication security.

In a pervasive environment, trust can be used for collaboration among devices. Trust can be computed automatically without user interference on the basis of direct and indirect communication [2]. In the direct communication or observation mode the device user’s interaction history is considered. For this purpose a trust value is assigned to each identity in the trust database [12]. There exist some formulas such as (Observations and recommendations) that use to calculate the single trust value for the user on the basis of observations and recommendations [2].

This study applies the recommendations technique which aims to specify a degree of trust for each person in the network, for automating trust, which is also called indirect communication [4]. Therefore the observation and recommendation are used together to generate a trust value for a user. Given a user trust value, a trust category is assigned to user with a value of low, medium or high. The trust values should be regularly monitored because when a new recommendation is received new trust value is compared with its old value and trust database is updated by the enterprise application services for single and multi accessing which operate the use access accordingly.

Recommendations are another method of automating trust, which is also called indirect communication [16].

Therefore the observation is used together to generate a trust value for a user. Given a user trust value, a trust category is assigned to user with a value of low, medium or high. The access rights distribution is performed on the basis of the category value. The trust values should be regularly monitored because when a new recommendation is received new trust value is compared with its old value and trust database is updated by update trust category accordingly.

Figure3 and 4 presents the type of trust over enterprise applications which model the logical relationship between the nodes. These nods will be classified into several groups such as:

Process Request Group: A request for a service group composed of nodes, node I and node n.

Register Level Group Provider Group: to provide a service in the network of nodes that comprises the group, as these nodes share certain files, or the provision of certain goods purchases.

Trust Level Group: trust nodes that comprise the group, node m1, node m2 and node m3.

Save trust nodes Group: trust network, trust in other nodes on the path formed by the agent.

Fig 3. Two type of trust for agent registration level (public store)

Fig 4. Truest network based recommendation and observation

the proposed Security Model over Enterprise semantic web

Fig 5. Enterprise Crypto process over semantic web applications

In Figure 5 an agent for registration level outside the environment sends a request to server for registration, server registers it with the lowest security level. With the passage of time the agent becomes more trustworthy based on observations and recommendations.

Delegation is the most important feature in our proposed mechanism through which an agent can delegate set of its rights to another agent for specific period of time. In summary of the whole discussion, we proposed a multi-layered security level mechanism whereby an agent enters in the environment with a low level of security and achieves the higher level of security as it survives in the environment.

The Expected Benefits

The expected benefits from the proposed security architecture can be determined the following:

Manage user access by level or authority

this could be done by allowing administrators or trusted clients to access and share the information across platform based on the retrieved recommendation. Furthermore, this feature will helps to assigns different authorities to different administrators based on specific levels that identified by agent.

Determine the Client behavior

Moreover, the proposed architecture can be capable of customizing the client behaviors based on the security policy contents that over legal clients to use its services and guard against unauthorized use.

Provide a High reliability

Adopting agent systems will helps to simplify the communication performance between client and server.

Conclusion

This study aimed to provide a reliable security model for the enterprises semantic web applications based on recommendation method. Meanwhile, the best way for representing and organizing the security for all web resources based platform involves the use of a centralized, identity centric web security system along with a certain language for translating the client request into understandable order based policy enforcement point. Finally, this study was succeeded to determine the working process of the proposed model among web application; also expected benefits were reported in term of Crypto agent technology and recommendation method for assigning the security level for the clients in these applications.