2016 International Conference on Global Trends in Signal Processing, Information Computing and Communication
Study and Design of Ontology for Cloud Based
Web Services Attacks: A Survey
S.M.Chavan
Assistant Professor
Dept of IT
Government Engineering College
Aurangabad
rathod.sb@gmail.com
Abstract Among the various applications of high
performance computing, security of cloud computing is very
essential and greater awareness in India. Security issues in
cloud are very challenging, as the data are roaming without any
control. The need to keep the security as well as privacy of the
information in the cloud becomes a critical issue. On the basis of
cloud architectures we can specify the security rules for the web
application attacks. In this paper we go through study, design
and purpose of ontology containing encryption algorithms. Here
ontology describes the security rule specification. Encryption
algorithm describes comparision of performance among different
algorithms. The main focus of this kind of work is to present a
study of cloud security policy using some encryption algorithm
based on ontology. This study will follow the ontology framework
build for security policy rules. This paper also discusses cloud
based web services attacks, design of semantic rules, and
detection of malicious traffic over internet as well as tools for
handling ontology.
Keywords Cloud computing; vulnerability; ontology; data
encryption; security management.
I. INTRODUCTION
Cloud computing have three types of cloud service models.
First one is Infrastructure as a service, second is platform as a
service and third is software as a service.High performance
computing supports for the three cloud models as public cloud,
private cloud as well as hybrid cloud. We can describe ontology
as specification of a conceptualization, reality models in
the different system combined together with their properties.
Pascal Meunier [1] in his book defined meaningfully to
represent, or broadcast knowledge about vulnerabilities, attacks,
because of that we require ontology. Paper [2] Abdul Razzaq et
al. (2014) proposed security ontology which provides different
taxonomies for malacious contents includes threats,
vulnerabilities as well as types of attacks. Paper states ontology
is a precise design which captures its context. There is need
of special kind of system like semantic system which
describes a complete overview and can recognize the depth of
application with its data for attacks. Validation based on
overview that is
978-1-5090-0467-6/16/$31.00 2016 IEEE
Dr.S.C.Tamane
Associate Professor
Dept of IT
MGMs Jawaharlal Nehru Engineering
College Aurangabad
Sharvaree73@yahoo.com
Semantic information which focuses on special kind of data,
nature of commands which are dangerous. Thus system will
detect complicated attacks much more efficient way by
analyzing the user requests for finding attacks possibility.
Proposed system in paper [2] highlights semantic analysis of the
HTTP traffic about network flow but can be extended for other
application protocols such as SMTP, HTTPS, FTP and others.
Many times ontological representations can be easily shared,
refined, reused between entities in a domain. We can develope
model of ontology with description logic that is conceptual
knowledge which was defined by the web ontology language.
The Horn Logic declarations are inference rules given in the
paper are implemented using the Jena Apache API. By using
Jena Apache API system is platform and technology
independent. Paper [3] author Chang Choi, Junho Choi and
Pankoo Kim focuses on access control model based on ontology
called as Onto-ACM which describes dynamic access control.
In Onto-ACM semantic analysis model given that address
differences in the specified limit between different service
providers with users. Gurupreetsingh et.al (2013) has done the
comparison of all available encryption algorithms like RSA,
DES, 3DES, AES for information security purposes. The
generation, updation and transfer of keys have been done by
the described algorithms. The paper[4] Gurupreetsingh and
Supriya find different terms about speed and that gives
advantage of using cloud computing resources for
implementing security algorithms which are used in
businesses to secure large number of data. They used different
kinds of algorithms like an asymmetric algorithm RSA, a
hashing algorithm MD5 and an asymmetric algorithm AES
.Vijay Varadharajan and Udaya Tupakula [11] described
techniques based on range of attacks and malicious content
against specific services like DNS, database and web servers
within a same domain. Attack range between the virtual
machines in different domains, in this paper near about twenty
papers survey is done. Discussions are made according to the
survey.A further section compares actual work, methodologies
and comparative work among the different papers.
24
 II. RELATED WORK
Abdul Razzaq et al.[2] discusses intrusion detection system
based on anomaly which will find out the behavior of the
incoming stream that is request against specified profile and
organize all content as malicious. He used different kinds of
intrusion detection systems like signature based was
previously recognized vulnerabilities or attacks and applies
algorithms as raw pattern matching to detect threats from
security. Such type of mechanisms for detection is applied at
the level called network level, by analyzing network traffic
and at application level, by monitoring server logs. Various
attacks Signatures are often effectiveless while preventing
attacks like zero day. A statistical IDS technique for anomaly
detection uses taxonomy for the detection of various types
attacks based on web application using statistical methods.
Role-based access control model in reference paper [3] is
