Ontology for the representation of aspects related to certificates (SSL, CFCA, etc.)
Release 2021-04-19
- This version:
- http://w3id.org/devops-infra/certificate/1.0.0
- Revision:
- First official release
- Authors:
- Oscar Corcho, (Ontology Engineering Group - Universidad Politécnica de Madrid)
- Raúl Alcázar, (Ontology Engineering Group - Universidad Politécnica de Madrid)
- David Chaves-Fraga, (Ontology Engineering Group - Universidad Politécnica de Madrid)
- Jhon Toledo, (Ontology Engineering Group - Universidad Politécnica de Madrid)
- Julián Arenas, (Ontology Engineering Group - Universidad Politécnica de Madrid)
- Mingxue Wang, Huawei Research Ireland
- Hu Peng, Huawei Research Ireland
- Nicholas Burrett, Huawei Research Ireland
- José Mora, Huawei Research Ireland
- Puchao Zhang, Huawei Research Ireland
- Publisher:
- Ontology Engineering Group, (Universidad Politécnica de Madrid)
- Imported Ontologies:
- skos
- devopscore
- Download serialization:
- License:
- Cite as:
- Oscar Corcho, Raúl Alcazar, David Chaves-Fraga, Jhon Toledo, Julián Arenas, Mingxue Wang, Hu Peng, Nicholas Burrett, José Mora, Puchao Zhang. Ontology for the representation of aspects related to certificates (SSL, CFCA, etc.). Revision: First official release. Retrieved from: http://w3id.org/devops-infra/certificate
Abstract
This ontology has been created in the context of a collaboration between the Ontology Engineering Group and Huawei Research Ireland
Table of contents
- 1. Introduction
- 2. Ontology for the representation of aspects related to certificates (SSL, CFCA, etc.): Overview
- 3. Ontology for the representation of certificates: Description
- 4. Cross reference for Ontology for the representation of aspects related to certificates (SSL, CFCA, etc.) classes, properties and dataproperties
- 4.1. Classes
- 4.2. Object Properties
- 4.3. Data Properties
- 5. References
- 6. Acknowledgements
Introduction back to ToC
This is a place holder text for the introduction. The introduction should briefly describe the ontology, its motivation, state of the art and goals.
Namespace declarations
| devopscert | <http://w3id.org/devops-infra/certificate> |
| core | <http://w3id.org/devops-infra/core> |
| owl | <http://www.w3.org/2002/07/owl> |
| rdf | <http://www.w3.org/1999/02/22-rdf-syntax-ns> |
| terms | <http://purl.org/dc/terms> |
| xsd | <http://www.w3.org/2001/XMLSchema> |
| skos | <http://www.w3.org/2004/02/skos/core> |
| devops-infra | <http://w3id.org/devops-infra> |
| rdfs | <http://www.w3.org/2000/01/rdf-schema> |
| vann | <http://purl.org/vocab/vann> |
| dc | <http://purl.org/dc/elements/1.1> |
Ontology for the representation of aspects related to certificates (SSL, CFCA, etc.): Overview back to ToC
This ontology has the following classes and properties.
Classes
- Certificate Signing Request
- CFCA (China Financial Certification Authority) Certificate
- Digital Certificate
- Digital Certificate Bundle
- Digital Certificate Deployment
- SSL Certificate
Object Properties
- contains certificate
- has certificate deployment
- has certificate signing request
- uses digital certificate
Data Properties
- certificate application person
- certificate content
- certificate deployment person
- certificate deployment region
- certificate purchase number
- certificate type
- domain
- expiry date
- issuer
- issuer organisation
- issuer organisation unit
- private key
- public key
- real serial number
- region
- serial number
- service
- site
- start date
- user
- user organisation
- user organisation country
- user organisation email
- user organisation locality
- user organisation state
- user organisation unit
- valid
- vendor
Ontology for the representation of certificates: Description back to ToC
This ontology is focused on the description of aspects related to the management of digital certificates (including DigitalCertificate as well as DigitalCertificateBundle, DigitalCertificateDeployment and DigitalCertificateSigningRequest). All the data properties defined in this ontology are focused on describing the main characteristics of such certificates, as commonly understood in existing standards.
Cross reference for Ontology for the representation of aspects related to certificates (SSL, CFCA, etc.) classes, properties and dataproperties back to ToC
This section provides details for each class and property defined by Ontology for the representation of aspects related to certificates (SSL, CFCA, etc.).Classes
- Certificate Signing Request
- CFCA (China Financial Certification Authority) Certificate
- Digital Certificate
- Digital Certificate Bundle
- Digital Certificate Deployment
- SSL Certificate
Certificate Signing Requestc back to ToC or Class ToC
IRI: http://w3id.org/devops-infra/certificate#CertificateSigningRequest
- has super-classes
- resource c
- is in domain of
- public key dp
- is in range of
- has certificate signing request op
CFCA (China Financial Certification Authority) Certificatec back to ToC or Class ToC
IRI: http://w3id.org/devops-infra/certificate#CFCACertificate
CFCA is a national Authority safety Certification organization which is established by the people's bank of China. CFCA certificates are issued by this organisation
- has super-classes
- Digital Certificate c
Digital Certificatec back to ToC or Class ToC
IRI: http://w3id.org/devops-infra/certificate#DigitalCertificate
Digital Certificates are electronic credentials that bind the identity of the certificate owner to a pair of electronic encryption keys, (one public and one private), that can be used to encrypt and sign information digitally.
