@prefix owl: <http://www.w3.org/2002/07/owl#> .
@prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .
@prefix dc11: <http://purl.org/dc/elements/1.1/> .
@prefix skos: <http://www.w3.org/2004/02/skos/core#> .
@prefix dc: <http://purl.org/dc/terms/> .
@prefix xsd: <http://www.w3.org/2001/XMLSchema#> .
@prefix ns0: <http://www.w3.org/2003/06/sw-vocab-status/ns#> .
@prefix cc: <http://creativecommons.org/ns#> .
@prefix ns1: <http://purl.org/vocab/vann/> .
@prefix foaf: <http://xmlns.com/foaf/0.1/> .
@prefix ns2: <http://securitytoolbox.appspot.com/securityMain#> .

<http://securitytoolbox.appspot.com/securityMain#>
  a owl:Ontology, <http://purl.org/vocommons/voaf#Vocabulary> ;
  rdfs:comment "A security ontology to annotate resources with security-related information" ;
  dc11:title "Security Main"@en ;
  skos:historyNote "Ontology extracted from the paper Security Ontology for Annotating Resources. [Kim et al. 2005] (See APPENDIX D. OWL Representations of the NRL Security Ontology) Security ontology to faciliate web service description and discovery."@en ;
  dc11:description "An ontology to describe various cryptographic algorithms"@en ;
  dc:source <http://www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA437938> ;
  dc11:creator <mailto:kim@itd.nrl.navy.mil>, <mailto:luo@itd.nrl.navy.mil>, <mailto:mkang@itd.nrl.navy.mil> ;
  dc11:contributor <mailto:gyrard@eurecom.fr> ;
  dc:issued "2005-08-31"^^xsd:date ;
  dc:modified "2015-03-27"^^xsd:date ;
  owl:versionInfo 0.2 ;
  ns0:term_status "Finished" ;
  cc:license <http://creativecommons.org/licenses/by/3.0/> ;
  ns1:preferredNamespacePrefix "algo" ;
  ns1:preferredNamespaceUri "http://securitytoolbox.appspot.com/securityMain#" .

<mailto:kim@itd.nrl.navy.mil>
  a foaf:Person ;
  foaf:name "Anya Kim" .

<mailto:luo@itd.nrl.navy.mil>
  a foaf:Person ;
  foaf:name "Jim Luo" .

<mailto:mkang@itd.nrl.navy.mil>
  a foaf:Person ;
  foaf:name "Myong Kang" .

<mailto:gyrard@eurecom.fr>
  a foaf:Person ;
  foaf:name "Amelie Gyrard" .

<http://securitytoolbox.appspot.com/securityMain#SecurityObjective>
  a owl:Class ;
  rdfs:label "Security Objective"@en .

<http://securitytoolbox.appspot.com/securityMain#SecurityConcept>
  a owl:Class ;
  rdfs:label "Security Concept"@en .

<http://securitytoolbox.appspot.com/securityMain#SecurityProtocol>
  a owl:Class ;
  rdfs:label "Security Protocol"@en ;
  rdfs:subClassOf <http://securitytoolbox.appspot.com/securityMain#SecurityConcept> .

<http://securitytoolbox.appspot.com/securityMain#SecurityMechanism>
  a owl:Class ;
  rdfs:label "Security Mechanism"@en ;
  rdfs:subClassOf <http://securitytoolbox.appspot.com/securityMain#SecurityConcept> .

<http://securitytoolbox.appspot.com/securityMain#SecurityPolicy>
  a owl:Class ;
  rdfs:label "Security Policy"@en ;
  rdfs:subClassOf <http://securitytoolbox.appspot.com/securityMain#SecurityConcept>, [
    a owl:Restriction ;
    owl:onProperty <http://securitytoolbox.appspot.com/supportsSecurityObjectives> ;
    owl:hasValue <http://securitytoolbox.appspot.com/Authorization>
  ] .

<http://securitytoolbox.appspot.com/securityMain#AuthenticationProtocol>
  a owl:Class ;
  rdfs:label "Authentication Protocol"@en ;
  rdfs:subClassOf <http://securitytoolbox.appspot.com/securityMain#SecurityProtocol>, [
    a owl:Restriction ;
    owl:onProperty <http://securitytoolbox.appspot.com/securityMain#supportsSecurityObjectives> ;
    owl:hasValue <http://securitytoolbox.appspot.com/securityMain#UserAuthentication>
  ] .