versatile and confirms closely to the organizational model used
in various fields. Classification by Role meets such type of
requirement by separating roles by users. Rights by access
given to roles are different depending on users. Context-aware
access control based on roles model is an extension of
traditional access control based on roles model that permits
security related administrators which define policies like
context oriented access control enriched with purposes. Access
control by role is to take care of access which is i l le g a l f o r
various kinds of systems in all computing types. Gurupreetsingh
et.al (2013) describe to find terms about ration of speed
which is benefiecial for the use of resources by cloud for
implementing security algorithms described in the paper.
Different kinds of algorithms are used first one is RSA an
asymmetric encryption algorithm, next is MD5 a hashing
algorithm and AES symmetric encryption algorithm. The
comparison with nine factors of all above mentioned
algorithms DES, 3DES and AES by cipher type, key length,
security, block size, different keys by addition of ASCII keys,
character keys and computing Time to check all keys per
second. Study of paper [4] shows that AES is better than DES
and 3DES. It has been seen that the system strength depends
on the m a n a g e m e n t of key, type of cryptography p u b l i c or
private keys, how many number of keys, calculate bits number
within a key. Larger length of the key, more secure
transmission. Jinho Seol et.al (2016) described keys are
formulated upon how the mathematical equations or formulas
are used for the flow of data. Computation time depends upon
the number of keys used as per the time for the encryption of
available data. Threats of security by cloud administrators are
critical and feasible. Service providers of cloud are mainly
described with threats of security from external attacks instead
of internal attacks. This focus obstructs the importance of cloud
computing. Proposed system was presented a cloud system
architecture which consists of small applications through virtual
machine to stop cloud administrators of guest VMs from
affecting the security [6]. Vijay Varadharajan et.al (2016) have
developed an integrated security architecture which integrates
access control security, intrusion detection techniques
trusted computing technologies for securing distributed virtual
machine based systems. Vijay varadharajam
and Udaya Tupakaula [7] implemented how integrated model
is able to detect a range of attacks. Proposed system described
the integrated architecture implementation. System showed in
detail how architecture can be used to counteract a range of
attack scenarios such as privilege escalation attacks and using
the compromised machines to generate further attacks,
exploiting vulnerabilities in security tools with attacks on tenant
online services. Dimitris Zissis et.al (2012) given introduction
of third party which is trusted, scheduled with specific security
characteristics within a cloud infrastructure or cloud domain.
The given solution identifies SSO or LDAP, operating
cryptography for public key infrastructure in connection to
ensure the confidentiality, authentication, integrity of involved
communications and data.The solution, presents a level of
service called horizontal, which is available for all implicated
entities, which realizes a network of securityfrom which
essential trustful environment is maintained. Authors identified
cloud environments generic design principles for which base is
the requirement to control applicable threats and
vulnerabilities. To work like systems design information
approaches and software engineering were adopted. Cloud
environment security requires a systemic point of view, from
which trustful security should be maintained for the mitigating
of protection to a trusted third party [8]. Research survey of
paper [9] provides all about MAC security policy usage.
III. METHODOLOGY
Vijay Varadharajanet al. (2016) describes example
scenarios like zero day attacks, signature and anomaly based
attacks, offline anomaly detection analysis discussed in paper
[11].
A. Models of ontology for web security
Protocol ontology (Ex-HTTP) provides the foundation for
developing an attack ontology model. It is important in
detecting attack like scenario attack vulnerability. Several
important security aspects are given by Ontology. It contains a
number of concepts like web application attacks,
communication protocols used by the attack encoding methods
which provide the binding to attack using ontology. Malicious
input exploits Vulnerabilities. Components of system affected
by these types of attacks .The cost of each attack and control
applied to mitigate such attacks [2].
B. Semantic web application security
System uses a defense in depth strategy by providing
detection methods at multiple layers. The first layer called as
initial of resistance uses the ontological model of the
communication protocol. This model provides protection for the
protocol specification and related attacks. The second layer
normalizes the requests from the user by decoding them in a
standardized format which helps to mitigate encoding based on
and attacks. The next layer will use an ontological model of well
known attacks against a negative security model and the last
layer gives the knowledge of application profiles through a
positivesecuritymodel.[2].
25
 C. Frameworks
The paper [3] uses frameworks like context analysis engine,
access control module, inference engine, ontology handler,
policy checker, abstraction description in cloud computing
environments. R. Sivakumar et al. (2011) proposed Protg
tool is popular for the ontology revelation called protg tool
applied for further improvement in various regulations for better
understanding of domain knowledge. The purpose of this
