Yucong Duan,Xiaobing Sun,Haoyang Che,Chunjie Cao,Zhao Li,Xiaoxian Yang

DOI: https://doi.org/10.1109/access.2019.2931365

IF: 3.9

2019-01-01

IEEE Access

Abstract:Currently, with the growth of the Internet of Things devices and the emergence of massive edge resources, security protection content has not only empowered IoT devices with the accumulation of networked computing and storage as a flexible whole but also enabled storing, transferring and processing DIKW (data, information, knowledge, and wisdom) content at the edge of the network from multiple devices in a mobile manner. However, understanding various DIKW content or resources poses a conceptual challenge in unifying the semantics of the core concepts as a starting point. Through building metamodels of the DIKW framework, we propose to cognitively formalize the semantics of the key elements of the DIKW in a conceptual process. The formalization centers on modeling the perceived world only by relationships or semantics as the prime atomic comprising elements. Based on this cognitive world model, we reveal the difference between relationships and entities during the conceptualization process as a foundation for distinguishing data and information. Thereafter, we show the initial case for using this formalization to construct security protection solutions for edge computing scenarios centering on type conversions among typed resources formalized through our proposed formalization of the DIKW.

Yucong Duan,Zhihui Lu,Zhangbing Zhou,Xiaobing Sun,Jie Wu

DOI: https://doi.org/10.1016/j.engappai.2019.03.002

IF: 8

2019-01-01

Engineering Applications of Artificial Intelligence

Abstract:Current trend of shifting computing from centralized Cloud to Edge has not only empowered huge amount of IoT devices with the capability of the accumulation of individualized computing and storage as a flexible whole, but also brought along new privacy challenges originating in emerging new usage requests on the accumulated content or resources from multiple sources of various integrated devices at the Edge. In this work, we focus on modeling the privacy content of multiple sources through mapping them as resources of types of Data, Information and Knowledge in the well-known DIKW architecture. We propose to categorize content objects and relationships uniformly as typed resources of data, information, and knowledge, according to our formalized DIKW architecture composing a meta model of DIKW and extended Data Graph, Information Graph and Knowledge Graph. We further propose to categorize target privacy resources of data and information according to their presence in the modeled searching space in our DIKW architecture as explicit and implicit divisions. Thereafter we propose protection solutions according to explicit and implicit divisions for privacy target concerning typed data. The efficiency and performance potential of our processing solution originates in a multiple dimensional modeling strategy of typed data, which is modeled solely with various frequencies of various meta level dimensions.

Jinfei Liu,Li Xiong,Jun Luo

2013-01-01

Abstract:In this paper we illustrate a privacy framework named Indistinguishabley Privacy. Indistinguishable privacy could be deemed as the formalization of the existing privacy definitions in privacy preserving data publishing as well as secure multi-party computation. We introduce three representative privacy notions in the literature, Bayes-optimal privacy for privacy preserving data publishing, differential privacy for statistical data release, and privacy w.r.t. semi-honest behavior in the secure multi-party computation setting, and prove they are equivalent. To the best of our knowledge, this is the first work that illustrates the relationships of these privacy definitions and unifies them through one framework.

Wei Wang,Yin Zhang,Baogang Wei,Yiming Li

DOI: https://doi.org/10.1007/978-3-642-54930-4_38

2014-01-01

Abstract:In Digital Library, information is often stored in unstructured and semi-structured textual form. Domain modeling techniques are used for specific domain knowledge services in order to make use of the massive amounts of textual information. Ontology is an efficient way to build specific domain model for abstraction of concepts and relations. In this , we propose an ontology-based domain modeling framework, CADAL-ODM, to structure domain model. CADAL-ODM is designed to provide multi-level and multi-granularity knowledge services in order to meet the various requirements of users in digital library instead of basic reading service. We explain our work by which knowledge is extracted automatically from the unstructured and semi-structured documents. Specific domain model is structured by specific domain ontology description and extracted knowledge. We evaluate the framework with real data sets, specifically, the medical records of TCM documents set from CADAL.

