Semantic Cyber Information Modeling Initiative (SCIMI)

WWW.CYBERONTOLOGY.ORG / WWW.PRIVACYONTOLOGY.ORG

Welcome to the Semantic Cyber Information Modeling Initiative (SCIMI), a community effort to crowdsource open source semantic information models (incl. ontologies and Domain Specific Languages) that facilitates a sharing, integrating, and processing of information about security, privacy, compliance, and other utility concepts.

For now, the initiative is initially founded by ObjectSecurity, a leader in semantic modeling of cyber security. We hope to make this a broader community initiative. Please contact us to join. We provide a community mailing list and online tools to collectively edit the ontology. We are not restricted to OWL, or even traditional ontologies, but will pick the most suitable standards and tools for each purpose.

All contributions will be attributed to their authors.

Please write a blurb below here:

Dr. Ulrich Lang, ObjectSecurity

About Me (up to 15 lines)

Dr. Ulrich Lang (CEO, co-founder) received his Ph.D. from the University of Cambridge Computer Laboratory (Security Group) on conceptual aspects of middleware security in 2003 (sponsored by the UK Defence and Evaluation Research Agency (DERA), after having completed a Master's Degree (M. Sc.) in Information Security with distinction from Royal Holloway College (University of London) in 1997. On the management side, he has recently completed a Business Marketing Strategy course at the Kellogg School of Management (Northwestern University). Prior to his M. Sc. he studied computer science & management at the University of Munich and at Royal Holloway College (University of London). Ulrich is a renowned thought leader in model-driven security, access control policy, and Cloud/SOA/middleware security. He is on the Board of Directors of the Cloud Security Alliance (Silicon Valley Chapter). Ulrich is a technical expert witness. He is also responsible for the business and technical strategy, architecture and direction of ObjectSecurity and the OpenPMF product. In addition, Ulrich leads the consultancy business within ObjectSecurity (esp. for IoT/SOA/Cloud security, privacy, model-driven security, security ontologies). Ulrich also runs ObjectSecurity's Silicon Valley office. He has also previously worked as a proposal evaluator, project evaluator (e.g. EU Framework Programmes), conference program committee, panel moderator, consultant, book author.

About my Organization (up to 5 lines)

ObjectSecurity is an information security specialist company with a highly innovative technology portfolio and a strong consulting, R&D, services track record. ObjectSecurity was founded in 2000 by leading information security experts and has offices in San Diego & San Francisco, CA, USA, and in Cambridge, UK.

Why I am interested in semantic cyber information modeling, and what I can contribute

We spent over 10 years developing "model-driven security", which - in our OpenPMF implementation - turns human-manageable security policies automatically into the matching preventive technical security (esp. access) enforcement implementation and proactive detection/monitoring implementation. It also generates evidence for accreditation/compliance, remediation and forensics automatically. We use Eclipse EMF to model policies, and the example Privacy DSL at www.cyberontology.org is designed to fit in with our product. We would like to align our work with the work of others.

Contact

www.objectsecurity.com/en-contact.html

Robert Onslow, PrivacyBuilder

About Me (up to 15 lines)

Robert is a UK barrister specializing in intellectual property, information technology and data protection. Robert is also founder and programmer of 2 initiatives: XBundle - which aims to provide user friendly electronic court bundles in civil and criminal litigation, and PrivacyBuilder (see below). Robert studied physics at Oxford University, and Diploma in Law at City University, London. He has a particular interest in functional programming, and writes his commercial programs in Haskell, Python and Java, but has also evaluated OWL ontology tools, and languages with proof assistants such as Idris.

About my Organization (up to 5 lines)

PrivacyBuilder is a hosted service which allows an organisation to model personal data held within the organisation and the processings carried out using the personal data. The organisation then goes on to construct user consents to those processings. PrivacyBuilder will then generate consent widgets for the organisation to place on its websites. User consents using the widgets are flagged to PrivacyBuilder and stored. PrivacyBuilder can then be queried to allow a profile page to be displayed to the user to allow consents to viewed and withdrawn. PrivacyBuilder will then advise the organisation which data fields should be deleted in order to ensure compliance with the right to be forgotten.

Why I am interested in semantic cyber information modeling, and what I can contribute

Having joined the IPEN initiative, I have become interested in a DSL which defines allowed operations over personal data which enforces the principles of the Data Protection Regulation. Following discussions with Ulrich, I believe that semantic modelling is a useful first stage in defining the types with which the DSL will interact.

please explain your interest/competency around semantic cyber information modeling etc.

I believe that I can contribute particularly at the interface between law and the technology

Contact:

Via the mailing list

Ian Oliver

I'm a security specialist with Nokia and author of, I guess, the first book on privacy engineering ( http://www.privacyengineeringbook.net/ ).

Why I am interested in semantic cyber information modeling, and what I can contribute

I have a particular interest in ontologies and the deeper semantic and software engineering related aspects. I spent a number of years trying to develop tools and techniques for the software engineer to assist them in developing and auditing systems that were 'privacy compliant'. IN doing do I've worked with ontologies, aspects of safety-critical design, DSLs, PETs as well as the underlying implementation technologies from programming and modelling languages to concepts such as NFV and standardisation.

Contact:

Via: [http://www.privacyengineeringbook.net/]

[PLEASE COPY THE FOLLOWIG TEMPLATE, AND LEAVE IT FOR THE NEXT USER - THANKS]

your name

About Me (up to 15 lines)

about you

About my Organization (up to 5 lines)

about your organization

Why I am interested in semantic cyber information modeling, and what I can contribute

please explain your interest/competency around semantic cyber information modeling etc.

Contact:

please add your contact info