<http://securitytoolbox.appspot.com/securityMain#KeyManagementProtocol>
  a owl:Class ;
  rdfs:label "Key Management Protocol"@en ;
  rdfs:subClassOf <http://securitytoolbox.appspot.com/securityMain#SecurityProtocol>, [
    a owl:Restriction ;
    owl:onProperty <http://securitytoolbox.appspot.com/securityMain#supportsSecurityObjectives> ;
    owl:hasValue <http://securitytoolbox.appspot.com/securityMain#KeyManagement>
  ] .

<http://securitytoolbox.appspot.com/securityMain#EncryptionProtocol>
  a owl:Class ;
  rdfs:label "Encryption Protocol"@en ;
  rdfs:subClassOf <http://securitytoolbox.appspot.com/securityMain#SecurityProtocol>, [
    a owl:Restriction ;
    owl:onProperty <http://securitytoolbox.appspot.com/securityMain#supportsSecurityObjectives> ;
    owl:hasValue <http://securitytoolbox.appspot.com/securityMain#Confidentiality>
  ] .

<http://securitytoolbox.appspot.com/securityMain#SignatureProtocol>
  a owl:Class ;
  rdfs:label "Signature Protocol"@en ;
  rdfs:subClassOf <http://securitytoolbox.appspot.com/securityMain#SecurityProtocol>, [
    a owl:Restriction ;
    owl:onProperty <http://securitytoolbox.appspot.com/securityMain#supportsSecurityObjectives> ;
    owl:hasValue <http://securitytoolbox.appspot.com/securityMain#MessageAuthentication>
  ] .

<http://securitytoolbox.appspot.com/securityMain#NetworkSecurityProtocol>
  a owl:Class ;
  rdfs:label "Network Security Protocol"@en ;
  rdfs:subClassOf <http://securitytoolbox.appspot.com/securityMain#SecurityProtocol> .

<http://securitytoolbox.appspot.com/securityMain#ServiceMechanism>
  a owl:Class ;
  rdfs:label "Service Mechanism"@en ;
  rdfs:subClassOf <http://securitytoolbox.appspot.com/securityMain#SecurityMechanism> .

<http://securitytoolbox.appspot.com/securityMain#HostMechanism>
  a owl:Class ;
  rdfs:label "Host Mechanism"@en ;
  rdfs:subClassOf <http://securitytoolbox.appspot.com/securityMain#SecurityMechanism> .

<http://securitytoolbox.appspot.com/securityMain#NetworkMechanism>
  a owl:Class ;
  rdfs:label "Network Mechanism"@en ;
  rdfs:subClassOf <http://securitytoolbox.appspot.com/securityMain#SecurityMechanism> .

<http://securitytoolbox.appspot.com/securityMain#ApplicationMechanism>
  a owl:Class ;
  rdfs:label "Application Mechanism"@en ;
  rdfs:subClassOf <http://securitytoolbox.appspot.com/securityMain#SecurityMechanism> .

<http://securitytoolbox.appspot.com/securityMain#CommercialPolicy>
  a owl:Class ;
  rdfs:label "Commercial Policy"@en ;
  rdfs:subClassOf <http://securitytoolbox.appspot.com/securityMain#SecurityPolicy> .

<http://securitytoolbox.appspot.com/securityMain#MilitaryPolicy>
  a owl:Class ;
  rdfs:label "Military Policy"@en ;
  rdfs:subClassOf <http://securitytoolbox.appspot.com/securityMain#SecurityPolicy> .

<http://securitytoolbox.appspot.com/securityMain#supportsSecurityObjectives>
  a owl:ObjectProperty ;
  rdfs:label "supports Security Objectives"@en ;
  rdfs:domain <http://securitytoolbox.appspot.com/securityMain#SecurityConcept> ;
  rdfs:range <http://securitytoolbox.appspot.com/securityMain#SecurityObjective> ;
  rdfs:comment """
Any SecurityConcept can support one or more of the Security Objectives defined
in the SecurityObjective class
""" .

<http://securitytoolbox.appspot.com/securityMain#hasAlgorithm>
  a owl:ObjectProperty ;
  rdfs:label "hasAlgorithm"@en ;
  rdfs:domain <http://securitytoolbox.appspot.com/securityMain#SecurityProtocol> ;
  rdfs:range <http://securitytoolbox.appspot.com/securityAlgorithms#Algorithm> .

