28 Oct 2010


See also: IRC log


Jeff Waters and Don McGarry
Jeff Waters


<scribe> Scribe: Jeff Waters

<scribe> ScribeNick:jeffw

jeffw: We will have guests today to help us learn about security ontologies from 3 sigma research
... Welcome to all.
... Jim Dike, Aaron Wheeler and Michael Winburn are joining us from 3 sigma research

michael: I'll probably turn it over to jim dike for some background

jimdike: we've tended to focus on ontologies related to security domain, how to model and represent entities that are significant in that area
... what entities are relevant for security and dissemination of information, there are analogies to government work and all of the constraints and restrictions in that environment, but also in the commercial world
... so we settled on some simple concepts of defining a person and characteristics that are needed for defining a person with respect to handling info that needs to be secure
... What I mean by "secure" is bound by what types of access that person needs to have and what kind of characteristics describe the groups that define sets of restrictions, then they can be applied to the info
... but we've also applied them to transport media. Initially, it was thought they might be limited to specialized and private networks, but with the explosion of vpn, the concept of what info should go out on what vpn complicates
... people, media and transport mechanisms, how to represent all of that consistently and how to determine if something really should go from A to B
... it's a simple model but can get complicated as you scale it.
... in a commercial setting, these might represent business relationships, departments, for example a finance group, a contracts group, an engineering group a research development group that are only interested in some info and not others
... groups of persons, groups of data items and groups of transport mechanisms, so we ended up settling on and researching how to apply ontologies and reasoners to that
... reasoners to determine consistency and validity of those relationships, and to identify the case where we would want to transport and where there are inconsistencies and contradictions
... that's where we really start to see some interesting things. It's the things you don't immediately see that are interesting. Using ontologies and reasoners, we use OWL and OWL DL to represent the ontology.
... Then with reasoners, you can see those relationships not immediately evident. We're itnerested in ensuring some info doesn't go where it shouldn't go.

jeffw: it seems like this is a nice generic model which can apply not just to traditional classification, but also for things like passing information from one city to another that borders on a county or state with different policies

jimdike: yes, often you have aggregations of data items, some might be more public, some might be more sensitive, but when you begin to aggregate pieces of info from multiple sources, so in business world,
... say you have a coaltiion of businesses working together with different disclosure agreements, so say two are more open so the info is "public" but for another entity it might be more closed
... how do you disseminate different portions of data items, and can the aggregate go to everyone or only pieces of the aggregate go to everyone, from a more simple to a more complex or complex to individual, ifyou model it properly, you can go in both directions
... you might have an aggregate of business info that wants to go out, as a whole, you might say too sensitive, so it doesn't go out, but then again internally organizations don't think of how to divide it up and go to different partners
... so we've looked at that in our models.

jeffw: what reasoner do you use?

jimdike: we try against multiple reasoners
... we treat them like black boxes, there are slight differences and we'll test against multiple reasoners, so we want it to be robust, we constrain the testbed to pellet, fact++, we use protege and they have a new one
... there also is an engine JENA that has a reasoner that they have. We tend to restrict ourselves to OWL DL versus OWL Full to ensure the models are deterministic.
... open world v. closed world, but for some things you want them to be deterministic

michaelWinburn: we can internally talk about what we can share

jimdike: it's fair to say that it's part of our current work to define that line between what can be public and what is proprietary, we aren't the only ones who can define a security ontology
... we want to define that line, then people can drop into it, the ontology itself is an open data standard, then reasoning and things behind it would be internal or proprietary, but to represent decisions in a way that would allow individual vendors to solve interesting problems, we could think about that
... we could think of a representation that is good for semantic uses

jeffw: it seems like a public standard and then proprietary uses would be great, I think that might be a business model, you are certainly welcome to join w3c and participate or participate as an invited expert

jimdike: yes we would be interested

jeffw: Would Don, Eva, Piotr like to ask a few questions?

