Security enforcement using PKI in semantic web

Abstract

The communication technology is developing in internet to use WWW through wired and wireless networks. The electronic authentication system based on PKI (public key infrastructure) was developed in order to guarantee the stability of client-server type of applications. The efficiency decreases when some of user node becomes mobile terminal, making this capacity, and speeds of internet communication have gone to degrade. In this paper, we propose the PKI security system to authenticate Semantic Web service providers as well as Web service consumers. We consider a secure PKI infrastructure that has four main components, they are Certification Authority, Registration authority, certificate revocation list and certificate validation authority. Each component has specified functionalities to use XML based message to multi purpose communication. Mobile nature of user's authentication requires a distributed PKI server to authenticate requesting application on internet. Mobility attains different security issues in wireless PKI communication for remote users. We can not assume secure communication of user on internet in open environment till all basic components of PKI system is not in safe condition. CRL (certificate revocation list), and OCSP (online certificate status protocol) are common method to check status of a certificate online. Digital certificate validation resolves problem of security by making real-time verification possible. We have addressed here it for dependability aspects for the semantic web as well as data quality, integrity real-time processing and security for the semantic web. We need to ensure that our work on semantic web is a subject to unauthorized / intrusions and malicious web applications during key exchange. ©2010 IEEE.