<http://securitytoolbox.appspot.com/securityMain#hasAssurance>
  a owl:ObjectProperty ;
  rdfs:label "hasAssurance"@en ;
  rdfs:domain [
    a owl:Class ;
    owl:unionOf (
     <http://securitytoolbox.appspot.com/securityMain#SecurityProtocol>
     <http://securitytoolbox.appspot.com/securityMain#SecurityMechanism>
   )
  ] ;
  rdfs:range <http://www.kim.com/NRLOntologyFiles/securityAssurance.owl#Assurance> .

<http://securitytoolbox.appspot.com/securityMain#reqCredential>
  a owl:ObjectProperty ;
  rdfs:label "reqCredential"@en ;
  rdfs:domain <http://securitytoolbox.appspot.com/securityMain#SecurityProtocol> ;
  rdfs:range <http://www.kim.com/NRLOntologyFiles/credentials.owl#Credential> .

<http://securitytoolbox.appspot.com/securityMain#hasSignatureAlgorithm>
  a owl:ObjectProperty ;
  rdfs:label "hasSignatureAlgorithm"@en ;
  rdfs:subPropertyOf <http://securitytoolbox.appspot.com/securityMain#hasAlgorithm> ;
  rdfs:range <http://securitytoolbox.appspot.com/securityAlgorithms#SignatureAlgorithm> .

<http://securitytoolbox.appspot.com/securityMain#hasEncryptionAlgorithm>
  a owl:ObjectProperty ;
  rdfs:label "hasEncryptionAlgorithm"@en ;
  rdfs:subPropertyOf <http://securitytoolbox.appspot.com/securityMain#hasAlgorithm> ;
  rdfs:range <http://securitytoolbox.appspot.com/securityAlgorithms#EncryptionAlgorithm> .

<http://securitytoolbox.appspot.com/securityMain#Confidentiality>
  a <http://securitytoolbox.appspot.com/securityMain#SecurityObjective> ;
  rdfs:comment """
Protects against information being disclosed or revealed to unauthorized
parties.
""" .

<http://securitytoolbox.appspot.com/securityMain#Availability>
  a <http://securitytoolbox.appspot.com/securityMain#SecurityObjective> ;
  rdfs:comment """
Provides guarantee that resource is available to authorized users at any
authorized time.
""" .

<http://securitytoolbox.appspot.com/securityMain#UserAuthentication>
  a <http://securitytoolbox.appspot.com/securityMain#SecurityObjective> ;
  rdfs:comment """
Provides assurance of the identity of a person or entity.
""" .

<http://securitytoolbox.appspot.com/securityMain#MessageAuthentication>
  a <http://securitytoolbox.appspot.com/securityMain#SecurityObjective> ;
  rdfs:comment """
Provides guarantee that message came from whoever claimed to have sent it.
""" .

<http://securitytoolbox.appspot.com/securityMain#Authorization>
  a <http://securitytoolbox.appspot.com/securityMain#SecurityObjective> ;
  rdfs:comment """
Only authorized entities are allowed to access resources in an authorized
manner.
(Aka Access Control). If desired, user may create instance of AccessControl as
well.
""" .

<http://securitytoolbox.appspot.com/securityMain#MessageIntegrity>
  a <http://securitytoolbox.appspot.com/securityMain#SecurityObjective> ;
  rdfs:comment """
Data integrity or Message integrity; data cannot be changed, deleted,
modified, etc by unauthorized parties.
""" .

<http://securitytoolbox.appspot.com/securityMain#KeyManagement>
  a <http://securitytoolbox.appspot.com/securityMain#SecurityObjective> ;
  rdfs:comment """
(SecondaryObjective) Securely manages keys for legitimate users.
""" .

<http://securitytoolbox.appspot.com/securityMain#ReplayPrevention>
  a <http://securitytoolbox.appspot.com/securityMain#SecurityObjective> ;
  rdfs:comment """
(Secondary Objective) Protect against replay attacks
""" .

<http://securitytoolbox.appspot.com/securityMain#Trust>
  a <http://securitytoolbox.appspot.com/securityMain#SecurityObjective> ;
  rdfs:comment """
(Secondary Objective) How to trust entity. Trust not only of identification,
but statements, claims, etc.
""" .