Chen Yan,Hocheol Shin,Connor Bolton,Wenyuan Xu,Yongdae Kim,Kevin Fu

DOI: https://doi.org/10.1109/sp40000.2020.00026

2020-01-01

Abstract:Over the last six years, several papers demonstrated how intentional analog interference based on acoustics, RF, lasers, and other physical modalities could induce faults, influence, or even control the output of sensors. Damage to the availability and integrity of sensor output carries significant risks to safety-critical systems that make automated decisions based on trusted sensor measurement. Established signal processing models use transfer functions to express reliability and dependability characteristics of sensors, but existing models do not provide a deliberate way to express and capture security properties meaningfully. Our work begins to fill this gap by systematizing knowledge of analog attacks against sensor circuitry and defenses. Our primary contribution is a simple sensor security model such that sensor engineers can better express analog security properties of sensor circuitry without needing to learn significantly new notation. Our model introduces transfer functions and a vector of adversarial noise to represent adversarial capabilities at each stage of a sensor's signal conditioning chain. The primary goals of the systematization are (1) to enable more meaningful quantification of risk for the design and evaluation of past and future sensors, (2) to better predict new attack vectors, and (3) to establish defensive design patterns that make sensors more resistant to analog attacks.

Di Wu,Yabo Dong,Jian Lin,Miaoliang Zhu

DOI: https://doi.org/10.1007/11563952_52

2005-01-01

Abstract:The fast development of E-Commerce and information technology brings much higher requirements for enterprise informationization. Because of the differences in platforms, development languages and standards etc, enterprise application integration (EAI) has become the important form of enterprise informationization to support complex business processes. Web services have emerged as the next generation of integration technology which provides the power to support interoperability. However EAI doesn’t just present new interoperability challenges; it also presents serious privacy and security challenges. This paper presents security architecture of Web Services based EAI which uses distributed Single Sign On authentication and distributed Role-based Access Control authorization. The basic concept and prototype system of the security architecture are described in detail.

Michael Grieves

DOI: https://doi.org/10.3390/knowledge4020007

2024-03-25

Knowledge

Abstract:This paper will discuss Data, Information, Knowledge, and Wisdom, which is commonly referred to as DIKW. The DIKW Pyramid Model is a hierarchical model that is often referenced in both academic and practitioner circles. This model will be discussed and shown to be faulty on several levels, including a lack of definitional agreement. A new DIKW framework with systems orientation will be proposed that focuses on what the DIKW elements do in the way humans think, not what they are by definition. Information as a replacement for wasted physical resources in goal-oriented tasks will be a central organizing point. The paper will move the DIKW discussion to the computer-based concept of Digital Twins (DTs) and its augmentation of how we can use DIKW to be more effective and efficient. This will especially be the case as we move toward Intelligent Digital Twins (IDTs) with Artificial Intelligence (AI).

Yong Liu,Congfu Xu,Qiong Zhang,Yunhe Pan

2006-01-01

Abstract:Modeling complex architectures is quite challenging. We introduce a novel intelligent system, which can generate semi-style or semi-structure Chinese ancient architectures automatically. By using an ontology based approach to analyze the styles of different architectures, geometry primitives (e.g. point, line, triangle, etc.) are converted into semantic architecture components (e.g. window, gate, roof, etc.) as knowledge. The following modeling process can be performed at different semantic levels, and it is appealing to users having domain knowledge. This intelligent architecture modeling system has been successfully applied in the digital heritage project for ancient architectures in southeast China.

Yanfei Liu,Peng Gao,Bowen Mao,Haoran Yuan,Zhenhua Wang,Yucong Duan

DOI: https://doi.org/10.1109/HPCC-DSS-SmartCity-DependSys60770.2023.00157

2023-12-17

Abstract:“Construction of anti-Terrorism Intelligence Graph Based on the DIKW Framework” simplifies the process of handling decentralized and diverse sources of intelligence in counter-terrorism. It uses the DIKW model to consolidate and structure data for better efficiency. It creates a data graph to illustrate relationships, making data more accessible. This data is then used to form an information graph, connecting data with relevant knowledge. From this, intelligent models are extracted, aiding in counter-terrorism prevention and prediction. This approach emphasizes transforming data into intelligence and knowledge hierarchically to improve counter-terrorism efforts.

