Trustworthy Semantic Web Technologies for Secure Knowledge Management Bhavani Thuraisingham and Pranav Parikh Department of Computer Science The University of Texas at Dallas Richardson, TX 75080 bhavani.thuraisingham, prp061000@utdallas.edu Abstract Semantic web technologies have many applications due to their expressive and reasoning power. At the same time, secure knowledge management is becoming a crucial area for many corporations where the data, information and knowledge including the intellectual property and the expertise in the corporation have to be protected. In this paper we explore the applications of trustworthy semantic web technologies for secure knowledge management. Keywords: Semantic Web, Knowledge Management, Security Policy, Privacy 1. Introduction Semantic web is becoming a crucial technology for many web applications. As stated by Tim Berners Lee, to make the web more useful we need machine understandable web pages. That is the web has to evolve into a semantic web. Therefore we need mechanisms to secure the semantic web technologies. One of the crucial applications of semantic web technologies is knowledge management. Knowledge management is about corporations sharing the resources, expertise, as well as building intellectual capital so that it can increase its competitiveness. Corporations with Intranets promote knowledge management as the employees can learn about various advances in technology, get corporation information and find the expertise in the corporation. Furthermore, when experts leave the corporation through retirement or otherwise, it is important to capture their knowledge and their practices so that the corporation does not lose the valuable information acquired through many years of hard work. To build a secure and learning organization, we need secure knowledge management. In this paper we discuss the application of secure semantic web technologies to secure knowledge management so that organizations can get a competitive advantage. The organization of this paper is as follows. In section 2 we discuss trustworthy semantic web techniques. Secure knowledge management and related technologies will be discussed in section 3. Application of trustworthy semantic web to secure knowledge management will be discussed in section 4. The paper is concluded in section 5. 2. Trustworthy Semantic Web Technologies 2.1 Overview Security cuts across each layer of the semantic web. One needs secure XML. That is, access must be controlled to various portions of the document for reading, browsing and modifications. There is research on securing XML and XML schemas. The next step is securing RDF. Now with RDF not only do we need secure XML, we also need security for the interpretations and semantics. For example under certain contexts, portions of the document may be Unclassified while under certain other contexts the document may be classified. Security should not be an afterthought. One needs to insert security into the system right from the beginning. Similarly security cannot be an afterthought for the semantic web. We discuss secure semantic web technologies in sections 2.2 through 2.5. For more details we refer to [1, [2]. 2.2 XML Security Various research efforts have been reported on XML security (see for example, [3]). We briefly discuss some of the key points. The main challenge is whether to give access to entire XML documents or parts of the documents. Bertino et al have developed authorization models for XML. They have focused on access control policies as well as on dissemination policies. They also considered push and pull architectures. They specified the policies in XML. 2008 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing 978-0-7695-3492-3/08 $25.00 © 2008 IEEE DOI 10.1109/EUC.2008.174 186 2008 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing 978-0-7695-3492-3/08 $25.00 © 2008 IEEE DOI 10.1109/EUC.2008.174 186 2008 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing 978-0-7695-3492-3/08 $25.00 © 2008 IEEE DOI 10.1109/EUC.2008.174 186 Authorized licensed use limited to: Univ of Texas at Dallas. Downloaded on April 19,2010 at 19:32:02 UTC from IEEE Xplore. Restrictions apply.