- has super-classes
- resource c
- has sub-classes
- CFCA (China Financial Certification Authority) Certificate c, SSL Certificate c
- is in domain of
- certificate application person dp, certificate content dp, certificate deployment person dp, certificate deployment region dp, certificate purchase number dp, certificate type dp, expiry date dp, has certificate deployment op, has certificate signing request op, issuer dp, issuer organisation dp, issuer organisation unit dp, private key dp, real serial number dp, region dp, serial number dp, start date dp, valid dp, vendor dp
- is in range of
- contains certificate op, uses digital certificate op
Digital Certificate Bundlec back to ToC or Class ToC
IRI: http://w3id.org/devops-infra/certificate#DigitalCertificateBundle
A digital certificate bundle is a file that contains root and intermediate certificates.
- has super-classes
- resource c
- is in domain of
- contains certificate op
Digital Certificate Deploymentc back to ToC or Class ToC
IRI: http://w3id.org/devops-infra/certificate#DigitalCertificateDeployment
A Digital Certificate Deployment is the result of deploying a digital certificate in a specific domain and for a specific service on a site.
- has super-classes
- resource c
- is in domain of
- service dp, site dp
- is in range of
- has certificate deployment op
SSL Certificatec back to ToC or Class ToC
IRI: http://w3id.org/devops-infra/certificate#SSLCertificate
An SSL certificate is a data file hosted in a website's origin server. SSL certificates make SSL/TLS encryption possible, and they contain the website's public key and the website's identity, along with related information. Devices attempting to communicate with the origin server will reference this file to obtain the public key and verify the server's identity. The private key is kept secret and secure.
- has super-classes
- Digital Certificate c
Object Properties
- contains certificate
- has certificate deployment
- has certificate signing request
- uses digital certificate
contains certificateop back to ToC or Object Property ToC
IRI: http://w3id.org/devops-infra/certificate#containsCertificate
A Digital Certificate Bundle contains several Digital Certificates
- has domain
- Digital Certificate Bundle c
- has range
- Digital Certificate c
has certificate deploymentop back to ToC or Object Property ToC
IRI: http://w3id.org/devops-infra/certificate#hasCertificateDeployment
A digital certificate can be deployed somewhere, and this is registered as a Digital Certificate Deployment
- has domain
- Digital Certificate c
- has range
- Digital Certificate Deployment c
has certificate signing requestop back to ToC or Object Property ToC
IRI: http://w3id.org/devops-infra/certificate#hasCertificateSigningRequest
A Digital Certificate is obtained after a Certificate Signing Request
- has domain
- Digital Certificate c
- has range
- Certificate Signing Request c
uses digital certificateop back to ToC or Object Property ToC
IRI: http://w3id.org/devops-infra/certificate#usesDigitalCertificate
Different types of entities (domains, servers, etc.) make use of one or several digital certificates
- has range
- Digital Certificate c
Data Properties
- certificate application person
- certificate content
- certificate deployment person
- certificate deployment region
- certificate purchase number
- certificate type
- domain
- expiry date
- issuer
- issuer organisation
- issuer organisation unit
- private key
- public key
- real serial number
- region
- serial number
- service
- site
- start date
- user
- user organisation
- user organisation country
- user organisation email
- user organisation locality
- user organisation state
- user organisation unit
- valid
- vendor
certificate application persondp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#certApplyPerson
The person in charge of the certificate application
- has super-properties
- top data property
- has domain
- Digital Certificate c
- has range
- string
certificate contentdp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#certificateContent
The content of the certificate
- has super-properties
- top data property
- has domain
- Digital Certificate c
- has range
- string
certificate deployment persondp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#certDeployPerson
The person in charge of the certificate deployment
- has super-properties
- top data property
- has domain
- Digital Certificate c
- has range
- string
certificate deployment regiondp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#certDeployRegion
The region for the certificate deployment
- has super-properties
- top data property
- has domain
- Digital Certificate c
- has range
- string
certificate purchase numberdp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#certPurchaseNumber
The purchase number of the certificate
- has super-properties
- top data property
- has domain
- Digital Certificate c
- has range
- string
certificate typedp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#certType
The type of certificate
- has super-properties
- top data property
- has domain
- Digital Certificate c
- has range
- string
domaindp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#domain
Also referred to as common name (CN). It is the fully qualified domain name for the certificate, the deployment of the certificate, or the certificate signing request. For example, *.example.org
- has super-properties
- top data property
- has range
- string
expiry datedp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#expiryDate
The expiry date of the certificate
- has super-properties
- top data property
- has domain
- Digital Certificate c
- has range
- date
issuerdp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#issuer
The issuer of the certificate, also known as issuer common name
- has super-properties
- top data property
- has domain
- Digital Certificate c
- has range
- string
issuer organisationdp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#issuerOrganisation
The organisation that issues the certificate
- has super-properties
- top data property
- has domain
- Digital Certificate c
- has range
- string
issuer organisation unitdp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#issuerOrganisationUnit
The organisational unit that issues the certificate
- has super-properties
- top data property
- has domain
- Digital Certificate c
- has range
- string
private keydp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#privateKey
The private key of the certificate or the certificate signing request
- has super-properties
- top data property
- has domain
- Digital Certificate c
- has range
- string
public keydp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#publicKey
The public key of the certificate signing request
- has super-properties
- top data property
- has domain
- Certificate Signing Request c
- has range
- string
real serial numberdp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#realSerialNumber
The real serial number of the certificate
- has super-properties
- top data property
- has domain
- Digital Certificate c
- has range
- string
regiondp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#region
The region for the certificate, the deployment of the certificate, etc.
