Abstract
As the ontologies are the pivotal element of the Semantic Web in E-Commerce, it is necessary to protect the ontology’s integrity and availability. In addition, both suppliers and buyers will use an ontology to store confidential knowledge pertaining to their preferences or possible substitutions for certain products. Thus, parts of an ontology will need to be kept confidential. We propose to use well established standards of XML access control. E-commerce processes require the confidentiality of customer information, the integrity of product offers and the availability of the vendors’ servers. Our main contribution-the introduction of a Security Ontology-helps to structure and simulate IT security risks of e-commerce players that depend on their IT infrastructure.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Bhavnani, S.K., et al.: Strategy hubs: next-generation domain portals with search procedures. In: CHI ’03: Proceedings of the SIGCHI conference on Human factors in computing systems, Ft. Lauderdale, Florida, USA, pp. 393–400. ACM Press, New York (2003), doi:10.1145/642611.642680
Bertino, E., Ferrari, E.: Secure and selective dissemination of xml documents. ACM Trans. Inf. Syst. Secur. 5(3), 290–331 (2002), doi:10.1145/545186.545190
Claessens, J., Preneel, B., Vandewalle, J. (How) can mobile agents do secure electronic transactions on untrusted hosts? A survey of the security issues and the current solutions. ACM Trans. Inter. Tech. 3(1), 28–48 (2003), doi:10.1145/643477.643479
Damiani, E., et al.: A fine-grained access control system for xml documents. ACM Trans. Inf. Syst. Secur. 5(2), 169–202 (2002), doi:10.1145/505586.505590
ebay (2007), http://www.ebay.com/
ebsemantics (2006), http://www.ebsemantics.org
Ekelhart, A., et al.: Security ontology: Simulating threats to corporate assets. In: Bagchi, A., Atluri, V. (eds.) ICISS 2006. LNCS, vol. 4332, pp. 249–259. Springer, Heidelberg (2006)
Ekelhart, A., et al.: Security ontologies: Improving quantitative risk analysis. In: Proceedings of the 40th Hawaii International Conference on System Sciences (HICSS 2007) (Jan. 2007)
Fan, W., Chan, C.-Y., Garofalakis, M.: Secure xml querying with security views. In: SIGMOD ’04: Proceedings of the 2004 ACM SIGMOD international conference on Management of data, Paris, France, pp. 587–598. ACM Press, New York (2004), doi:10.1145/1007568.1007634
Gambetta, D.: Can we trust trust. In: Gambetta, D. (ed.) Trust: Making and Breaking Cooperative Relatioins, pp. 213–237. Published Online (2000)
Glushko, R.J., Tenenbaum, J.M., Meltzer, B.: An xml framework for agent-based e-commerce. Commun. ACM 42(3), 106 (1999), doi:10.1145/295685.295720
Reduction of price dispersion through Semantic E-commerce. In: CEUR Workshop Proceedings, vol. 55 (2002), http://www.CEUR-WS.org
Hauser, H.E.: Smes in germany, facts and figures 2000. Institut für Mittelstandsforschung, Bonn (2000)
Huynh, T.D., Jennings, N.R., Shadbolt, N.R.: Certified reputation: how an agent can trust a stranger. In: AAMAS ’06: Proceedings of the fifth international joint conference on Autonomous agents and multiagent systems, Hakodate, Japan, pp. 1217–1224. ACM Press, New York (2006), doi:10.1145/1160633.1160854
Klein, M., Bernstein, A.: Toward high-precision service retrieval. IEEE Internet Computing 8(1), 30–36 (2004)
Owl web ontology language (2004), http://www.w3.org/TR/owl-features/
Peters, R.: Elektronische Märkte und automatisierte Verhandlungen. Wirtschaftsinformatik 42(5), 413–421 (2000)
Qin, L., Atluri, V.: Concept-level access control for the semantic web. In: XMLSEC ’03: Proceedings of the 2003 ACM workshop on XML security, Fairfax, Virginia, pp. 94–103. ACM Press, New York (2003), doi:10.1145/968559.968575
Romao, A., Da Silva, M.M.: Proxy certificates: A mechanism for delegating digital signature power to mobile agents. In: IAT99 Workshop on Agents in Electronic Commerce (1999)
Schoop, M., et al.: Enhancing decision and negotiation support in enterprise networks through semantic web technologies. In: XML Technologien für das Semantic Web - XSW 2002, Proceedings zum Workshop, pp. 161–167. GI (2002)
Schoop, M.: Semantic web technology for electronic commerce. In: Proceedings of the The Tenth Research Symposium on Emerging Electronic Markets (2003)
Schoop, M., et al.: A three-phase model of electronic marketplaces for software components in chemical engineering. In: I3E ’01: Proceedings of the IFIP Conference on Towards The E-Society, Deventer, The Netherlands, pp. 507–522. Kluwer Academic Publishers, Dordrecht (2001)
Trastour, D., Bartolini, C., Priest, C.: Semantic web support for the business-to-business e-commerce lifecycle (2002)
Xml key management specification (xkms) (2001), http://www.w3.org/TR/xkms/
Xml-signature syntax and processing (2002), http://www.w3.org/TR/xmldsig-core/
Zacharia, G.: Trust management through reputation mechanisms. In: Third International Conference on Autonomous Agents (Agents ’99), May 1999, ACM Press, New York (1999)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer Berlin Heidelberg
About this paper
Cite this paper
Ekelhart, A., Fenz, S., Tjoa, A.M., Weippl, E.R. (2007). Security Issues for the Use of Semantic Web in E-Commerce. In: Abramowicz, W. (eds) Business Information Systems. BIS 2007. Lecture Notes in Computer Science, vol 4439. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-72035-5_1
Download citation
DOI: https://doi.org/10.1007/978-3-540-72035-5_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-72034-8
Online ISBN: 978-3-540-72035-5
eBook Packages: Computer ScienceComputer Science (R0)