work is to present a study on application of different methods.
These techniques are used for the improvement of different
kinds of protg revelation tools and classify their quality and
aspects. In the area of ontology visualization it is supportive
method selection and encourages future research [20].
D. Semantic web application security
Harshal A. Karande et al. paper [12] proposes syntax based
validation provides the size where validation is semantic based
will focus on format, specific data, and understand potentially
dangerous commands. Proposed system is able to address all
these facts through usally updating of knowledge base. Also
proposed systems mitigate the different types of attacks like
web application successfully and easily able of overcome the
existing strategy of original management of treats and attacks
by hackers. Protocol ontology in this system we have focused
on the HTTP protocol because it is establishment of data
communication for World Wide Web. Logic based context
reasoning can be employed based on functionality. Rule based
reasoning specify semantic rules which can be defined that
will manipulate the ontology logic. Standard rule languages
are used for defining rules or can be written in a variant of a
language supported by a specific reasoner.
E. Algorithms
Gurupreetsingh et.al (2013) describes the key updation,
generation, and transportation which are done by the
encryption algorithm. These types of algorithms are called as
cryptographic algorithm. Many security algorithms existing in
the market to encrypt means to hide the data. The power of
encryption algorithm basically depends on computer system
which can be used for the key generation. Key generation
procedure, encryption and decryption for each and every
algorithm are described.
III.COMPARATIVE ANALYSIS
In reference paper [2] proposed method is of detecting and
classifying web application attacks. Solution is an ontology
based method. It specifies attacks based on semantic rules web
application, the situation of significance and the requirements of
application protocols. The model of ontology was generated
using logic description that is the Web Ontology Language.
Horn logic statements with inference rules which can be
implemented using the API of apache JENA structure. Problem
solved like performance of system and detection capability is
significantly good than old solutions.Work effectively detects
attacks based on web application at the same time as generating
few false positives. Disadvantages of the system are generic
rule generation mechanism with
26
interoperability rules could be interchanged between this system
and other security applications which are not possible.
Reference paper [3] proposes onto ACM called Ontology- based
access control model, analysis model called semantic which
address in difference with given access control of users and
service providers. System provides intelligent context aware
access model for positively applying the access level of
resource based on semantic analysis method ontology
reasoning. Semantic analysis model classify differences in the
given limit between users and service providers. communication
interface access control module ,cloud service
providers.,Providers context analysis engine, tools like
ontology handler provides locality of all resources that can be
viewed based on their context information and role ex.
transaction list for access demand, approval of rules with
OWL for analyzing context information and gathering
Problem solved in this system are better for protecting and
insider intrusions prevention like role based and context
based,which provides dynamic access control. Advantages of
the system are convenience and efficient for policy management
by admin and users, disadvantages of the system, if ontology
handler does not recognize specific rules or policy for context
data then only data flow is there without any control. System
can be useful in organizations and data centers.Paper[4] makes
algorithm comparisons while considering all parameters
depending on memory usage computation time and output
byte. Survey is given to combine all the techniques which are
helpful for real-time applications. The system can add
combination of algorithms both ways applied as sequentially or
parallel, to buildup much more secure environment for storing
data and retrieving data. In paper [6] the proposed architecture
defends against wide attack vectors and also accomplishes a
tiny TCM target cloud model (low cost embedded processor).
System propose architecture of cloud in which critical
processes and data affecting on VMs .the guest VMs security
are isolated from specified domains and administrators of cloud.
The environment called as cryptographic for the encryption and
integrity checking should be separated from specified
domains. Used cryptographic key and integrity with hash data
of VM images should be isolated from administrators of cloud
to prevent potential threats of security. System provides secure
management, secure storage, good scalability and performance
of I/O. problems solved in the system are, the data of cloud
users from cloud administrators is isolated by using
architecture. The data of cloud users are protected with
malicious cloud administrators, compromised specified domain
or malicious specified domain. The proposed system offers
functionality of security against wide attack vectors .It shows
I/O performance, showing its feasibility on cloud.
Disadvantages of the system are service providers cloud is
mainly related with security threats from external attack types
rather than internal attack types. Vijay varadharajam and
Udaya Tupakaula [7] gives policy based access control like
through some firewalls with ID techniques and trustful
computing technologies for security of distributed applications
on virtualized system that is on distributed computing. Secure
communication of applications and VM in different distributed
servers.Tenat Virtual domain that is TVD allows security policy
based grouping like same kind of virtual machines running on
distributed machine. There is cloud cluster domain. Attacks
such as SQL injection, buffer overflow, and cross site scripting
are detected. Advantages of system, organizations TVD can be
used describing security policies and usage of domain. System
detect attacks by monitoring any violations of access control
policies that is RBACP, limitations of the system are it cannot
support for more range of attacks ,authors can extend it to more
range of attacks. Further it can extend to test on multiple
softwares instead of only one. Paper [9] described range of
Information flow control models, data protection of tenants and
providers, MAC security policy, security labels with data and
principles at Information flow control, protection in hardware
and OS. System makes provision of Information flow control
with three cloud services. Paper also discusses about Policy
specification, translation, enforcement, audit logging. System
can overcome problems with sensitive data. Disadvantages of
the system are Mac security policy is used for all users but
specifically it is for only sensitive type of information.
Reference paper [15] focused to apply the idea in other areas to
examine the automatic verification of the results. These types of
areas can use medical case studies and law documents which
uses multiple descriptors from different views. The automatic
construction of an ontology which can classify, assist, and
retrieve relevant services, without any preparation by previously
developed methods. This work gives bootstrapping process of
ontology for web services. It generates the advantage that web
services always consist of WSDL and free text descriptors. The
WSDL descriptor is seen using two methods first is term
Frequency or Inverse document frequency and second is
web context generation. Given ontology bootstrapping process
integrates the results of both methods and applies a second
method to confirm the concepts using the service free text
descriptor, thereby offering a more accurate definition of
ontologies. The bootstrapping process of ontology is based on
analyzing a web service using three different methods; each
method will represent a different point of view of the web
service. Result is the process provides a correct definition of the
ontology and give better results. Web Service annotation
ontology creation and evolution Ontology Evolution of Web
Services.
IV. DISCUSSIONS
Authors of article [10] describe study of HTTP vulnerability
attacks and private port attack as shown in table [1].
Table 1 Attack Analysis
Traditional Ontology Based IDs DR
27
HTTP RESPONSE SPLITTING 80.28
HTTP REQUEST SMUGGLING 78.69
CACHE POISONING 85.90
CROSS USER DEFACEMENT 85.20
DOS 84.44
This attack analysis can lead to XSS, web cache poisoning,
cross user defacement, browser cache poisoning and cloud
cluster poisoning. Injection types are Cross site scripting attacks
in which malicious scripts are injected. First attacker will use
XSS to send a script which is malicious to an unsuspecting user.
When data enters a web application XSS attack can occur
through an untrusted source, like web request. The data is
included as a dynamic content which is sent to a web user
without any validatation for malicious content, consider
example cookie grabber. Different targets are used In HTTP
splitting which can use different techniques to decide when the
first starting HTTP message ends and when the second starts.
Some targets consider message will be carried out by packets,
some will use message boundaries. The request will send by
using POST as a substitute of GET considers several
application servers which allow these functions. HTTP
smuggling leverages the different ways that a usually HTTP
message can be parsed and interpreted by agents like web
caches, browsers, application firewalls. Consider Example is
bypass of an application firewall. Web cache poisoning is a
new attack. The attacker simply forces the target for example
to send a request to force the target as cache server to cache the
response of second request which is fully controlled by the
attacker. Single user, single page, and temporary defacement
are the Cross defacement attacks in which the target can share
the same connection of TCP with the server among large
number of users. The attacker to deface the site for a single page
local as well as temporary requested by single user.DoS attacks
are more damaging. Paper [13] defines ontologies are at the
heart of research and numerous vulnerability evaluation
projects. A formal explicit description of ideas in a domain of
discourse, properties of every idea describing various features
and attributes of the concept, and limits on properties called
Ontology. Conceptualization of a domain of interest is called
ontology. Examples of vul- nerabilities are session riding,
hijacking, virtual machine escape, and insecure or obsolete
cryptography. One possibility that an attacker might
successfully escape from a virtualized environment lies in
virtualizations environment. Consider this vulnerability as
intrinsic to virtualization and highly relevant to (HPC) cloud
computing. Another is, web application technologies must
overcome the problem that, by design, a
Stateless protocol called as the HTTP protocol, exactly By Analysis we can overview the effectiveness of proposed
opposite is Web applications which require some kind of threats and evaluation of actual effects after they are actually
session state [14]. Vaishali Singh et al. (2014) proposes used [17].
following types of ontologies

A. Generalized Security Ontologies

This type of ontologies aim and binding all security aspects
as well as creates explicit terminology of the domain.this will
agree with various stakeholders to develop and contribute to a
general perceptive of knowledge like logical.

B. Specific Security Ontologies

This type of ontologies were proposed in diverse
computational models, which give a common terminology for
describing truths related to web services, network,
requirements of risk, security and application based security
etc. Fig.1. Vulnerability Structure

C. Network Security Ontologies

This type of ontologies are imperfection in networks and
applications are becoming gradually more important, and the
distribution of errors and attacks defined may not be stationary
[16].
D. Vulnerability ontology
Vulnerability information given from various resources such
as in table2.Important key factor is security vulnerability in
clouds. Vulnerability is a well-known feature of risk that a
given threat will develop vulnerabilities of a group of assets
and cause destruction to the association. Vulnerability
describes probability thats benefit will be unable to oppose
the agent actions of threat. It exists when force is applied by
both way by agent or Vulnerability. Its analysis also called as
assessment of vulnerability which is a process that identifies
and classifies the holes related to security as vulnerabilities in
a computer, networking, or communications infrastructure.
Table 2 Vulnerability Analysis
SOURCES VULNERABILITY USEFUL
INFORMATION
Cloud architecture SaaS classifies vulnerabilities into web
application and simple vulnerabilities. Web application
vulnerabilities contain XSS attacks or malicious file
execution. Simple vulnerability contains malicious input,
common vulnerability scoring system (CVSS) classifies the
vulnerabilities into low, medium, high as in table [2].This kind
of vulnerability structure is used to design ontology for
vulnerabilities[18].
E. Protocol ontology
System considers HTTP protocol structure for designing
protocol ontology. Message contains HTTP request and HTTP
response. GET method or by POST method HTTP request can
be applied and is by writing URL into web browser valid.URL
is extracted from the HTTP header .Request header contains
cookies, paravalue, malicious input which causes vulnerability.
HTTP response contains status line, header, content.status line
have zero or more header or empty line. Three digit integer is
Status code element describes the class of response is first
digit of the status code and not have any categorization role are
last two digits.

NATIONAL SOFTWARE VULNERABILITY

NO
INFORMATION
VULNERABILITY
DATABASE (NVD)

OWASP (OPEN WEB LIST OF TOP 10 MOST CRITICAL YES

APPLICATION ERABILITIES
SECURITY PROJECT)

CWE (COMMON WEAKNESSES IN SOURCE CODE

WEAKNESS AND OPERATIONAL SYSTEMS, NO
ENUMERATION) RELATED TO ARCHITECTURE
AND DESIGN

SEVERITY OF THE
COMMON VULNERABILITY CLASSIFY YES
VULNERABILITY INTO HIGH, MEDIUM AND LOW
SCORING
SYSTEM(CVSS) Fig. 2. Protocol Structure