Political Science,Computer Science

Yingbo Li,Yucong Duan,Zakaria Maama,Haoyang Che,Anamaria-Beatrice Spulber,Stelios Fuentes

DOI: https://doi.org/10.1155/2021/6671628

2021-06-30

Abstract:Privacy protection has recently been in the spotlight of attention to both academia and industry. Society protects individual data privacy through complex legal frameworks. The increasing number of applications of data science and artificial intelligence has resulted in a higher demand for the ubiquitous application of the data. The privacy protection of the broad Data-Information-Knowledge-Wisdom (DIKW) landscape, the next generation of information organization, has taken a secondary role. In this paper, we will explore DIKW architecture through the applications of the popular swarm intelligence and differential privacy. As differential privacy proved to be an effective data privacy approach, we will look at it from a DIKW domain perspective. Swarm Intelligence can effectively optimize and reduce the number of items in DIKW used in differential privacy, thus accelerating both the effectiveness and the efficiency of differential privacy for crossing multiple modals of conceptual DIKW. The proposed approach is demonstrated through the application of personalized data that is based on the open-sourse IRIS dataset. This experiment demonstrates the efficiency of Swarm Intelligence in reducing computing complexity.

Artificial Intelligence,Neural and Evolutionary Computing

Andrei Brazhuk

2023-03-20

Abstract:For a long time threat modeling was treated as a manual, complicated process. However modern agile development methodologies and cloud computing technologies require adding automatic threat modeling approaches. This work considers two challenges: creating a set of machine-readable data flow diagrams that represent real cloud based applications; and usage domain specific knowledge for automatic analysis of the security aspects of such applications. The set of 180 semantic diagrams (ontologies and knowledge graphs) is created based on cloud configurations (Docker Compose); the set includes a manual taxonomy that allows to define the design and functional aspects of the web based and data processing applications; the set can be used for various research in the threat modeling field. This work also evaluates how ontologies and knowledge graphs can be used to automatically recognize patterns (mapped to security threats) in diagrams. A pattern represents features of a diagram in form of a request to a knowledge base, what enables its recognition in a semantic representation of a diagram. In an experiment four groups of the patterns are created (web applications, data processing, network, and docker specific), and the diagrams are examined by the patterns. Automatic results, received for the web applications and data processing patterns, are compared with the manual taxonomy in order to study challenges of automatic threat modeling.

Cryptography and Security,Artificial Intelligence

Karolina Bataityte,Vassil Vassilev,Olivia Jo Gill

DOI: https://doi.org/10.1007/978-3-030-49161-1_31

2020-01-01

Abstract:Modelling of knowledge and actions in AI has advanced over the years but it is still a challenging topic due to the infamous frame problem, the inadequate formalization and the lack of automation. Some problems in cyber security such as logical vulnerability, risk assessment, policy validation etc. still require formal approach. In this paper we present the foundations of a new formal framework to address these challenges. Our approach is based on three-level formalisation: ontological, logical and analytical levels. Here we are presenting the first two levels which allow to model the security policies and provide a practical solution to the frame problem by efficient utilization of parameters as side effects. Key concepts are the situations, actions, events and rules. Our framework has potential use for analysis of a wide range of transactional systems within the financial, commercial and business domains and further work will include analytical level where we can perform vulnerability analysis of the model.

Yuri Gil Dantas,Vivek Nigam

DOI: https://doi.org/10.1145/3565269

2022-09-30

Abstract:During the design of safety-critical systems, safety and security engineers make use of architecture patterns, such as Watchdog and Firewall, to address identified failures and threats. Often, however, the deployment of safety architecture patterns has consequences on security, e.g., the deployment of a safety architecture pattern may lead to new threats. The other way around may also be possible, i.e., the deployment of a security architecture pattern may lead to new failures. Safety and security co-design is, therefore, required to understand such consequences and trade-offs, in order to reach appropriate system designs. Currently, architecture pattern descriptions, including their consequences, are described using natural language. Therefore, their deployment in system design is carried out manually by experts, thus time-consuming and prone to human-error, especially given the high system complexity. We propose the use of semantically-rich architecture patterns to enable automated support for safety and security co-design by using Knowledge Representation and Reasoning (KRR) methods. Based on our domain-specific language, we specify reasoning principles as logic specifications written as answer-set programs. KRR engines enable the automation of safety and security co-engineering activities, including the automated recommendation of which architecture patterns can address failures or threats, and consequences of deploying such patterns. We demonstrate our approach on an example taken from the ISO 21434 standard.

