This wiki has undergone a migration to Confluence found Here
Difference between revisions of "April 13th, 2010 Security Conference Call"
Jump to navigation
Jump to search
Finaversaggi (talk | contribs) |
Finaversaggi (talk | contribs) |
||
| Line 38: | Line 38: | ||
===3. Updates/Discussion=== | ===3. Updates/Discussion=== | ||
| + | ====Security and Privacy Ontology Project==== | ||
| + | *Mike attended the SOA Ontology project call on Monday, April 12 and reported that Protégé v.4.0.2 has been selected for use (the most recent and stable version of Protégé) | ||
| + | *Mike also reported on discussions taking place within the OASISXACML committee with respect to ontologies | ||
| + | **The committee approved a work item to investigate ontologioes and a follow up call took place with Jericho Systems to discuss strategies and determine how Jericho would be involved. The management of Jericho is concerned about how this work might impact their products so this needs to be resolved. | ||
| + | *The Security and Privacy Ontology project will be following the OASIS XACML committee activities as well as the SOA Ontology project as there are there opportunities for us to harmonize wit those efforts | ||
| + | *The focus of the rest of today’s meeting (which extended into the CBCC WG) for the next two hours was a presentation of the work underway by Tony Weida on developing an ontology for Role-based Access Control using Protégé. (The demonstration today was using the alpha version of Protégé v.4.1) | ||
| + | **Tony began with an [http://gforge.hl7.org/gf/download/docmanfileversion/5561/7128/OWLProt%C3%A9g%C3%A9andSecurity-PrivacyOntology.pdf overview] of Description Logic (DL), OWL and the Protégé-OWL editor plug-in. Tony then proceeded into the RBAC ontology demonstration. | ||
| + | |||
| + | Some important concepts related to ontologies that were touched on include: | ||
| + | *Classes versus individuals | ||
| + | **Classes: when you’re dealing with a kind-of-something (concepts) and when you want to allow further precision | ||
| + | **Individuals: when you’re dealing with things that have an identity and can be counted (atoms), or you don’t need further precision. | ||
| + | *Open world assumption: Anything may be true unless it is proven false. | ||
| + | **This contrasts with the Closed-world assumption (e.g., database) where anything that cannot be found is assumed to be false. | ||
| + | *Necessary and Sufficient Conditions: | ||
| + | *Primitive classes versus Fully Defined classes | ||
| + | *Subsumption | ||
| + | *Disjointness: Classes are not disjoint by default; partial overlap of classes is assumed. Disjointness must be made explicit. | ||
| + | *No unique name assumption: | ||
Revision as of 21:09, 15 April 2010
Contents
Security Working Group Meeting
Attendees
- Tabitha Albertson
- Steven Connolly
- Mike Davis Security Co-chair
- Suzanne Gonzales-Webb CBCC Co-chair
- Miles Hale
- Don Jorgenson
- Jim Kretz
- Galen Mulrooney
- Milan Petkovic
- Pat Pyette
- Ioana Singureanu
- Cliff Thompson
- Richard Thoreson CBCC Co-chair
- Serafina Versaggi
- Tony Weida
Agenda
- (05 min) Roll Call, Approve minutes 6 April 2010 & Accept Agenda
- (55 min) Security and Privacy Ontology Project
- Protégé Demonstration: RBAC Operations (Tony Weida)
- Ongoing Work
- PASS Audit
- US Realm Value Sets
Minutes
1. Action Items
Reminder: Composite Security and Privacy Domain Analysis Model ballot is now open. Please vote!
2. Resolutions
Minutes of 6 April were approved. Motion to approve by Mike Davis, seconded by Suzanne Gonzales-Webb
3. Updates/Discussion
Security and Privacy Ontology Project
- Mike attended the SOA Ontology project call on Monday, April 12 and reported that Protégé v.4.0.2 has been selected for use (the most recent and stable version of Protégé)
- Mike also reported on discussions taking place within the OASISXACML committee with respect to ontologies
- The committee approved a work item to investigate ontologioes and a follow up call took place with Jericho Systems to discuss strategies and determine how Jericho would be involved. The management of Jericho is concerned about how this work might impact their products so this needs to be resolved.
- The Security and Privacy Ontology project will be following the OASIS XACML committee activities as well as the SOA Ontology project as there are there opportunities for us to harmonize wit those efforts
- The focus of the rest of today’s meeting (which extended into the CBCC WG) for the next two hours was a presentation of the work underway by Tony Weida on developing an ontology for Role-based Access Control using Protégé. (The demonstration today was using the alpha version of Protégé v.4.1)
- Tony began with an overview of Description Logic (DL), OWL and the Protégé-OWL editor plug-in. Tony then proceeded into the RBAC ontology demonstration.
Some important concepts related to ontologies that were touched on include:
- Classes versus individuals
- Classes: when you’re dealing with a kind-of-something (concepts) and when you want to allow further precision
- Individuals: when you’re dealing with things that have an identity and can be counted (atoms), or you don’t need further precision.
- Open world assumption: Anything may be true unless it is proven false.
- This contrasts with the Closed-world assumption (e.g., database) where anything that cannot be found is assumed to be false.
- Necessary and Sufficient Conditions:
- Primitive classes versus Fully Defined classes
- Subsumption
- Disjointness: Classes are not disjoint by default; partial overlap of classes is assumed. Disjointness must be made explicit.
- No unique name assumption:
