RDF/A Use Cases continued....





Given that XHTML 2.0 is about to go to final call and that it appears that
the XHTML Working Group are unlikely to have trawled our mailing list
recently, I think that we should be somewhat morally obliged to communicate
a set of potential warnings along with our blessing to include any variant
of RDF directly onto the ’clickable’ web. Hence, rather reluctantly, I feel
that I must climb back onto my soapbox, and apologise for my ramblings up
front…

I’m would never pretend that content of this mail is even partially
correct, or that others do not fully understand the potential misuse of
RDF/A already, but I think that it is important that we at least:-

-     Debate the potential for the misuse/abuse of Semantic Web
technologies when unleashed directly onto the ‘clickable’ Web. Hence I
would like to formally request ‘RDF/A Use Cases’ as an agenda item on our
next telecom on 2nd December.
-     Forward the findings of that debate, or a sanitised version of this
document, directly to the XHTML Working Group.

Before I go any further I must reiterate that I am strongly in favour of
the inclusion of RDF/A in any XHTML standard and merely consider that
playing the Devil’s advocate is always a strong tool to drive out counter
argument, no matter how weak.

For many years I have relied heavily on a simple equation in my work as a
Technical Architect:

INFORMATION (often a priceless resource) = DATA + STRUCTURE + CONTEXT

Every time I start to architect a technical solution with a new group of
people, I am constantly amazed by the fact that we, as a profession, are
unbelievably poor at remembering the importance of the last element in this
equation. Nearly everyone I encounter in my professional life can grasp
some understanding of ‘pure’ data, and a substantial number make a very
comfortable living – thank you very much - from chanting nothing but the
‘Structure’ mantra, yet very few understand the real importance of
‘Context’ in Systems Engineering. This, I have come to believe, is because
most solutions are built to function within either closed problem spaces or
restricted communities. In such circumstances those building the systems
often come from within and carry with them implicit knowledge and
experience of the context in which their solutions will be used. But the
wider Web is not like. It is a vast and open problem space by definition
and is open to multiple uses and interpretations from numerous communities
with radically different profiles, needs and expectations.

Recent discussions on our mailing list, concerning self-organisation and
the Semantic Web (i.e. Sony’s recently patented technologies), have also
reminded me that the W3C’s endeavours to establish a rich semantic
framework for the Web have specifically centred on descriptive approaches.
As such, for descriptive frameworks, if all the elements in the above
equation are not present with sufficient strength, it quickly breaks down
and is overpowered by self-interpreted, prescriptive approaches, typically
boiling down to nothing more than human intelligence, intuition and
instinct: obviously the antithesis of the original machine-understandable
aspiration for the Semantic Web.

For these reasons I believe that if constructs are not included to
explicitly specify context, when substantial semantic metadata
technologies, like RDF/A, move down onto the ‘clickable’ Web they will be
prone to misuse through: -

o     Misunderstanding by genuine inexperienced enthusiasts. It is easy to
say, but ‘a little knowledge is a dangerous thing’ and the cumulative
effect of large amounts of inaccurate and incomplete metadata on the Web
may well have significant and unexpected repercussions
o     Deliberate misuse by experts with malicious and/or unlawful
intentions.

Hence I have included the following use cases to illustrate potential
misuses of RDF/A:-

1.    To Establish False Trust and Authority – Given that XHTML fragments
can be used as RDF/A objects, they could be seen to include the potential
dangerous elements, like a Java applets, scripts etc, aimed at deliberately
distributing malicious code in the form of viruses, spammers, spyware etc.
Given that associated RDF/A could be used to deliberately disseminate false
information about such objects and their associated payloads, there are
obvious issues around both establishing trust in and the authority behind
metadata in open problems spaces such as the ‘clickable Web’.
2.    To Encourage Misdirection and Distraction – One obvious use of RDF/A
is to augment hyperlinks and act as a form of formal signposting mechanism.
Again, if false information is provided that cannot be trusted, this could
be used to misdirect users to unwanted and potentially dangerous URL’s.
Furthermore, in the case of automated agents, I see a potential here to
distract attention while sniffer routines probe for potential security
weaknesses.
3.    The Concealment of Hidden Codes, Messages and Cyphers  - I appreciate
that there are already a number of mechanisms available to hide information
on the Web, but RDF/A surely offers a fresh opportunity. Given the current
climate of global terrorism, I think it would be unwise not to highlight
this fact from a Best Practices standpoint.
4.    Chaotic Meta-behaviour – It is highly likely that the Semantic Web
will play a significant part in the establishment of dynamic
self-organising ‘meta-systems’ in the future, with disparate ontologies
being joined by higher levels of abstracted technology. Without proper
controls in place to dictate appropriate context there is obvious risk
involved.

Your comments would be greatly valued.

Kind regards

Phil Tetlow
Senior Consultant
IBM Business Consulting Services
Mobile. (+44) 7740 923328

Received on Friday, 19 November 2004 13:05:52 UTC