Abstract: Web-based application security requires that both the supporting technologies and the applications are secure. Until recently, Web data security research focused mainly on developing security models for semi-structured data, like XML. These efforts addressed XML syntax, ignoring data and application specific semantics conveyed by the XML documents. While the existing models are suitable for custom tailored applications, like data exchange between participants, the lack of semantics make them insufficient to provide high assurance security for future Web-based applications.

This talk gives an overview of current efforts to provide data and application security in the context of the WWW and identifies unexplored research areas. Two main research directions to extend the XML model with semantics are discussed. The first approach extends the XML model with traditional database concepts, like keys and database constraints. The second approach aims to associate XML documents with semantic languages supporting Web-based applications. The security needs of Web metadata, like RDF, RDFS, and OWL, and the risk of inference and data aggregation problems supported by these languages are also studied.

Biography: Csilla Farkas is an Assistant Professor in the Department of Computer Science and Engineering and Director of the Center for Information Assurance Engineering at the University of South Carolina. Farkas’ research interests include information security, data inference problem, economic and legal analysis of cyber crime, and security and privacy on the Semantic Web. She is a recipient of the National Science Foundation Career award. The topic of her award is “Semantic Web: Interoperation vs. Security – A New Paradigm of Confidentiality Threats.” She actively participates in international scientific communities as program committee member and reviewer.

More information may be found at: http://www.cse.sc.edu/~farkas