Don: yes, I appreciate you presenting this in a public forum and these folks have some expertise in ontologies, and we can follow up in private as well

eblomqvi: Yes, thanks, even if some info is public when you aggregate different types of information, the orginal data is partially public, partially not, these are important problems and interesting to hear people are working on this

jimdike: We've been working in this area for 5 years now?

pitor_nowara: this could be a good use case in my opinion

jeffw: it seems like the mathematical foundation is a strong support for the reasoning that is a selling factor for your approach, is that correct?

jimdike: I mentioned before that we made a decision to stay with OWL DL, I have been to at least one conference where there was an academic discussion about how OWL DL is insufficient to represent the cases where real decisions can be made
... what you are doing they say is throwing the baby out with the bathwater, but we found out that there is a medium ground, you can define models and use reasoners to a certain point and then you add processing on top, you can get some desired results
... the model is good for the purpose it is built for and that is good enough, to say that it has to handle the complete domain is not a good approach. That's an important lesson we learned.

<Don> Jeff - Need to run to another meeting

<Don> thanks for putting this together

<Don> and fostering a great discussion

jimdike Nick Drummond with Univ of Manchester in UK said this stuff is hard, ontology modeling is not for the faint of heart, keep in mind the intent and constrain yourself to that.

jimdike: for security people, the concern is is it deterministic, how do you prove this is true in the complex case and that takes a little more time, we're still in process of how to communicate that to a lay person
... it can add assistance to their process of verification, it can help speed up the work of that person

jeffw: do you have anything you can point to as a reference?

jimdike: we can get back with you on that.

jeffw: any update on paper or modeling problems?

eblomqvi: just a week and a half away, we present it as a poster, I did send it to the authors, and we need to check the format and any inputs you have. I wanted to ask if we can have some graphics and I was thinking about the prototype system, is there anything more we can show on the poster, some diagram or structure or something, that would be nice to have

jeffw: we don't have any diagram for the prototype right?

eblomqvi: any flow diagram or user interface diagram

jeffw: Piotr, any update on criteria model?

piotr_nowara: I was doing more examples, but I'll let you know when I finish that stage of my testing, I would like to share my model, perhaps on ontologydesignpatterns.org website.
... I don't know if it's good enough

eblomqvi: yes, ontologydesignpatterns would be a good place and don't worry about if it's not the final version, idea of the portal is something that people can contribute to and comment on, it's like wikipedia, you can add to it even if not sure
... we hope to increase discussion activity on the portal and at least people can see it and people can contact you directly, so please publish it on the portal

jeffw: We're out of time for today. I'd like to thank Michael, Jim and Aaron for participating today and educating us on their approach to developing an ontology to model security for information exchange. We will definitely follow-up.
... Also thanks to Eva, Piotr and Don for calling in. Our next meeting will be in two weeks and you are all welcome to participate. We'll look forward to developing our decision model and applying it to our various use cases. Thanks.

Summary of Action Items

[End of minutes]

Minutes formatted by David Booth's scribe.perl version 1.135 (CVS log)
$Date: 2010/10/28 15:08:22 $

Scribe.perl diagnostic output

[Delete this section before finalizing the minutes.]
This is scribe.perl Revision: 1.135  of Date: 2009/03/02 03:52:20  
Check for newer version at http://dev.w3.org/cvsweb/~checkout~/2002/scribe/

Guessing input format: RRSAgent_Text_Format (score 1.00)

Found Scribe: Jeff Waters
Found ScribeNick: jeffw

WARNING: No "Topic:" lines found.

WARNING: No "Present: ... " found!
Possibly Present: Don ScribeNick eblomqvi jeffw jimdike michael michaelWinburn piotr_nowara pitor_nowara
You can indicate people for the Present list like this:
        <dbooth> Present: dbooth jonathan mary
        <dbooth> Present+ amy

Agenda: http://www.w3.org/2005/Incubator/decision/wiki/Decision_Mtg_16_Agenda
Got date from IRC log name: 28 Oct 2010
Guessing minutes URL: http://www.w3.org/2010/10/28-decision-xg-minutes.html
People with action items: 

WARNING: Input appears to use implicit continuation lines.
You may need the "-implicitContinuations" option.

WARNING: No "Topic: ..." lines found!  
Resulting HTML may have an empty (invalid) <ol>...</ol>.

Explanation: "Topic: ..." lines are used to indicate the start of 
new discussion topics or agenda items, such as:
<dbooth> Topic: Review of Amy's report

[End of scribe.perl diagnostic output]