- has super-properties
- top data property
- has domain
- Digital Certificate c
- has range
- string
serial numberdp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#serialNumber
The serial number of the certificate
- has super-properties
- top data property
- has domain
- Digital Certificate c
- has range
- string
servicedp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#service
The service for which the Digital Certificate is deployed
- has super-properties
- top data property
- has domain
- Digital Certificate Deployment c
- has range
- string
sitedp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#site
The site for which the Digital Certificate is deployed
- has super-properties
- top data property
- has domain
- Digital Certificate Deployment c
- has range
- string
start datedp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#startDate
The start date of the certificate
- has super-properties
- top data property
- has domain
- Digital Certificate c
- has range
- date
userdp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#user
The user of the certificate or certificate signing request, also known as user common name
- has super-properties
- top data property
- has range
- string
user organisationdp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#userOrganisation
Also known as Organization Name (O). It is usually the legal name of a company or entity that is using the certificate, or has made the certificate signing request, and should commonly include any suffixes such as Ltd., Inc., or Corp. For example, Example Organisation, Ltd
- has super-properties
- top data property
- has range
- string
user organisation countrydp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#userOrganisationCountry
Also referred to as country (C). The two-letter ISO code for the country of the organisation that uses the Digital Certificate or has made the Certificate Signing Request. For instance, ES
- has super-properties
- top data property
- has range
- string
user organisation emaildp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#userOrganisationEmail
Also referred to as email address (EMAIL). The email contact (usually the certificate administrator or IT department) for the country of the organisation that uses the Digital Certificate or has made the Certificate Signing Request. For instance, info@example.org
- has super-properties
- top data property
- has range
- string
user organisation localitydp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#userOrganisationLocality
Also referred to as locality (L). The name of the locality (town, city, village, etc.) of the organisation that uses the Digital Certificate or has made the Certificate Signing Request. For instance, Boadilla del Monte
- has super-properties
- top data property
- has range
- string
user organisation statedp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#userOrganisationState
Also referred to as state (S). The name of the locality (province, region, county or state) of the organisation that uses the Digital Certificate or has made the Certificate Signing Requestte or Certificate Signing Request. For instance, Comunidad de Madrid
- has super-properties
- top data property
- has range
- string
user organisation unitdp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#userOrganisationUnit
Also known as Organizational Unit (OU). It is the organisational unit of the user of the certificate or certificate signing request. It is an internal department/division name. For example, IT Support
- has super-properties
- top data property
- has range
- string
validdp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#valid
It determines whether the certificate is valid
- has super-properties
- top data property
- has domain
- Digital Certificate c
- has range
- boolean
vendordp back to ToC or Data Property ToC
IRI: http://w3id.org/devops-infra/certificate#vendor
The vendor for the certificate
- has super-properties
- top data property
- has domain
- Digital Certificate c
- has range
- string
Legend back to ToC
op: Object Properties
dp: Data Properties
ni: Named Individuals
References back to ToC
Add your references here. It is recommended to have them as a list.
Acknowledgements back to ToC
The authors would like to thank Silvio Peroni for developing LODE, a Live OWL Documentation Environment, which is used for representing the Cross Referencing Section of this document and Daniel Garijo for developing Widoco, the program used to create the template used in this documentation.
A Certificate Signing Request (also known as CSR or certification request) is a message sent from an applicant to a registration authority of the public key infrastructure in order to apply for a digital identity certificate. It usually contains the public key for which the certificate should be issued, identifying information (such as a domain name) and integrity protection (e.g., a digital signature). The most common format for CSRs is the PKCS #10 specification; another is the Signed Public Key and Challenge SPKAC format generated by some web browsers.