Security Issues for the Use of Semantic Web in E-Commerce

As the ontologies are the pivotal element of the Semantic Web in E-Commerce, it is necessary to protect the ontology's integrity and availability. In addition, both suppliers and buyers will use an ontology to store confidential knowledge pertaining to their preferences or possible substitutions for certain products. Thus, parts of an ontology will need to be kept confidential.We propose to use well established standards of XML access control. E-commerce processes require the confidentiality of customer information, the integrity of product offers and the availability of the vendors' servers. Our main contribution-the introduction of a Security Ontology-helps to structure and simulate IT security risks of e-commerce players that depend on their IT infrastructure.

[1]  Sean Bechhofer,et al.  OWL: Web Ontology Language , 2009, Encyclopedia of Database Systems.

[2]  Nicholas R. Jennings,et al.  AAMAS '06: Proceedings of the Fifth International Joint Conference on Autonomous Agents and Multiagent Systems , 2006, AAMAS 2008.

[3]  Li Qin,et al.  Concept-level access control for the Semantic Web , 2003, XMLSEC '03.

[4]  Wenfei Fan,et al.  Secure XML querying with security views , 2004, SIGMOD '04.

[5]  Chun Zhang,et al.  Storing and querying ordered XML using a relational database system , 2002, SIGMOD '02.

[6]  Nicholas R. Jennings,et al.  Certified reputation: how an agent can trust a stranger , 2006, AAMAS '06.

[7]  Suresh K. Bhavnani,et al.  Strategy hubs: next-generation domain portals with search procedures , 2003, CHI '03.

[8]  Giorgos Zacharia,et al.  Trust management through reputation mechanisms , 2000, Appl. Artif. Intell..

[9]  Edgar R. Weippl,et al.  Security Ontology: Simulating Threats to Corporate Assets , 2006, ICISS.

[10]  Christoph Quix,et al.  A Three-Phase Model of Electronic Marketplaces for Software Components in Chemical Engineering , 2001, I3E.

[11]  Warwick Ford,et al.  XML Key Management Specification (XKMS) , 2001, WWW Posters.

[12]  Brigitte Günterberg,et al.  SMEs in Germany: Facts and figures 2004 , 2004 .

[13]  Sabrina De Capitani di Vimercati,et al.  A fine-grained access control system for XML documents , 2002, TSEC.

[14]  Robert J. Glushko,et al.  An XML framework for agent-based E-commerce , 1999, CACM.

[15]  Mark Bartel,et al.  Xml-Signature Syntax and Processing , 2000 .

[16]  Mark Klein,et al.  Massachusetts Institute of Technology Abraham Bernstein University of Zurich Toward High-Precision Service Retrieval , 2022 .

[17]  Edgar R. Weippl,et al.  Security Ontologies: Improving Quantitative Risk Analysis , 2007, 2007 40th Annual Hawaii International Conference on System Sciences (HICSS'07).

[18]  Peter Kranzusch,et al.  Institut für Mittelstandsforschung Bonn , 2001 .

[19]  Elisa Bertino,et al.  Secure and selective dissemination of XML documents , 2002, TSEC.

[20]  Ralf Peters,et al.  Elektronische Märkte und automatisierte Verhandlungen , 2000, Wirtschaftsinf..

[21]  Claudio Bartolini,et al.  Semantic web support for the business-to-business e-commerce lifecycle , 2002, WWW '02.

[22]  Joos Vandewalle,et al.  (How) can mobile agents do secure electronic transactions on untrusted hosts? A survey of the security issues and the current solutions , 2003, TOIT.

[23]  Diego Gambetta Can We Trust Trust , 2000 .

[24]  Matthias Jarke,et al.  Enhancing Decision and Negotiation Support in Enterprise Networks Through Semantic Web Technologies , 2002, XSW.