Ontology-Based Policy Translation
نویسندگان
چکیده
Quite often attacks are enabled by mis-configurations generated by human errors. Policy-based network management has been proposed to cope with this problem: goals are expressed as high-level rules that are then translated into low-level configurations for network devices. While the concept is clear, there is a lack of tools supporting this strategy. We propose an ontology-based policy translation approach that mimics the behaviour of expert administrators, without their mistakes. We use ontologies to represent the domain knowledge and then perform reasonings (based on best practice rules) to create the configurations for network-level security controls (e.g., firewall and secure channels). If some information is missing from the ontology, the administrator is guided to provide the missing data. The configurations generated by our approach are represented in a vendor-independent format and therefore can be used with several real devices.
منابع مشابه
Ontology-based Security Policy Translation
The security configuration of large networked ICT systems is a difficult and error-prone task. Quite often attacks are enabled by mis-configurations generated by human errors. Policybased network management has been proposed to cope with this problem: goals are expressed as high-level rules that are then translated into low-level configurations for network devices. While the concept is clear, t...
متن کاملImplementation of a Health Policy Advisory Committee as a Knowledge Translation Platform: The Nigeria Experience
Background In recent times, there has been a growing demand internationally for health policies to be based on reliable research evidence. Consequently, there is a need to strengthen institutions and mechanisms that can promote interactions among researchers, policy-makers and other stakeholders who can influence the uptake of research findings. The Health Policy Advisory Committee (HPAC) is on...
متن کاملDAML Reality Check: A Case Study of KAoS Domain and Policy Services
Description-logic-based knowledge representations and reasoning methods are being used increasingly as the basis for semantically-rich software services. Using such representations and reasoning methods in comprehensive applications is among one of the best ways to identify and understand gaps and limitations. KAoS domain and policy services, which rely extensively on a DAML-based ontology, are...
متن کاملTranslating Evidence into Healthcare Policy and Practice: Single Versus Multi-Faceted Implementation Strategies – Is There a Simple Answer to a Complex Question?
How best to achieve the translation of research evidence into routine policy and practice remains an enduring challenge in health systems across the world. The complexities associated with changing behaviour at an individual, team, organizational and system level have led many academics to conclude that tailored, multifaceted strategies provide the most effective approach to knowledge translati...
متن کاملCoordinating Heterogeneous Information Services based on Approximate Ontology Translation
This paper proposes an approximate ontology translation framework for coordinating heterogeneous information services such as regional information services. To achieve semantic interoperability in heterogeneous information services, ontologies have been widely used. Translation of multiple ontologies is necessary for a domain with cross-cultural aspects, such as regional information services. O...
متن کامل