28

V. FUTURE WORK
Future research will use HTTP request in virtual domain.
This work can be extended by using encryption algorithms
while data transmission. For the validation purpose system may
identify attacks semantically, identify traffic. System may use
ontology based model with cloud domain with admins and
users.
VI. CONCLUSION
As per survey of reference papers, implementation of
ontology captures context of important web application attacks,
various techniques used by the hackers, source and target of the
attack vulnerabilities.This controls the policies for mitigation
of these attacks.This ontological model of attack detection
allows to successfully capturing the input which is important in
designing and developing mechanisms against web attacks.
Ontology generation system can propose open source tools
like Protg tool. Implementation of new encryption algorithm
can be proposed to provide high level of security for cloud
traffic.System can propose resources provisioning and
optimization techniques through soft computing methods.Thus
System can able to develop ERP for any organization or
industry.
References
[1] Pascal Meunier, Technical a r t i c l e Wiley Handbook of Science and
Technology for Homeland Security Classes of Vulnerabilities and Attacks
Article ID: CS03.
[2] Abdul Razzaq, Khalid Latif, H. Farooq Ahmad, Ali Hur, Zahid
Anwar, Peter Charles, Semantic security against web
attacks A. Razzaq et al. / Information Sciences 254. 19-38,2014
[3] Chang Choi, Junho Choi, Pankoo Kim, Ontology-based access
control model for security policy reasoning in cloud
computing. Springer Business Media New York.711-
.10.1007/s11227-013-0980-1, 2013.
[4] Gurupreetsingh and Supriya,A Study of Encryption Algorithm
(RSA, DES, 3DES, AES), International Journal of Computer
Applications. (0975-8887) volume 67 No 19. 33-38, 2013.
[5] E-book soft computing techniques.
[6] Jinho Seol, Student Member, Seongwook Jin, Student Membe,
Daewoo Lee, Jaehyuk Huh, and Seungryoul Maeng, A Trusted IaaS
Environment with Hardware Security ModuleIEEE transaction on
service computing. VOL. 9, NO. 3. 343-356, 2016.
[7] Vijay Varadharajan, Senior Member, IEEE, and Udaya Tupakula,
On the Design and Implementation of an Integrated Security
Architecture for Cloud With Improved Resilience IEEE Transactions
on Cloud Computing DOI
29
10.1109/TCC.2016.2535320, 2016.
[8] Dimitrios Zissis , Dimitrios Lekkas,Addressing cloud
computing security issues Future Generation Computer Systems
28, ELSEVIER. 583592, 2012.
[9] Jean Bacon, David Eyers, Thomas F. J.-M.Pasquier, Jatinder
Singh, Ioannis Papagiannis, and Peter Pietzuch, Information
Flow Control for Secure Cloud Computing.,IEEE Transactions
on network and service management VOL. 11, NO. 1, 76-89,
2014.
[10] Randy Marchany, Cloud Computing Security Issues NIST
cloud working group.
[11] Vijay Varadharajan and Udaya Tupakula,Securing Services in
Networked Cloud Infrastructures, IEEE Transactions on Cloud
Computing,DOI10.1109/TCC,2570752,pp.1-14,2016.
[12] Mr. Harshal A. Karande1, Miss. Pooja A. Kulkarni2, Prof.
Shyam S. Gupta3, Prof. Deepak Gupta4, Security against Web
Application Attacks Using Ontology Based Intrusion Detection
System, International Research Journal of Engineering and
Technology (IRJET) e-ISSN: 2395 -0056 Volume: 03 Issue: 01,
pp.89-92, Jan2016.
[13] Srujan Kotikela1; a, Krishna Kavi2; a, and Mahadevan
Gomathisankaran,Vulnerability Assessment In Cloud
Computing, pp.1-7.
[14] Understanding Cloud Computing Vulnerabilities
Published by the IEEE computer and relibility socities 1540-
7993/11/$26.00 2011 IEEE MARCH/APRIL 2011.
[15] Aviv Segev, Member, IEEE, and Quan Z. Sheng,
Bootstrapping Ontologies for Web Services, IEEE
TRANSACTIONS ON SERVICES COMPUTING, VOL. 5, NO.
1, pp. 33-44, JANUARY-MARCH 2012.
[16] Vaishali Singh S. K. Pandey, Revisiting Security
Ontologies ,International Journal of Computer Science Issues,
Volume 11, Issue 6, No 1,pp. 150-159, November 2014.
[17] CloudComputing,
http://en.wikipedia.org/wiki/Cloud_computing
[18] Stefan Fenz. Security Ontology
http://stefan.fenz.at/research/security-ontology/
[19] JoaqunLasheras, Rafael Valencia-Garca,
JesualdoTomsFernndez-Breis and AmbrosioToval, Modelling
Reusable Security Requirements based on an Ontology
Framework
http://ws.acs.org.au/jrpit/JRPITVolumes/JRPIT41/JRPI
T41.2.119.pdf
[20] R.Sivakumar and P.V.Arivoli,Ontology visualization
protg tools A review, International Journal of Advanced
Information Technology (IJAIT) Vol. 1, No. 4, pp.1-11, August
2011.