Nicolas Boltz,Sebastian Hahner,Christopher Gerking,Robert Heinrich

2024-03-14

Abstract:The growing interconnection between software systems increases the need for security already at design time. Security-related properties like confidentiality are often analyzed based on data flow diagrams (DFDs). However, manually analyzing DFDs of large software systems is bothersome and error-prone, and adjusting an already deployed software is costly. Additionally, closed analysis ecosystems limit the reuse of modeled information and impede comprehensive statements about a system's security. In this paper, we present an open and extensible framework for data flow analysis. The central element of our framework is our new implementation of a well-validated data-flow-based analysis approach. The framework is compatible with DFDs and can also extract data flows from the Palladio architectural description language. We showcase the extensibility with multiple model and analysis extensions. Our evaluation indicates that we can analyze similar scenarios while achieving higher scalability compared to previous implementations.

Software Engineering,Cryptography and Security

Jennifer Rowley

DOI: https://doi.org/10.1177/0165551506070706

2007-02-15

Journal of Information Science

Abstract:This paper revisits the data-information-knowledge-wisdom (DIKW) hierarchy by examining the articulation of the hierarchy in a number of widely read textbooks, and analysing their statements about the nature of data, information, knowledge, and wisdom. The hierarchy referred to variously as the ‘Knowledge Hierarchy’, the ‘Information Hierarchy’ and the ‘Knowledge Pyramid’ is one of the fundamental, widely recognized and ‘taken-for-granted’ models in the information and knowledge literatures. It is often quoted, or used implicitly, in definitions of data, information and knowledge in the information management, information systems and knowledge management literatures, but there has been limited direct discussion of the hierarchy. After revisiting Ackoff’s original articulation of the hierarchy, definitions of data, information, knowledge and wisdom as articulated in recent textbooks in information systems and knowledge management are reviewed and assessed, in pursuit of a consensus on definitions and transformation processes. This process brings to the surface the extent of agreement and dissent in relation to these definitions, and provides a basis for a discussion as to whether these articulations present an adequate distinction between data, information, and knowledge. Typically information is defined in terms of data, knowledge in terms of information, and wisdom in terms of knowledge, but there is less consensus in the description of the processes that transform elements lower in the hierarchy into those above them, leading to a lack of definitional clarity. In addition, there is limited reference to wisdom in these texts.

computer science, information systems,information science & library science

Dan Wang,Xiaofeng Li,Bin Gu,Yue Cao,Yusheng Liu

DOI: https://doi.org/10.1109/icmra59796.2023.10708094

2023-01-01

Abstract:The rising interdisciplinarity and complexity of the Distributed Automation Systems (DASs) require the systems to be modeled in an unambiguous and high-level abstract way for cross-discipline/stage communication and interoperability in the Model-Driven Development (MDD) lifecycle. The concept of the System Architecture Model in systems engineering has been adopted for this challenge. To support the creation and analysis of this model, a modeling framework with a modeling methodology, modeling language, knowledge base, and related toolkit is established based on SysML and Semantic Web Technologies. A modeling methodology which is the core of the framework for modeling the architecture of DASs is formally defined with domain-specificity, comprehensiveness, discipline-neutrality, and platform-independency. Based on it, the SysML-DAS modeling language is extended from SysML, and the System Architecture Ontology is built with the help of the Knowledge Extraction Tool. This ontology works as the knowledge base not only to provide a unified and unambiguous view of the system but also to support the automated accomplishment of tasks in the MDD process. As a typical task, the semantic correctness and integrity of the system architecture model can be assessed by the Knowledge Analysis Tool in this framework.

