ontolog-forum
[Top] [All Lists]

Re: [ontolog-forum] Danger of URIs in mission-critical applications

To: "[ontolog-forum]" <ontolog-forum@xxxxxxxxxxxxxxxx>
From: Ken Laskey <klaskey@xxxxxxxxx>
Date: Thu, 9 Jul 2009 10:38:50 -0400
Message-id: <A5AAE3CA-079A-43F7-AB74-83D826FC5880@xxxxxxxxx>
The URI is an identifier that "can" be dereferenced but may be  
sufficient in its uniqueness that actual access to the defining  
resource is very infrequent.  I need to know we are both referring to  
the same "gram" but I don't need to retrieve the definition to know  
what it is.    (01)

On Jul 9, 2009, at 10:30 AM, John F. Sowa wrote:    (02)

> Redirecting this thread from ontology-summit to ontolog forum.
> ______________________________________________________________
>
> Martin and David,
>
> All modern technology is based on universal identifiers such
> as 'gram' and 'volt', which are unique within the domain of
> measurement.  For such purposes, the methods of resolving the
> identifiers are far more secure than any method based on URIs.
> A URI for the term 'gram', for example, would be a single point
> of failure that could be attacked by any novice-level hacker.
>
> I agree with both of those points:
>
> MH> Using [old fashioned paper methods] provide more legal/
>> administrative control that can be used to maintain the meaning
>> associated with the symbol. In particular, there is a lot of
>> "old economy" legal power to enforce compliance etc.
>>
>> URIs, in contrast, have the advantage that they drastically reduce
>> the cost for the community to look up the intended meaning of the
>> symbol (i.e. the URI), which reduces the familiarization costs and
>> may support convergence in the usage of the symbol in communication.
>
> That "old economy" had a lot of faults, but just note the recent
> economic disaster caused by people who used computers to avoid the
> controls of the "old economy".
>
> MH> So, IMO, URIs are the best technique that mankind has had so far
>> for establishing and maintaining / renewing consensus about the
>> meaning of those identifiers.
>
> If you replace "best" with "an interesting new", I'll accept that
> statement.  But so far, the people who are reaching that consensus
> have been innocent academics or worse the experienced kind of
> people who rejected the controls of the "old economy".
>
> DL> In the future ISO may assign identifiers to things rather than
>> documents.  These identifiers may be URIs, and ISO may provide
>> a Web service so that dereferencing a URI for a thing redirects
>> to a document that defines the thing.
>
> Yes, I'm aware of that danger.  But for any kind of mission-critical
> application, it's essential to guarantee that those dereferencing
> methods are secure.  Since secure methods are likely to have a
> higher level of overhead, it's important to dereference a single
> secure URI for an entire ontology, which includes the unique names
> such such as 'gram', 'kilogram', etc.
>
> Granularity down to the level of individual names is too dangerous
> and inefficient for each and every identifier used in an ontology.
>
> Note the following article (one of many):
>
>    SEOUL, South Korea  A wave of cyberattacks aimed at 27 American
>    and South Korean government agencies and commercial Web sites
>    temporarily jammed more than a third of them over the past five
>    days, and several sites in South Korea came under renewed attack
>    on Thursday.
>
> Source:
>   http://www.nytimes.com/2009/07/09/technology/09cyber.html?ref=technology
>
> If the current methods for using URIs ever became widely adopted in
> mission-critical applications, Kim Jong-il would be able to accomplish
> his grandest dream:
>
>    Reduce the entire world economy to the level of North Korea.
>
> For critical identifiers, such as the terms of an ontology, it is
> essential to perform a single dereferencing operation for an entire
> lexicon.  Within the ontology we can continue to use humanly readable
> identifiers, such as 'gram', 'volt', 'ampere', etc.  Those terms are
> secure because there is no single point of failure, such as a URI.
>
> John Sowa
>
>
> _________________________________________________________________
> Message Archives: http://ontolog.cim3.net/forum/ontolog-forum/
> Config Subscr: http://ontolog.cim3.net/mailman/listinfo/ontolog-forum/
> Unsubscribe: mailto:ontolog-forum-leave@xxxxxxxxxxxxxxxx
> Shared Files: http://ontolog.cim3.net/file/
> Community Wiki: http://ontolog.cim3.net/wiki/
> To join: http://ontolog.cim3.net/cgi-bin/wiki.pl?WikiHomePage#nid1J
> To Post: mailto:ontolog-forum@xxxxxxxxxxxxxxxx
>    (03)

-----------------------------------------------------------------------------
Ken Laskey
MITRE Corporation, M/S H305      phone: 703-983-7934
7515 Colshire Drive                         fax:       703-983-1379
McLean VA 22102-7508    (04)






_________________________________________________________________
Message Archives: http://ontolog.cim3.net/forum/ontolog-forum/  
Config Subscr: http://ontolog.cim3.net/mailman/listinfo/ontolog-forum/  
Unsubscribe: mailto:ontolog-forum-leave@xxxxxxxxxxxxxxxx
Shared Files: http://ontolog.cim3.net/file/
Community Wiki: http://ontolog.cim3.net/wiki/ 
To join: http://ontolog.cim3.net/cgi-bin/wiki.pl?WikiHomePage#nid1J
To Post: mailto:ontolog-forum@xxxxxxxxxxxxxxxx    (05)

<Prev in Thread] Current Thread [Next in Thread>