On 9/21/13 2:47 PM, John F Sowa wrote:
> Kingsley,
>
> I certainly agree on the semantic problems with RDBs. Those issues
> were recognized in the 1970s. And very good proposals for fixing
> the problems have been published, analyzed, and implemented in
> research systems for the nearly 40 years. The biggest obstacles
> have been the dominant vendors.
>
> JFS
>>> A lot of my personal data is stored by corporations whose security
>>> systems I depend on. At least, I'm thankful that they use RDBs,
>>> not SW formats.
> KI
>> Please!
>>
>> SQL RDBMS engines are horrible when it comes to security. Just down
>> right horrible. They use literal identifiers for their objects, they
>> are utterly challenged by semantics, and eternally vulnerable to social
>> engineering.
> I sympathize with all your complaints. But (a) RDBs have so little
> built-in semantics, that you can build any good semantics you prefer
> on top of them; (b) they support sufficient controls on transactions
> that they can be made far more secure than anything the W3C proposes. (01)
The W3C (as far as I know) has no proposal covering how you secure
databases. What they do have (that I know about) are specs for
structured data representation that includes the ability express and
embed entity oriented semantics using the RDF data model. (02)
>
> Please note that RDBs are currently used to run the major financial
> transactions for businesses and governments around the world. (03)
You know that I know that. (04)
I am sure you know that only a minority of these institutions haven't at
some time over the last 10 or so years been associated with a data breach. (05)
> They
> use the Internet for passing encrypted messages, not for transactions. (06)
Back to transactions, the issue is that we have data in repositories
that are devoid of the semantic smarts for controlling access to this
data. Thus, socially engineered attacks are the norm. (07)
These databases need firewalls around them that are based on entity
oriented semantics. The kind of semantics expressible using RDF. (08)
>
> KI
>> The solution to this problem with where the Semantic Web technology
>> stack is extremely strong.
> More precisely, the SW implemented a subset of the semantics that had
> been proposed by many different academic and commercial developers
> over the past 40 years. I'd use the term "better than SQL" for the
> SW semantics, but that isn't saying much. (09)
As you've indicated on many occassions, RDBMS technology is driving a
majority of the worlds financial systems, thus any tool that addresses
their semantically fallibility has to be better than nothing. The key is
not to "rip and replace" these products; instead, simply leverage
layering that basically delivers a logical firewall around the data. (010)
>
> KI
>> Basically, while ODBC, JDBC, ADO.NET from RDBMS vendors exist
>> (pre-installed) on systems, and users and enterprises remain ambivalent
>> of what data actually is, they are vulnerable beyond description.
> Of course! The Internet leaks like a sieve. That is why every secure
> system *must be* a silo. (At least until something better than the
> current Internet is developed.) (011)
A secure system needs a logical firewall around it. As you know, that's
the kind of thing you can only build by leveraging entity oriented
semantics. Of course, RDF isn't the end of the story, but its better
than what exists right now -- bearing in mind its proximity to other
aspects of the Web technology stack. (012)
Kingsley
>
> John
>
> _________________________________________________________________
> Message Archives: http://ontolog.cim3.net/forum/ontolog-forum/
> Config Subscr: http://ontolog.cim3.net/mailman/listinfo/ontolog-forum/
> Unsubscribe: mailto:ontolog-forum-leave@xxxxxxxxxxxxxxxx
> Shared Files: http://ontolog.cim3.net/file/
> Community Wiki: http://ontolog.cim3.net/wiki/
> To join: http://ontolog.cim3.net/cgi-bin/wiki.pl?WikiHomePage#nid1J
>
>
> (013)
-- (014)
Regards, (015)
Kingsley Idehen
Founder & CEO
OpenLink Software
Company Web: http://www.openlinksw.com
Personal Weblog: http://www.openlinksw.com/blog/~kidehen
Twitter/Identi.ca handle: @kidehen
Google+ Profile: https://plus.google.com/112399767740508618350/about
LinkedIn Profile: http://www.linkedin.com/in/kidehen (016)
smime.p7s
Description: S/MIME Cryptographic Signature
_________________________________________________________________
Message Archives: http://ontolog.cim3.net/forum/ontolog-forum/
Config Subscr: http://ontolog.cim3.net/mailman/listinfo/ontolog-forum/
Unsubscribe: mailto:ontolog-forum-leave@xxxxxxxxxxxxxxxx
Shared Files: http://ontolog.cim3.net/file/
Community Wiki: http://ontolog.cim3.net/wiki/
To join: http://ontolog.cim3.net/cgi-bin/wiki.pl?WikiHomePage#nid1J (01)
|