Bo Zhou,Curtis Maines,Stephen Tang,Qi Shi,Po Yan,Qiang Yang

DOI: https://doi.org/10.1109/tcss.2018.2878921

2018-01-01

IEEE Transactions on Computational Social Systems

Abstract:Social Internet-of-Things (SIoT) environment comprises not only smart devices but also the humans who interact with these IoT devices. The benefits of such system are overshadowed due to the cyber security issues. A novel approach is required to understand the security implication under such a dynamic environment while taking both the social and technical aspects into consideration. This paper addressed such challenges and proposed a 3-D security modeling platform that can capture and model the security requirements in the SIoT environment. The modeling process is graphical notation based and works as a security extension to the Business Process Model and Notation. Still, it utilizes the latest 3-D game technology; thus, the security extensions are generated through the third dimension. Consequently, the introduction of security extensions will not increase the complexity of the original SIoT scenario, while keeping all the key information on the same platform. Together with the proposed security ontology, these comprehensive security notations created a unique platform that aims at addressing the ever complicated security issues in the SIoT environment.

Yepeng Ding,Hiroyuki Sato

DOI: https://doi.org/10.1109/TrustCom60117.2023.00230

2024-06-02

Abstract:Best practices of self-sovereign identity (SSI) are being intensively explored in academia and industry. Reusable solutions obtained from best practices are generalized as architectural patterns for systematic analysis and design reference, which significantly boosts productivity and increases the dependability of future implementations. For security-sensitive projects, architects make architectural decisions with careful consideration of security issues and solutions based on formal analysis and experiment results. In this paper, we propose a model-driven security analysis framework for analyzing architectural patterns of SSI systems with respect to a threat model built on our investigation of real-world security concerns. Our framework mechanizes a modeling language to formalize patterns and threats with security properties in temporal logic and automatically generates programs for verification via model checking. Besides, we present typical vulnerable patterns verified by SecureSSI, a standalone integrated development environment, integrating commonly used pattern and attacker models to practicalize our framework.

Cryptography and Security

Weiwu Ren,Liang Hu,Kuo Zhao,Bing Jia

DOI: https://doi.org/10.4028/www.scientific.net/amr.694-697.2466

2013-01-01

Advanced Materials Research

Abstract:Semantic modeling has become indispensable to integrate various specific security issues of Internet of Things. How to describe attack scenarios and how to define an intrusion unambiguously has been an urgent problem. For solving two above problems, a new three-level information security ontology model is proposed, which is an initial attempt to solve security issues by means of ontology technology. Five top classes are proposed in the domain ontology level. Then their subclasses are also proposed on the basis of actual scenarios in the local ontology level. Our intelligent laboratory, as experiment scenarios, is partly instantiated.

DIEGO CALVANESE,MARCO MONTALI,MARLON DUMAS,FABRIZIO M. MAGGI

DOI: https://doi.org/10.1017/S1471068418000479

2019-10-07

Theory and Practice of Logic Programming

Abstract:The Decision Model and Notation (DMN) is a recent Object Management Group standard for the elicitation and representation of decision models and for managing their interconnection with business processes. DMN builds on the notion of decision tables and their combination into more complex decision requirements graphs (DRGs), which bridge between business process models and decision logic models. DRGs may rely on additional, external business knowledge models, whose functioning is not part of the standard. In this work, we consider one of the most important types of business knowledge, namely, background knowledge that conceptually accounts for the structural aspects of the domain of interest, and propose decision knowledge bases (DKBs), which semantically combine DRGs modeled in DMN, and domain knowledge captured by means of first-order logic with datatypes. We provide a logic-based semantics for such an integration, and formalize different DMN reasoning tasks for DKBs. We then consider background knowledge formulated as a description logic (DL) ontology with datatypes, and show how the main verification tasks for DMN in this enriched setting can be formalized as standard DL reasoning services and actually carried out in ExpTime. We discuss the effectiveness of our framework on a case study in maritime security.

computer science, theory & methods, software engineering,logic