<http://securitytoolbox.appspot.com/securityMain#HostTrust>
  a <http://securitytoolbox.appspot.com/securityMain#SecurityObjective> ;
  rdfs:comment """
(Secondary Objective) How to trust host or platform. Is relevant to Common
criteria, etc.
""" .

<http://securitytoolbox.appspot.com/securityMain#CovertChannelPrevention>
  a <http://securitytoolbox.appspot.com/securityMain#SecurityObjective> ;
  rdfs:comment """
(Secondary Objective) Prevent or limit the existance of covert channels
""" .

<http://securitytoolbox.appspot.com/securityMain#Separation>
  a <http://securitytoolbox.appspot.com/securityMain#SecurityObjective> ;
  rdfs:comment """
(Secondary Objective)
""" .

<http://securitytoolbox.appspot.com/securityMain#TrafficHiding>
  a <http://securitytoolbox.appspot.com/securityMain#SecurityObjective> ;
  rdfs:comment """
(Secondary Objective) Pad traffic with bogus data to hide traffic patterns
""" .

<http://securitytoolbox.appspot.com/securityMain#Anonymity>
  a <http://securitytoolbox.appspot.com/securityMain#SecurityObjective> ;
  rdfs:comment """
(Secondary Objective) Provides anonymity
""" .

<http://securitytoolbox.appspot.com/securityMain#Kerberos> a <http://securitytoolbox.appspot.com/securityMain#AuthenticationProtocol> .
<http://securitytoolbox.appspot.com/securityMain#SAML> a <http://securitytoolbox.appspot.com/securityMain#AuthenticationProtocol> .
<http://securitytoolbox.appspot.com/securityMain#LoginProtocol> a <http://securitytoolbox.appspot.com/securityMain#AuthenticationProtocol> .
<http://securitytoolbox.appspot.com/securityMain#XML-dsig> a <http://securitytoolbox.appspot.com/securityMain#SignatureProtocol> .
<http://securitytoolbox.appspot.com/securityMain#XML-enc> a <http://securitytoolbox.appspot.com/securityMain#EncryptionProtocol> .
<http://securitytoolbox.appspot.com/securityMain#XKMS> a <http://securitytoolbox.appspot.com/securityMain#KeyManagementProtocol> .
<http://securitytoolbox.appspot.com/securityMain#SSH>
  a <http://securitytoolbox.appspot.com/securityMain#NetworkSecurityProtocol> ;
  ns2:supportsSecurityObjectives ns2:Integrity, ns2:Confidentiality, ns2:UserAuthentication, ns2:MessageAuthentication .

ns2:IPSec
  a ns2:NetworkSecurityProtocol ;
  ns2:supportsSecurityObjectives ns2:MessageAuthentication, ns2:Integrity, ns2:Confidentiality .

ns2:SSL
  a ns2:NetworkSecurityProtocol ;
  owl:sameAs ns2:TLS ;
  ns2:supportsSecurityObjectives ns2:Confidentiality, ns2:UserAuthentication .

ns2:TLS
  a ns2:NetworkSecurityProtocol ;
  owl:sameAs ns2:SSL ;
  ns2:supportsSecurityObjectives ns2:UserAuthentication, ns2:Confidentiality .

ns2:SoapFirewall
  a ns2:ServiceMechanism ;
  ns2:supportsSecurityObjectives ns2:Authorization .

ns2:Safehost
  a ns2:HostMechanism ;
  ns2:supportsSecurityObjectives ns2:HostTrust .

ns2:VMM
  a ns2:HostMechanism ;
  ns2:supportsSecurityObjectives ns2:HostTrust .

ns2:VPN
  a ns2:NetworkMechanism ;
  ns2:supportsSecurityObjectives ns2:Confidentiality, ns2:Separation .

ns2:MLSPump
  a ns2:NetworkMechanism ;
  ns2:supportsSecurityObjectives ns2:CovertChannelPrevention .

ns2:OnionRouter
  a ns2:NetworkMechanism ;
  ns2:supportsSecurityObjectives ns2:Anonymity, ns2:Confidentiality .

ns2:RBAC
  a ns2:SecurityPolicy ;
  rdfs:comment """
Role-based Access Control
""" .

ns2:ClarkWilson a ns2:CommercialPolicy .
ns2:ChineseWall a ns2:CommercialPolicy .
ns2:BLP
  a ns2:MilitaryPolicy ;
  rdfs:comment """
Bell La-Padula
""" .