A Distributed Secure Ontology for Certified Services Oriented Applications

Currently, SOAs are the major trend for large -- scale infrastructures and applications that are built from loosely -- coupled well -- separated services and that are subject to dynamic configuration, operation and evolution. Concretely, in open SOAs, trust becomes an essential element and certification of security properties offered by the services will be crucial. In SOAs systems, service consumers and providers need to exchange data in a flexible and consistent way, take into account cultural and language issues and consider data vulnerability and trust relationships. Ontologies have been largely used to support interoperability and recently, their use has been extended to address security. When ontologies are used in open systems, it is essential to provide adequate means to protect them, guaranteeing its authenticity, identifying the providers of the elements in the ontology. Taking into account the limitations of the current security mechanisms for ontologies of SOAs and in order to support the certification process addressed by ASSERT4SOA project (founded by FP7 of the European Union), we present in this paper a framework to define secure, distributed ontologies (SDOs) supporting system integration (data, information, and knowledge interoperability) in certified service environment.